コード例 #1
0
        /// <summary>
        /// <para>Adds the user secrets secret source with specified user secrets ID.</para>
        /// <para>A user secrets ID is unique value used to store and identify a collection of secrets.</para>
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="userSecretsId">The user secrets ID.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
        /// <exception cref="ArgumentException">Thrown when the <paramref name="userSecretsId"/> is blank.</exception>
        public static SecretStoreBuilder AddUserSecrets(this SecretStoreBuilder builder, string userSecretsId, Func <string, string> mutateSecretName = null)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the user secrets");
            Guard.NotNullOrWhitespace(userSecretsId, nameof(userSecretsId), "Requires a non-blank user secrets ID to locate the user secrets");

            return(AddUserSecrets(builder, userSecretsId, options => options.MutateSecretName = mutateSecretName));
        }
コード例 #2
0
        /// <summary>
        /// <para>Adds the user secrets secret source. This searches <paramref name="assembly"/> for an instance
        /// of <see cref="UserSecretsIdAttribute"/>, which specifies a user secrets ID.</para>
        /// <para>A user secrets ID is unique value used to store and identify a collection of secrets.</para>
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="assembly">The assembly with the <see cref="UserSecretsIdAttribute" />.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> or <paramref name="assembly"/> is <c>null</c>.</exception>
        /// <exception cref="InvalidOperationException">Thrown when <paramref name="assembly"/> does not have a valid <see cref="UserSecretsIdAttribute"/>.</exception>
        public static SecretStoreBuilder AddUserSecrets(this SecretStoreBuilder builder, Assembly assembly, Func <string, string> mutateSecretName = null)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the user secrets");
            Guard.NotNull(assembly, nameof(assembly), "Requires an assembly to retrieve the user secrets ID which locates the local user secrets");

            return(AddUserSecrets(builder, assembly, options => options.MutateSecretName = mutateSecretName));
        }
コード例 #3
0
        /// <summary>
        /// Adds command line arguments as secrets to the secret store.
        /// </summary>
        /// <param name="builder">The secret store to add the command line arguments to.</param>
        /// <param name="arguments">The command line arguments that will be considered secrets.</param>
        /// <param name="mutateSecretName">The function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> or <paramref name="arguments"/> is <c>null</c>.</exception>
        public static SecretStoreBuilder AddCommandLine(this SecretStoreBuilder builder, string[] arguments, Func <string, string> mutateSecretName)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the command line arguments as secrets to the secret store");
            Guard.NotNull(arguments, nameof(arguments), "Requires a set of command line arguments to be set as secret in the secret store");

            return(AddCommandLine(builder, arguments, name: null, mutateSecretName: mutateSecretName));
        }
コード例 #4
0
        /// <summary>
        /// Adds Docker secrets (mounted as files in the Docker container) to the secret store.
        /// </summary>
        /// <param name="builder">The builder to add the Docker secrets provider to.</param>
        /// <param name="directoryPath">The path inside the container where the Docker secrets are located.</param>
        /// <param name="name">The unique name to register this HashiCorp provider in the secret store.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
        /// <exception cref="ArgumentException">Throw when the <paramref name="directoryPath"/> is blank or is not an absolute path.</exception>
        /// <exception cref="DirectoryNotFoundException">Thrown when the <paramref name="directoryPath"/> is not found on the system.</exception>
        public static SecretStoreBuilder AddDockerSecrets(
            this SecretStoreBuilder builder,
            string directoryPath,
            string name,
            Func <string, string> mutateSecretName)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the Docker secrets to");
            Guard.NotNullOrWhitespace(directoryPath, nameof(directoryPath), "Requires a non-blank directory path inside the Docker container to locate the secrets");
            Guard.For(() => !Path.IsPathRooted(directoryPath),
                      new ArgumentException("Requires an absolute directory path inside the Docker container to located the secrets", nameof(directoryPath)));

