public void Setup()
        {
            Credential = TestEnvironment.Credential;
            var httpHandler = new HttpClientHandler();

            httpHandler.ServerCertificateCustomValidationCallback = (_, _, _, _) => true;
            Options = new ConfidentialLedgerClientOptions {
                Transport = new HttpClientTransport(httpHandler)
            };
            Client = InstrumentClient(
                new ConfidentialLedgerClient(
                    TestEnvironment.ConfidentialLedgerUrl,
                    Credential,
                    InstrumentClientOptions(Options)));

            IdentityClient = InstrumentClient(
                new ConfidentialLedgerIdentityServiceClient(
                    TestEnvironment.ConfidentialLedgerIdentityUrl,
                    Credential,
                    InstrumentClientOptions(Options)));
        }
コード例 #2
0
        public void HelloWorld()
        {
            #region Snippet:GetIdentity

#if SNIPPET
            Uri identityServiceUri = "<the identity service uri>";
#else
            Uri identityServiceUri = TestEnvironment.ConfidentialLedgerIdentityUrl;
#endif
            var identityClient = new ConfidentialLedgerIdentityServiceClient(identityServiceUri, new Identity.DefaultAzureCredential());

            // Get the ledger's  TLS certificate for our ledger.
#if SNIPPET
            string ledgerId = "<the ledger id>"; // ex. "my-ledger" from "https://my-ledger.eastus.cloudapp.azure.com"
#else
            var ledgerId = TestEnvironment.ConfidentialLedgerUrl.Host;
            ledgerId = ledgerId.Substring(0, ledgerId.IndexOf('.'));
#endif
            Response response = identityClient.GetLedgerIdentity(ledgerId);

            // extract the ECC PEM value from the response.
            var eccPem = JsonDocument.Parse(response.Content)
                         .RootElement
                         .GetProperty("ledgerTlsCertificate")
                         .GetString();

            // construct an X509Certificate2 with the ECC PEM value.
            X509Certificate2 ledgerTlsCert = new X509Certificate2(Encoding.UTF8.GetBytes(eccPem));

            #endregion

            #region Snippet:CreateClient

            // Create a certificate chain rooted with our TLS cert.
            X509Chain certificateChain = new();
            certificateChain.ChainPolicy.RevocationMode      = X509RevocationMode.NoCheck;
            certificateChain.ChainPolicy.RevocationFlag      = X509RevocationFlag.ExcludeRoot;
            certificateChain.ChainPolicy.VerificationFlags   = X509VerificationFlags.AllowUnknownCertificateAuthority;
            certificateChain.ChainPolicy.VerificationTime    = DateTime.Now;
            certificateChain.ChainPolicy.UrlRetrievalTimeout = new TimeSpan(0, 0, 0);
            certificateChain.ChainPolicy.ExtraStore.Add(ledgerTlsCert);

            // Define a validation function to ensure that the ledger certificate is trusted by the ledger identity TLS certificate.
            bool CertValidationCheck(HttpRequestMessage httpRequestMessage, X509Certificate2 cert, X509Chain x509Chain, SslPolicyErrors sslPolicyErrors)
            {
                bool isChainValid = certificateChain.Build(cert);

                if (!isChainValid)
                {
                    return(false);
                }

                var isCertSignedByTheTlsCert = certificateChain.ChainElements.Cast <X509ChainElement>()
                                               .Any(x => x.Certificate.Thumbprint == ledgerTlsCert.Thumbprint);

                return(isCertSignedByTheTlsCert);
            }

            // Create an HttpClientHandler to use our certValidationCheck function.
            var httpHandler = new HttpClientHandler();
            httpHandler.ServerCertificateCustomValidationCallback = CertValidationCheck;

            // Create the ledger client using a transport that uses our custom ServerCertificateCustomValidationCallback.
            var options = new ConfidentialLedgerClientOptions {
                Transport = new HttpClientTransport(httpHandler)
            };
            var ledgerClient = new ConfidentialLedgerClient(TestEnvironment.ConfidentialLedgerUrl, new DefaultAzureCredential(), options);

            #endregion

            #region Snippet:AppendToLedger

            Response postResponse = ledgerClient.PostLedgerEntry(
                RequestContent.Create(
                    new { contents = "Hello world!" }));

            postResponse.Headers.TryGetValue(ConfidentialLedgerConstants.TransactionIdHeaderName, out string transactionId);
            Console.WriteLine($"Appended transaction with Id: {transactionId}");

            #endregion

            #region Snippet:GetStatus

            Response statusResponse = ledgerClient.GetTransactionStatus(transactionId);

            string status = JsonDocument.Parse(statusResponse.Content)
                            .RootElement
                            .GetProperty("state")
                            .GetString();

            Console.WriteLine($"Transaction status: {status}");

            #endregion

            #region Snippet:GetReceipt

            Response receiptResponse = ledgerClient.GetReceipt(transactionId);
            string   receiptJson     = new StreamReader(receiptResponse.ContentStream).ReadToEnd();

            Console.WriteLine(receiptJson);

            #endregion

            #region Snippet:SubLedger

            ledgerClient.PostLedgerEntry(
                RequestContent.Create(
                    new { contents = "Hello from Chris!", subLedgerId = "Chris' messages" }));

            ledgerClient.PostLedgerEntry(
                RequestContent.Create(
                    new { contents = "Hello from Allison!", subLedgerId = "Allison's messages" }));

