public void GetCertificateSecret() { const string VaultName = "fakevault1"; const string SecretName = "secretname1"; const string SecretVersion = "1aaaaaaa1aa11a1111aaaa11111a1111"; const string TenantId = "11111111-1111-1111-aa1a-a1a11a111111"; const string ClientId = "11111111-1111-1111-aa1a-a1a11a111111"; const string ClientSecret = "a.u8w3FFgwy9v_-5R_5gsT~qf96T~a7e6y"; var getSecretInvoked = false; X509Certificate2 certificateSecret = null; using (var context = ShimsContext.Create()) { var path = Path.Combine(Environment.CurrentDirectory, "TestValidationCertificate.pfx"); var certificate = new X509Certificate2(path, "abc123"); var certificateString = Convert.ToBase64String(certificate.RawData); var secret = new KeyVaultSecretFake($"{VaultName}.vault.azure.net", SecretName, SecretVersion, certificateString); var response = new FakeResponse <KeyVaultSecret>(secret, 200, "OK", null); SetupSecretClientConstructorFakes(); ShimSecretClient.AllInstances.GetSecretAsyncStringStringCancellationToken = new FakesDelegates.Func <SecretClient, string, string, CancellationToken, Task <Response <KeyVaultSecret> > >((client, name, version, cancellationToken) => { getSecretInvoked = true; var fakeResponse = response as Response <KeyVaultSecret>; return(Task.FromResult(fakeResponse)); }); var vault = new KeyVault(VaultName, AzureOauthTokenAuthentication.GetOauthTokenCredentialFromClientSecret(TenantId, ClientId, ClientSecret), 3, TimeSpan.FromSeconds(2), TimeSpan.FromSeconds(15), TimeSpan.FromSeconds(10)); var client = vault.GetSecretsClient(SecretClientOptions.ServiceVersion.V7_1); var secretValue = client.GetCertificateAsync(SecretName, SecretVersion, CancellationToken.None).GetAwaiter().GetResult(); certificateSecret = secretValue.Value; } Assert.IsTrue(getSecretInvoked, "The fake should be used"); Assert.IsNotNull(certificateSecret, "Certificate is null"); Assert.IsTrue(string.Equals(certificateSecret.Thumbprint, "A449811985D59FC72303860F51CB95F5D3257141", StringComparison.Ordinal), "Certificate thumbprint not expected"); Assert.IsTrue(string.Equals(certificateSecret.Subject, "CN=Joe Smith, OU=UserAccounts, DC=corp, DC=praxicloud, DC=com", StringComparison.Ordinal), "Certificate subject not expected"); Assert.IsTrue(string.Equals(certificateSecret.Issuer, "CN=Joe Smith, OU=UserAccounts, DC=corp, DC=praxicloud, DC=com", StringComparison.Ordinal), "Certificate issuer not expected"); Assert.IsTrue(string.Equals(certificateSecret.SerialNumber, "67EA381F988D5AA94B1569B978062CFB", StringComparison.Ordinal), "Certificate serial number not expected"); Assert.IsTrue(certificateSecret.NotBefore == DateTime.Parse("2020-09-09 9:42:40 AM"), "Certificate not before not expected"); Assert.IsTrue(certificateSecret.NotAfter == DateTime.Parse("2070-09-09 9:52:40 AM"), "Certificate not after not expected"); }
public void GetSecretWithVersion() { const string VaultName = "fakevault1"; const string SecretName = "secretname1"; const string SecretVersion = "1aaaaaaa1aa11a1111aaaa11111a1111"; const string SecretValue = "This is the value fake"; const string TenantId = "11111111-1111-1111-aa1a-a1a11a111111"; const string ClientId = "11111111-1111-1111-aa1a-a1a11a111111"; const string ClientSecret = "a.u8w3FFgwy9v_-5R_5gsT~qf96T~a7e6y"; var getSecretInvoked = false; string key = null; using (var context = ShimsContext.Create()) { var secret = new KeyVaultSecretFake($"{VaultName}.vault.azure.net", SecretName, SecretVersion, SecretValue); var response = new FakeResponse <KeyVaultSecret>(secret, 200, "OK", null); SetupSecretClientConstructorFakes(); ShimSecretClient.AllInstances.GetSecretAsyncStringStringCancellationToken = new FakesDelegates.Func <SecretClient, string, string, CancellationToken, Task <Response <KeyVaultSecret> > >((client, name, version, cancellationToken) => { getSecretInvoked = true; var fakeResponse = response as Response <KeyVaultSecret>; return(Task.FromResult(fakeResponse)); }); var vault = new KeyVault(VaultName, AzureOauthTokenAuthentication.GetOauthTokenCredentialFromClientSecret(TenantId, ClientId, ClientSecret), 3, TimeSpan.FromSeconds(2), TimeSpan.FromSeconds(15), TimeSpan.FromSeconds(10)); var client = vault.GetSecretsClient(SecretClientOptions.ServiceVersion.V7_1); var secretValue = client.GetAsync(SecretName, SecretVersion).GetAwaiter().GetResult(); key = secretValue.Value.SecureStringToString(); } Assert.IsTrue(getSecretInvoked, "The fake should be used"); Assert.IsTrue(string.Equals(key, SecretValue, StringComparison.Ordinal), "Value not expected"); }