            if (!Directory.Exists(directoryPath))
            {
                throw new DirectoryNotFoundException($"The directory {directoryPath} which is configured as secretsDirectoryPath does not exist.");
            }

            var configuration = new KeyPerFileConfigurationSource
            {
                FileProvider = new PhysicalFileProvider(directoryPath),
                Optional     = false
            };

            var provider = new KeyPerFileConfigurationProvider(configuration);

            provider.Load();

            return(builder.AddProvider(new DockerSecretsSecretProvider(directoryPath), options =>
            {
                options.Name = name;
                options.MutateSecretName = mutateSecretName;
            }));
        }
コード例 #5
0
        /// <summary>
        /// Adds Docker secrets (mounted as files in the Docker container) to the secret store.
        /// </summary>
        /// <param name="builder">The builder to add the Docker secrets provider to.</param>
        /// <param name="directoryPath">The path inside the container where the Docker secrets are located.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c></exception>
        /// <exception cref="ArgumentException">Throw when the <paramref name="directoryPath"/> is blank</exception>
        public static SecretStoreBuilder AddDockerSecrets(this SecretStoreBuilder builder, string directoryPath, Func <string, string> mutateSecretName = null)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the Docker secrets to");
            Guard.NotNullOrWhitespace(directoryPath, nameof(directoryPath), "Requires a non-blank directory path to locate the Docker secrets");

            return(AddDockerSecrets(builder, directoryPath, name: null, mutateSecretName: mutateSecretName));
        }
コード例 #6
0
        /// <summary>
        /// <para>Adds the user secrets secret source with specified user secrets ID.</para>
        /// <para>A user secrets ID is unique value used to store and identify a collection of secrets.</para>
        /// </summary>
        /// <typeparam name="T">The type from the assembly to search for an instance of <see cref="UserSecretsIdAttribute"/>.</typeparam>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
        /// <exception cref="InvalidOperationException">Thrown when the assembly containing <typeparamref name="T"/> does not have <see cref="UserSecretsIdAttribute"/>.</exception>
        public static SecretStoreBuilder AddUserSecrets <T>(
            this SecretStoreBuilder builder,
            Func <string, string> mutateSecretName = null) where T : class
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the user secrets");

            return(AddUserSecrets <T>(builder, options => options.MutateSecretName = mutateSecretName));
        }
コード例 #7
0
        /// <summary>
        /// Adds a secret source to the secret store of the application that gets its secrets from the <see cref="IConfiguration"/>.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="configuration">The configuration of the application, containing secrets.</param>
        public static SecretStoreBuilder AddConfiguration(
            this SecretStoreBuilder builder,
            IConfiguration configuration)
        {
            Guard.NotNull(builder, nameof(builder));

            return(builder.AddProvider(new ConfigurationSecretProvider(configuration)));
        }
コード例 #8
0
        /// <summary>
        /// Adds a secret source to the secret store of the application that gets its secrets from the environment.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="target">The target on which the environment variables should be retrieved.</param>
        public static SecretStoreBuilder AddEnvironmentVariables(
            this SecretStoreBuilder builder,
            EnvironmentVariableTarget target = EnvironmentVariableSecretProvider.DefaultTarget)
        {
            Guard.NotNull(builder, nameof(builder));

            return(builder.AddProvider(new EnvironmentVariableSecretProvider(target)));
        }
コード例 #9
0
        private static SecretStoreBuilder AddUserSecrets <T>(
            SecretStoreBuilder builder,
            Action <SecretProviderOptions> configureOptions)
        {
            Assembly assembly = typeof(T).GetTypeInfo().Assembly;

            return(AddUserSecrets(builder, assembly, configureOptions));
        }
コード例 #10
0
        /// <summary>
        /// Adds a secret source to the secret store of the application that gets its secrets from the <see cref="IConfiguration"/>.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="configuration">The configuration of the application, containing secrets.</param>
        /// <param name="mutateSecretName">The function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
        public static SecretStoreBuilder AddConfiguration(
            this SecretStoreBuilder builder,
            IConfiguration configuration,
            Func <string, string> mutateSecretName = null)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the configuration secrets");