            #endregion

            #region Snippet:NoSubLedgerId

#if SNIPPET
            Response postResponse = ledgerClient.PostLedgerEntry(
#else
            postResponse = ledgerClient.PostLedgerEntry(
#endif
                RequestContent.Create(
                    new { contents = "Hello world!" }));
#if SNIPPET
            postResponse.Headers.TryGetValue(ConfidentialLedgerConstants.Headers.TransactionId, out string transactionId);
#else
            postResponse.Headers.TryGetValue(ConfidentialLedgerConstants.TransactionIdHeaderName, out transactionId);
#endif
            string subLedgerId = JsonDocument.Parse(statusResponse.Content)
                                 .RootElement
                                 .GetProperty("subLedgerId")
                                 .GetString();

            // Provide both the transactionId and subLedgerId.
            Response getBySubledgerResponse = ledgerClient.GetLedgerEntry(transactionId, subLedgerId);

            string contents = JsonDocument.Parse(getBySubledgerResponse.Content)
                              .RootElement
                              .GetProperty("contents")
                              .GetString();

            Console.WriteLine(contents); // "Hello world!"

            // Now just provide the transactionId.
            getBySubledgerResponse = ledgerClient.GetLedgerEntry(transactionId);

            string subLedgerId2 = JsonDocument.Parse(getBySubledgerResponse.Content)
                                  .RootElement
                                  .GetProperty("subLedgerId")
                                  .GetString();

            Console.WriteLine($"{subLedgerId} == {subLedgerId2}");

            #endregion

            #region Snippet:GetEnteryWithNoTransactionId

            Response firstPostResponse = ledgerClient.PostLedgerEntry(
                RequestContent.Create(new { contents = "Hello world 0" }));
            ledgerClient.PostLedgerEntry(
                RequestContent.Create(new { contents = "Hello world 1" }));
            Response subLedgerPostResponse = ledgerClient.PostLedgerEntry(
                RequestContent.Create(new { contents = "Hello world sub-ledger 0" }),
                "my sub-ledger");
            ledgerClient.PostLedgerEntry(
                RequestContent.Create(new { contents = "Hello world sub-ledger 1" }),
                "my sub-ledger");

#if SNIPPET
            firstPostResponse.Headers.TryGetValue(ConfidentialLedgerConstants.Headers.TransactionId, out string transactionId);
#else
            firstPostResponse.Headers.TryGetValue(ConfidentialLedgerConstants.TransactionIdHeaderName, out transactionId);
#endif

            // The ledger entry written at the transactionId in firstResponse is retrieved from the default sub-ledger.
            Response getResponse        = ledgerClient.GetLedgerEntry(transactionId);
            string   firstEntryContents = JsonDocument.Parse(getResponse.Content)
                                          .RootElement
                                          .GetProperty("contents")
                                          .GetString();

            Console.WriteLine(firstEntryContents); // "Hello world 0"

            // This will return the latest entry available in the default sub-ledger.
            getResponse = ledgerClient.GetCurrentLedgerEntry();
            string latestDefaultSubLedger = JsonDocument.Parse(getResponse.Content)
                                            .RootElement
                                            .GetProperty("contents")
                                            .GetString();

            Console.WriteLine($"The latest ledger entry from the default sub-ledger is {latestDefaultSubLedger}"); //"Hello world 1"

            // The ledger entry written at subLedgerTransactionId is retrieved from the sub-ledger 'sub-ledger'.
            subLedgerPostResponse.Headers.TryGetValue(ConfidentialLedgerConstants.TransactionIdHeaderName, out string subLedgerTransactionId);
            getResponse           = ledgerClient.GetLedgerEntry(subLedgerTransactionId, "my sub-ledger");
            string subLedgerEntry = JsonDocument.Parse(getResponse.Content)
                                    .RootElement
                                    .GetProperty("contents")
                                    .GetString();

            Console.WriteLine(subLedgerEntry); // "Hello world sub-ledger 0"

            // This will return the latest entry available in the sub-ledger.
            getResponse            = ledgerClient.GetCurrentLedgerEntry("my sub-ledger");
            string latestSubLedger = JsonDocument.Parse(getResponse.Content)
                                     .RootElement
                                     .GetProperty("contents")
                                     .GetString();

            Console.WriteLine($"The latest ledger entry from the sub-ledger is {latestSubLedger}"); // "Hello world sub-ledger 1"

            #endregion

            #region Snippet:RangedQuery

            ledgerClient.GetLedgerEntries(fromTransactionId: "2.1", toTransactionId: "4.5");

            #endregion

            #region Snippet:NewUser

            string newUserAadObjectId = "<some AAD user or service princpal object Id>";
            ledgerClient.CreateOrUpdateUser(
                newUserAadObjectId,
                RequestContent.Create(new { assignedRole = "Reader" }));

            #endregion

            #region Snippet:Consortium

            Response consortiumResponse = ledgerClient.GetConsortiumMembers();
            string   membersJson        = new StreamReader(consortiumResponse.ContentStream).ReadToEnd();

            // Consortium members can manage and alter the Confidential Ledger, such as by replacing unhealthy nodes.
            Console.WriteLine(membersJson);

            // The constitution is a collection of JavaScript code that defines actions available to members,
            // and vets proposals by members to execute those actions.
            Response constitutionResponse = ledgerClient.GetConstitution();
            string   constitutionJson     = new StreamReader(constitutionResponse.ContentStream).ReadToEnd();

            Console.WriteLine(constitutionJson);

            // Enclave quotes contain material that can be used to cryptographically verify the validity and contents of an enclave.
            Response enclavesResponse = ledgerClient.GetEnclaveQuotes();
            string   enclavesJson     = new StreamReader(enclavesResponse.ContentStream).ReadToEnd();

            Console.WriteLine(enclavesJson);

                              #endregion
        }