public void GetCertificateWithVersion()
        {
            const string VaultName     = "fakevault1";
            const string SecretName    = "secretname1";
            const string SecretVersion = "1aaaaaaa1aa11a1111aaaa11111a1111";
            const string TenantId      = "11111111-1111-1111-aa1a-a1a11a111111";
            const string ClientId      = "11111111-1111-1111-aa1a-a1a11a111111";
            const string ClientSecret  = "a.u8w3FFgwy9v_-5R_5gsT~qf96T~a7e6y";

            var algorithm = ECDsa.Create();
            //     string key = null;
            var path              = Path.Combine(Environment.CurrentDirectory, "TestValidationCertificate.pfx");
            var certificate       = new X509Certificate2(path, "abc123");
            var certificateString = Convert.ToBase64String(certificate.RawData);

            using (var context = ShimsContext.Create())
            {
                ShimKeyVaultKey.AllInstances.KeyGet = new FakesDelegates.Func <KeyVaultKey, JsonWebKey>((key) =>
                {
                    return(new JsonWebKey(algorithm));
                });

                var fakeKey = new ShimKeyVaultKey()
                {
                };

                ShimKeyClient.AllInstances.GetKeyAsyncStringStringCancellationToken = new FakesDelegates.Func <KeyClient, string, string, CancellationToken, Task <Response <KeyVaultKey> > >((client, name, version, cancellationToken) =>
                {
                    var keyVaultFakeKeyResponse = new FakeResponse <KeyVaultKey>(fakeKey, 200, "OK", null);

                    return(Task.FromResult(keyVaultFakeKeyResponse as Response <KeyVaultKey>));
                });


                var testKey  = new ShimKeyVaultKey();
                var response = new FakeResponse <KeyVaultKey>(testKey, 200, "OK", null);

                SetupSecretClientConstructorFakes();
                var vault    = new KeyVault(VaultName, AzureOauthTokenAuthentication.GetOauthTokenCredentialFromClientSecret(TenantId, ClientId, ClientSecret), 3, TimeSpan.FromSeconds(2), TimeSpan.FromSeconds(15), TimeSpan.FromSeconds(10));
                var client   = vault.GetKeysClient(KeyClientOptions.ServiceVersion.V7_1);
                var keyValue = client.GetAsync(SecretName, SecretVersion).GetAwaiter().GetResult();

                Assert.IsNotNull(keyValue, "Certificate failed to retrieve");
                var webKey = (JsonWebKey)keyValue;

                Assert.IsNotNull(webKey, "Web key not expected");
            }
        }
        public void GetCertificateSecret()
        {
            const string VaultName     = "fakevault1";
            const string SecretName    = "secretname1";
            const string SecretVersion = "1aaaaaaa1aa11a1111aaaa11111a1111";
            const string TenantId      = "11111111-1111-1111-aa1a-a1a11a111111";
            const string ClientId      = "11111111-1111-1111-aa1a-a1a11a111111";
            const string ClientSecret  = "a.u8w3FFgwy9v_-5R_5gsT~qf96T~a7e6y";

            var getSecretInvoked = false;
            X509Certificate2 certificateSecret = null;

            using (var context = ShimsContext.Create())
            {
                var path              = Path.Combine(Environment.CurrentDirectory, "TestValidationCertificate.pfx");
                var certificate       = new X509Certificate2(path, "abc123");
                var certificateString = Convert.ToBase64String(certificate.RawData);
                var secret            = new KeyVaultSecretFake($"{VaultName}.vault.azure.net", SecretName, SecretVersion, certificateString);
                var response          = new FakeResponse <KeyVaultSecret>(secret, 200, "OK", null);