            return(builder.AddProvider(new ConfigurationSecretProvider(configuration), mutateSecretName));
        }
コード例 #11
0
 /// <summary>
 /// Configure an <see cref="ISecretProvider"/> in the application with a given set of stores configured in the given <paramref name="configureSecretStores"/>.
 /// </summary>
 /// <param name="hostBuilder">The builder to append the secret store configuration to.</param>
 /// <param name="configureSecretStores">The customization of the different target secret store sources to include in the final <see cref="ISecretProvider"/>.</param>
 public static IHostBuilder ConfigureSecretStore(this IHostBuilder hostBuilder, Action <HostBuilderContext, IConfiguration, SecretStoreBuilder> configureSecretStores)
 {
     return(hostBuilder.ConfigureServices((context, services) =>
     {
         var builder = new SecretStoreBuilder(services);
         configureSecretStores(context, context.Configuration, builder);
         builder.RegisterSecretStore();
     }));
 }
コード例 #12
0
        /// <summary>
        /// Adds a secret source to the secret store of the application that gets its secrets from the <see cref="IConfiguration"/>.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="configuration">The configuration of the application, containing secrets.</param>
        /// <param name="mutateSecretName">The function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
        public static SecretStoreBuilder AddConfiguration(
            this SecretStoreBuilder builder,
            IConfiguration configuration,
            Func <string, string> mutateSecretName = null)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the configuration secrets");
            Guard.NotNull(configuration, nameof(configuration), "Requires a configuration instance to retrieve the secrets from");

            return(AddConfiguration(builder, configuration, name: null, mutateSecretName: mutateSecretName));
        }
コード例 #13
0
        /// <summary>
        /// Configure an <see cref="ISecretProvider"/> in the application with a given set of stores configured in the given <paramref name="configureSecretStores"/>.
        /// </summary>
        /// <param name="hostBuilder">The builder to append the secret store configuration to.</param>
        /// <param name="configureSecretStores">The customization of the different target secret store sources to include in the final <see cref="ISecretProvider"/>.</param>
        public static IHostBuilder ConfigureSecretStore(this IHostBuilder hostBuilder, Action <HostBuilderContext, IConfiguration, SecretStoreBuilder> configureSecretStores)
        {
            return(hostBuilder.ConfigureServices((context, services) =>
            {
                var builder = new SecretStoreBuilder(services);
                configureSecretStores(context, context.Configuration, builder);

                services.TryAddSingleton <ISecretProvider, CompositeSecretProvider>();
            }));
        }
コード例 #14
0
        private static (IList <SecretStoreSource> before, IList <SecretStoreSource> after) TrackSecretStoreBuilderFunc(
            SecretStoreBuilder builder,
            Func <SecretStoreBuilder, SecretStoreBuilder> modifySecretStoreBuilder)
        {
            IList <SecretStoreSource> before = builder.SecretStoreSources.ToList();

            modifySecretStoreBuilder(builder);
            IList <SecretStoreSource> after = builder.SecretStoreSources;

            return(before, after);
        }
コード例 #15
0
        private static SecretStoreBuilder AddUserSecrets(SecretStoreBuilder builder, string userSecretsId, Action <SecretProviderOptions> configureOptions)
        {
            string directoryPath           = GetUserSecretsDirectoryPath(userSecretsId);
            JsonConfigurationSource source = CreateJsonFileSource(directoryPath);

            var provider = new JsonConfigurationProvider(source);

            provider.Load();

