public async Task Rotate(IActiveDirectoryApplication application, string keyName = null, int keyDurationInMinutes = 0)
{
_keyVaultService.Log = Log;
_applicationService.Log = Log;
if (string.IsNullOrWhiteSpace(keyName))
{
keyName = Environment.GetEnvironmentVariable("DefaultKeyName", EnvironmentVariableTarget.Process);
Log.LogDebug($"No custom keyname so use default keyname '{keyName}'");
}
var allSecrets = await _keyVaultService.GetAllSecretsFromKeyVault();
var secret = GetSecretByApplicationObjectId(allSecrets, application.Id);
if (secret == null)
{
Log.LogWarning($"No secret found in the KeyVault that belongs by the application with ObjectId '{application.Id}'. Key rotation for this application will be skipped. Add a secret to the KeyVault for this application to start key rotation.");
}
else
{
string key = SecretHelper.GenerateSecretKey();
await _applicationService.AddSecretToActiveDirectoryApplication(application, keyName, key, keyDurationInMinutes);
await _keyVaultService.SetSecret(secret, key, secret.Tags);
}
await _applicationService.RemoveExpiredKeys(application);
}
public override void Execute()
{
var vaultConfig = ConfigurationManager.GetVaultConfig(Vault);
if (vaultConfig == null)
{
WriteError($"Unknown vault '{Vault}'");
return;
}
var authConfig = ConfigurationManager.GetAuthConfig(vaultConfig);
if (authConfig == null)
{
WriteError($"No authentication methods have been configured for vault '{Vault}'; see `kv auth`");
return;
}
IKeyVaultService kvService = CreateVaultService(authConfig);
SecretBundle newSecret;
try
{
newSecret = kvService.SetSecret(vaultConfig.GetVaultUri(), Secret, Value);
}
catch (Exception ex)
{
WriteError($"Failed to set secret '{Secret}' in vault '{Vault}'", ex);
return;
}
if (Verbose)
{
Console.Out.WriteJson(newSecret);
}
else
{
WriteInfo($"Secret '{Secret}' was set successfully");
}
}
public async Task <DialogTurnResult> AddPairAsync(DialogContext dialogContext, string text, CancellationToken cancellationToken)
{
if (!await IsActiveSession(dialogContext, dialogContext.Context.Activity.From, cancellationToken))
{
return(await dialogContext.CancelAllDialogsAsync(cancellationToken));
}
var data = text.Replace("add", "").Trim().Split(":");
try
{
if (data.Length == 2 && await _keyVaultService.SetSecret(data[0], data[1]))
{
var pairEntity = new PairEntity(dialogContext.Context.Activity.From.Id, data[0])
{
UserId = new Guid(dialogContext.Context.Activity.From.Id),
Service = data[0]
};
var entity = await _storageService.InsertOrMergeEntityAsync("Pair", pairEntity);
if (entity == null)
{
await dialogContext.Context.SendActivityAsync(MessageFactory.Text("Try again."), cancellationToken);
}
else
{
await dialogContext.Context.SendActivityAsync(MessageFactory.Text("New pair id successfully added. \nTo get password from service use 'get SERVICE_NAME' command. \n To get list pairs use 'get all' command"), cancellationToken);
}
}
}
catch
{
return(await dialogContext.CancelAllDialogsAsync(cancellationToken));
}
return(await dialogContext.CancelAllDialogsAsync(cancellationToken));
}