コード例 #1
0
        public async Task <string> GetKeyVaultAsync()
        {
            string secretValue                   = "";
            var    isSystemManagedIdentity       = keyVaultService.IsManagedIdentityEnabled();
            var    isUserAssignedManagedIdentity = keyVaultService.IsUserManagedIdentityEnabled();

            if (isSystemManagedIdentity)
            {
                // Will work when deployed in Azure resource eg. Webapps,VMSS etc.
                var secretAsmanagedIdentity = await keyVaultService.GetSecretAsApplicationUsingManagedIdentityAsync();

                logger.LogInformation($"--------- user secret as System Assigned ManagedIdentity {secretAsmanagedIdentity}");
                secretValue = $"System Managed identity: {isSystemManagedIdentity}, secret: {secretAsmanagedIdentity}";
            }
            else if (isUserAssignedManagedIdentity)
            {
                var secretAsUsermanagedIdentity = await keyVaultService.GetSecretAsApplicationUsingUserManagedIdentityAsync();

                logger.LogInformation($"--------- user secret as User Assigned ManagedIdentity {secretAsUsermanagedIdentity}");
                secretValue = $"User Managed identity: {isUserAssignedManagedIdentity}, secret: {secretAsUsermanagedIdentity}";
            }
            else
            {
                var secretAsUser = await keyVaultService.GetSecretAsUserAsync();

                logger.LogInformation($"--------- user secret as User: {secretAsUser}");

                var secretAsClientSecret = await keyVaultService.GetSecretAsApplicationUsingClientSecretAsync();

                logger.LogInformation($"--------- user secret as AAD client app + client secret: {secretAsClientSecret}");

                var secretAsClientCertificate = await keyVaultService.GetSecretAsApplicationUsingClientCertificateAsync();

                logger.LogInformation($"--------- user secret as AAD client app + client certificate {secretAsClientCertificate}");

                secretValue = $"Managed identity: {isSystemManagedIdentity}, secret: {secretAsClientSecret}";
            }

            return(secretValue);
        }