            return(builder.AddProvider(new UserSecretsSecretProvider(provider), configureOptions));
        }
コード例 #16
0
        /// <summary>
        /// Adds Azure Key Vault as a secret source.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="authentication">The requested authentication type for connecting to the Azure Key Vault instance.</param>
        /// <param name="configuration">The configuration related to the Azure Key Vault instance to use.</param>
        /// <param name="allowCaching">The flag to indicate whether to include caching during secret retrieval in Azure key vault.</param>
        public static SecretStoreBuilder AddAzureKeyVault(
            this SecretStoreBuilder builder,
            IKeyVaultAuthentication authentication,
            IKeyVaultConfiguration configuration,
            bool allowCaching = false)
        {
            Guard.NotNull(builder, nameof(builder));
            Guard.NotNull(authentication, nameof(authentication));
            Guard.NotNull(configuration, nameof(configuration));

            return(AddAzureKeyVault(builder, authentication, configuration, allowCaching ? new CacheConfiguration() : null));
        }
コード例 #17
0
        /// <summary>
        /// Adds a secret source to the secret store of the application that gets its secrets from the environment.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="target">The target on which the environment variables should be retrieved.</param>
        /// <param name="prefix">The optional prefix which will be prepended to the secret name when retrieving environment variables.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
        /// <exception cref="ArgumentException">Thrown when the <paramref name="target"/> is outside the bounds of the enumeration.</exception>
        public static SecretStoreBuilder AddEnvironmentVariables(
            this SecretStoreBuilder builder,
            EnvironmentVariableTarget target = EnvironmentVariableSecretProvider.DefaultTarget,
            string prefix = null,
            Func <string, string> mutateSecretName = null)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the environment secrets");
            Guard.For <ArgumentException>(() => !Enum.IsDefined(typeof(EnvironmentVariableTarget), target),
                                          $"Requires an environment variable target of either '{EnvironmentVariableTarget.Process}', '{EnvironmentVariableTarget.Machine}', or '{EnvironmentVariableTarget.User}'");

            return(AddEnvironmentVariables(builder, target, prefix, name: null, mutateSecretName: mutateSecretName));
        }
コード例 #18
0
        /// <summary>
        /// Adds Docker secrets (mounted as files in the Docker container) to the secret store.
        /// </summary>
        /// <param name="builder">The builder to add the Docker secrets provider to.</param>
        /// <param name="directoryPath">The path inside the container where the Docker secrets are located.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
        /// <exception cref="ArgumentException">Throw when the <paramref name="directoryPath"/> is blank or is not an absolute path.</exception>
        public static SecretStoreBuilder AddDockerSecrets(this SecretStoreBuilder builder, string directoryPath, Func <string, string> mutateSecretName = null)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the Docker secrets to");
            Guard.NotNullOrWhitespace(directoryPath, nameof(directoryPath), "Requires a non-blank directory path inside the Docker container to locate the secrets");
            Guard.For(() => !Path.IsPathRooted(directoryPath),
                      new ArgumentException("Requires an absolute directory path inside the Docker container to located the secrets", nameof(directoryPath)));

            if (!Directory.Exists(directoryPath))
            {
                throw new DirectoryNotFoundException($"The directory {directoryPath} which is configured as secretsDirectoryPath does not exist.");
            }

            return(AddDockerSecrets(builder, directoryPath, name: null, mutateSecretName: mutateSecretName));
        }
コード例 #19
0
        /// <summary>
        /// Adds Azure Key Vault as a secret source which uses Managed Identity authentication.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="rawVaultUri">The Uri of the Azure Key Vault you want to connect to.</param>
        /// <param name="connectionString">The connection string to use to authenticate, if applicable.</param>
        /// <param name="azureADInstance">The azure AD instance to use to authenticate, if applicable.</param>
        /// <param name="allowCaching">The flag to indicate whether to include caching during secret retrieval in Azure key vault.</param>
        public static SecretStoreBuilder AddAzureKeyVaultWithManagedServiceIdentity(
            this SecretStoreBuilder builder,
            string rawVaultUri,
            string connectionString = null,
            string azureADInstance  = null,
            bool allowCaching       = false)
        {
            Guard.NotNull(rawVaultUri, nameof(rawVaultUri));

