コード例 #1
0
        private static async Task RotatePasswordCoreAsync(
            CredentialRotatePayload payload,
            StringBuilder executionLogs,
            Dictionary <string, string> context,
            AzDoService azdo,
            Payloads.AzureDevOps.VstsServiceEndpoint endpoint,
            GraphServiceClient graph,
            Application application,
            DateTimeOffset now,
            PasswordCredential oldPassCred)
        {
            var newPassCred = await graph.Applications[application.Id]
                              .AddPassword(new PasswordCredential
            {
                DisplayName   = $"AutoGen: {now}",
                Hint          = $"AutoGen: {now}",
                StartDateTime = now,
                EndDateTime   = now.AddDays(payload.LifeTimeInDays)
            })
                              .Request().PostAsync();

            endpoint.Authorization.Parameters.Serviceprincipalkey = newPassCred.SecretText;
            await azdo.UpdateServiceEndpointsAsync(payload.ProjectId, endpoint.Id, endpoint);

            context.Add("Secret Id", newPassCred.KeyId.ToString());
            context.Add("Secret Start Time", newPassCred.StartDateTime.ToString());
            context.Add("Secret End Time", newPassCred.EndDateTime.ToString());
            await graph
            .Applications[application.Id]
            .RemovePassword(oldPassCred.KeyId.Value)
            .Request().PostAsync();

            executionLogs.AppendLine($"App ({application.DisplayName}) password credentail ({oldPassCred.KeyId.Value}) deleted successfully");
            context.Add("Deleted Secret Id", oldPassCred.KeyId.ToString());
        }
コード例 #2
0
        private static async Task RotateCertificateCoreAsync(
            CredentialRotatePayload payload,
            StringBuilder executionLogs,
            Dictionary <string, string> context,
            AzDoService azdo,
            Payloads.AzureDevOps.VstsServiceEndpoint endpoint,
            GraphServiceClient graph,
            Application application,
            DateTimeOffset now)
        {
            var selfSignedCertificate =
                CertificateUtils.CreateSelfSignedCertificateAsync(validForDays: payload.LifeTimeInDays);
            var certificateCredentail = new KeyCredential
            {
                StartDateTime = now,
                EndDateTime   = now.AddDays(payload.LifeTimeInDays),
                Type          = "AsymmetricX509Cert",
                Usage         = "Verify",
                Key           = CertificateUtils.GetPfxAsBytes(selfSignedCertificate)
            };
            var app = new Application
            {
                KeyCredentials = new List <KeyCredential> {
                    certificateCredentail
                }
            };
            await graph.Applications[application.Id].Request().UpdateAsync(app);

            endpoint.Authorization.Parameters
            .ServicePrincipalCertificate = CertificateUtils.GeneratePEMWithPrivateKeyAsString(selfSignedCertificate);
            await azdo.UpdateServiceEndpointsAsync(payload.ProjectId, endpoint.Id, endpoint);

            context.Add("Certificate Key Id", certificateCredentail.KeyId.ToString());
            context.Add("Certificate Start Time", certificateCredentail.StartDateTime.ToString());
            context.Add("Certificate End Time", certificateCredentail.EndDateTime.ToString());
            context.Add("Certificate Thumbprint", selfSignedCertificate.Thumbprint);
        }