public async Task CreateTrackDocumentAsync(Track mTrack, string tenantName = null, string trackName = null)
{
mTrack.Key = new TrackKey()
{
Type = TrackKeyType.KeyVaultRenewSelfSigned,
ExternalName = await externalKeyLogic.CreateExternalKeyAsync(mTrack, tenantName, trackName)
};
await tenantRepository.CreateAsync(mTrack);
}
private async Task ValidatePrimaryTrackKeyAsync(RouteTrackKey trackKey)
{
var nowLocal = DateTime.Now;
var certificate = trackKey.PrimaryKey.Key.ToX509Certificate();
try
{
if (certificate.NotBefore > nowLocal)
{
throw new KeyException($"Track primary key certificate not valid yet. Not before {certificate.NotBefore.ToUniversalTime():u}.");
}
if (certificate.NotAfter < nowLocal)
{
throw new KeyException($"Track primary key certificate has expired. Not after {certificate.NotAfter.ToUniversalTime():u}.");
}
}
catch (Exception ex)
{
if (RouteBinding.TrackName == Constants.Routes.MasterTrackName && RouteBinding.Key.Type != TrackKeyType.KeyVaultRenewSelfSigned)
{
var mTrack = await tenantRepository.GetTrackByNameAsync(new Track.IdKey {
TenantName = RouteBinding.TenantName, TrackName = RouteBinding.TrackName
});
mTrack.Key.Type = TrackKeyType.KeyVaultRenewSelfSigned;
mTrack.Key.Keys = null;
mTrack.Key.ExternalName = await externalKeyLogic.CreateExternalKeyAsync(mTrack);
await tenantRepository.UpdateAsync(mTrack);
throw new ExternalKeyIsNotReadyException("The old primary master track key certificate is invalid. A new primary external track key certificate is under construction in Key Vault, it is ready in a little while.", ex);
}
throw;
}
}