                SetupSecretClientConstructorFakes();
                ShimSecretClient.AllInstances.GetSecretAsyncStringStringCancellationToken = new FakesDelegates.Func <SecretClient, string, string, CancellationToken, Task <Response <KeyVaultSecret> > >((client, name, version, cancellationToken) =>
                {
                    getSecretInvoked = true;

                    var fakeResponse = response as Response <KeyVaultSecret>;
                    return(Task.FromResult(fakeResponse));
                });

                var vault       = new KeyVault(VaultName, AzureOauthTokenAuthentication.GetOauthTokenCredentialFromClientSecret(TenantId, ClientId, ClientSecret), 3, TimeSpan.FromSeconds(2), TimeSpan.FromSeconds(15), TimeSpan.FromSeconds(10));
                var client      = vault.GetSecretsClient(SecretClientOptions.ServiceVersion.V7_1);
                var secretValue = client.GetCertificateAsync(SecretName, SecretVersion, CancellationToken.None).GetAwaiter().GetResult();

                certificateSecret = secretValue.Value;
            }

            Assert.IsTrue(getSecretInvoked, "The fake should be used");
            Assert.IsNotNull(certificateSecret, "Certificate is null");
            Assert.IsTrue(string.Equals(certificateSecret.Thumbprint, "A449811985D59FC72303860F51CB95F5D3257141", StringComparison.Ordinal), "Certificate thumbprint not expected");
            Assert.IsTrue(string.Equals(certificateSecret.Subject, "CN=Joe Smith, OU=UserAccounts, DC=corp, DC=praxicloud, DC=com", StringComparison.Ordinal), "Certificate subject not expected");
            Assert.IsTrue(string.Equals(certificateSecret.Issuer, "CN=Joe Smith, OU=UserAccounts, DC=corp, DC=praxicloud, DC=com", StringComparison.Ordinal), "Certificate issuer not expected");
            Assert.IsTrue(string.Equals(certificateSecret.SerialNumber, "67EA381F988D5AA94B1569B978062CFB", StringComparison.Ordinal), "Certificate serial number not expected");
            Assert.IsTrue(certificateSecret.NotBefore == DateTime.Parse("2020-09-09 9:42:40 AM"), "Certificate not before not expected");
            Assert.IsTrue(certificateSecret.NotAfter == DateTime.Parse("2070-09-09 9:52:40 AM"), "Certificate not after not expected");
        }
        public void GetSecretWithVersion()
        {
            const string VaultName     = "fakevault1";
            const string SecretName    = "secretname1";
            const string SecretVersion = "1aaaaaaa1aa11a1111aaaa11111a1111";
            const string SecretValue   = "This is the value fake";
            const string TenantId      = "11111111-1111-1111-aa1a-a1a11a111111";
            const string ClientId      = "11111111-1111-1111-aa1a-a1a11a111111";
            const string ClientSecret  = "a.u8w3FFgwy9v_-5R_5gsT~qf96T~a7e6y";

            var    getSecretInvoked = false;
            string key = null;

            using (var context = ShimsContext.Create())
            {
                var secret   = new KeyVaultSecretFake($"{VaultName}.vault.azure.net", SecretName, SecretVersion, SecretValue);
                var response = new FakeResponse <KeyVaultSecret>(secret, 200, "OK", null);

                SetupSecretClientConstructorFakes();
                ShimSecretClient.AllInstances.GetSecretAsyncStringStringCancellationToken = new FakesDelegates.Func <SecretClient, string, string, CancellationToken, Task <Response <KeyVaultSecret> > >((client, name, version, cancellationToken) =>
                {
                    getSecretInvoked = true;

                    var fakeResponse = response as Response <KeyVaultSecret>;
                    return(Task.FromResult(fakeResponse));
                });



                var vault       = new KeyVault(VaultName, AzureOauthTokenAuthentication.GetOauthTokenCredentialFromClientSecret(TenantId, ClientId, ClientSecret), 3, TimeSpan.FromSeconds(2), TimeSpan.FromSeconds(15), TimeSpan.FromSeconds(10));
                var client      = vault.GetSecretsClient(SecretClientOptions.ServiceVersion.V7_1);
                var secretValue = client.GetAsync(SecretName, SecretVersion).GetAwaiter().GetResult();

                key = secretValue.Value.SecureStringToString();
            }

            Assert.IsTrue(getSecretInvoked, "The fake should be used");
            Assert.IsTrue(string.Equals(key, SecretValue, StringComparison.Ordinal), "Value not expected");
        }