public void AddHashiCorpWithUserPass_WithOutOfBoundsKeyValueVersion_Throws(VaultKeyValueSecretEngineVersion secretEngineVersion) { // Arrange var builder = new HostBuilder(); // Act builder.ConfigureSecretStore((config, stores) => { stores.AddHashiCorpVaultWithUserPass("https://vault.uri:456", "username", "password", "secret/path", options => options.KeyValueVersion = secretEngineVersion); }); // Assert Assert.ThrowsAny <ArgumentException>(() => builder.Build()); }
public void AddHashiCorp_WithOutOfBoundsKeyValueVersion_Throws(VaultKeyValueSecretEngineVersion secretEngineVersion) { // Arrange var builder = new HostBuilder(); var settings = new VaultClientSettings("https://vault.uri:456", new UserPassAuthMethodInfo("username", "password")); // Act builder.ConfigureSecretStore((config, stores) => { stores.AddHashiCorpVault(settings, secretPath: "secret/path", options => options.KeyValueVersion = secretEngineVersion); }); // Assert Assert.ThrowsAny <ArgumentException>(() => builder.Build()); }
/// <summary> /// Mounts the KeyValue secret engine with a specific <paramref name="version"/> to a specific <paramref name="path"/>. /// </summary> /// <param name="path">The path to mount the secret engine to.</param> /// <param name="version">The version of the KeyValue secret engine to mount.</param> /// <exception cref="ArgumentException"> /// Thrown when the <paramref name="path"/> is blank or the <paramref name="version"/> is outside the bounds of the enumeration. /// </exception> public async Task MountKeyValueAsync(string path, VaultKeyValueSecretEngineVersion version) { Guard.NotNullOrWhitespace(path, nameof(path), "Requires a path to mount the KeyValue secret engine to"); Guard.For <ArgumentException>(() => !Enum.IsDefined(typeof(VaultKeyValueSecretEngineVersion), version), "Requires a KeyValue secret engine version that is either V1 or V2"); var content = new MountInfo { Type = "kv", Description = "KeyValue v1 secret engine", Options = new MountOptions { Version = ((int)version).ToString() } }; var http = new VaultHttpClient(); var uri = new Uri(ListenAddress, "/v1/sys/mounts/" + path); await http.PostVoid(uri, content, _rootToken, default(CancellationToken)); }
public void AddHashiCorpWithKubernetes_WithOutOfBoundsKeyValueVersion_Throws(VaultKeyValueSecretEngineVersion secretEngineVersion) { // Arrange var builder = new HostBuilder(); // Act builder.ConfigureSecretStore((config, stores) => { stores.AddHashiCorpVaultWithKubernetes( vaultServerUriWithPort: "https://vault.uri:456", roleName: "role name", jsonWebToken: "jwt", secretPath: "secret/path", configureOptions: options => options.KeyValueVersion = secretEngineVersion, name: null, mutateSecretName: null); }); // Assert Assert.ThrowsAny <ArgumentException>(() => builder.Build()); }
public async Task AuthenticateWithUserPassKeyValueV1_GetSecret_Succeeds() { // Arrange string secretPath = "mysecret"; string secretName = "my-value"; string expected = "s3cr3t"; string userName = "******"; string password = "******"; const string mountPoint = "secret-v1"; const VaultKeyValueSecretEngineVersion keyValueVersion = VaultKeyValueSecretEngineVersion.V1; using (HashiCorpVaultTestServer server = await StartServerWithUserPassAsync(userName, password, mountPoint)) { await server.MountKeyValueAsync(mountPoint, keyValueVersion); await server.KeyValueV1.WriteSecretAsync( mountPoint : mountPoint, path : secretPath, values : new Dictionary <string, object> { [secretName] = expected }); var authentication = new UserPassAuthMethodInfo(userName, password); var settings = new VaultClientSettings(server.ListenAddress.ToString(), authentication); var provider = new HashiCorpSecretProvider(settings, secretPath, new HashiCorpVaultOptions { KeyValueMountPoint = mountPoint, KeyValueVersion = keyValueVersion }, NullLogger <HashiCorpSecretProvider> .Instance); // Act string actual = await provider.GetRawSecretAsync(secretName); // Assert Assert.Equal(expected, actual); } }
public void AddHashiCorp_WithOutOfBoundsKeyValueVersion_Throws(VaultKeyValueSecretEngineVersion secretEngineVersion) { // Arrange var builder = new HostBuilder(); var userName = Guid.NewGuid().ToString(); var password = Guid.NewGuid().ToString(); var settings = new VaultClientSettings("https://vault.uri:456", new UserPassAuthMethodInfo(userName, password)); // Act builder.ConfigureSecretStore((config, stores) => { stores.AddHashiCorpVault( settings: settings, secretPath: "secret/path", configureOptions: options => options.KeyValueVersion = secretEngineVersion, name: null, mutateSecretName: null); }); // Assert Assert.ThrowsAny <ArgumentException>(() => builder.Build()); }