            return(AddAzureKeyVault(
                       builder,
                       new ManagedServiceIdentityAuthentication(connectionString, azureADInstance),
                       new KeyVaultConfiguration(rawVaultUri),
                       allowCaching));
        }
コード例 #20
0
        /// <summary>
        /// Adds a secret source to the secret store of the application that gets its secrets from the <see cref="IConfiguration"/>.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="configuration">The configuration of the application, containing secrets.</param>
        /// <param name="name">The unique name to register this Configuration provider in the secret store.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
        public static SecretStoreBuilder AddConfiguration(
            this SecretStoreBuilder builder,
            IConfiguration configuration,
            string name,
            Func <string, string> mutateSecretName)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the configuration secrets");
            Guard.NotNull(configuration, nameof(configuration), "Requires a configuration instance to retrieve the secrets from");

            return(builder.AddProvider(new ConfigurationSecretProvider(configuration), options =>
            {
                options.Name = name;
                options.MutateSecretName = mutateSecretName;
            }));
        }
コード例 #21
0
        /// <summary>
        /// Adds Docker secrets (mounted as files in the Docker container) to the secret store.
        /// </summary>
        /// <param name="builder">The builder to add the Docker secrets provider to.</param>
        /// <param name="directoryPath">The path inside the container where the Docker secrets are located.</param>
        /// <param name="name">The unique name to register this HashiCorp provider in the secret store.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c></exception>
        /// <exception cref="ArgumentException">Throw when the <paramref name="directoryPath"/> is blank</exception>
        public static SecretStoreBuilder AddDockerSecrets(
            this SecretStoreBuilder builder,
            string directoryPath,
            string name,
            Func <string, string> mutateSecretName)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the Docker secrets to");
            Guard.NotNullOrWhitespace(directoryPath, nameof(directoryPath), "Requires a non-blank directory path to locate the Docker secrets");

            return(builder.AddProvider(new DockerSecretsSecretProvider(directoryPath), options =>
            {
                options.Name = name;
                options.MutateSecretName = mutateSecretName;
            }));
        }
コード例 #22
0
        /// <summary>
        /// Authorize the <see cref="ISecretProvider"/> instances added during the given <paramref name="addSecretProviders"/> function to be within the given <paramref name="role"/>.
        /// </summary>
        /// <param name="builder">The builder instance to add the authorized provider to.</param>
        /// <param name="role">The authorized role for all the to-be-added providers.</param>
        /// <param name="addSecretProviders">The function that will add the authorized providers.</param>
        public static SecretStoreBuilder AuthorizedWithin(
            this SecretStoreBuilder builder,
            Role role,
            Func <SecretStoreBuilder, SecretStoreBuilder> addSecretProviders)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the role-based authorization");
            Guard.NotNull(addSecretProviders, nameof(addSecretProviders), "Requires a function to make a set of secret providers only available within a specific role");
            Guard.For <ArgumentException>(() => !Enum.IsDefined(typeof(Role), role), "Requires the role only within the boundaries of the enumeration");

            builder.AddCriticalException <AuthorizationException>();

            (IList <SecretStoreSource> before, IList <SecretStoreSource> after) = TrackSecretStoreBuilderFunc(builder, addSecretProviders);
            ReplaceSecretSourceWithAuthorized(role, after, before);

            return(builder);
        }
コード例 #23
0
        /// <summary>
        /// Adds Azure Key Vault as a secret source which uses certificate authentication.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="rawVaultUri">The Uri of the Azure Key Vault you want to connect to.</param>
        /// <param name="clientId">The identifier of the application requesting the authentication token.</param>
        /// <param name="certificate">The certificate that is used as credential.</param>
        /// <param name="cacheConfiguration">The configuration to control how the caching will be done.</param>
        public static SecretStoreBuilder AddAzureKeyVaultWithCertificate(
            this SecretStoreBuilder builder,
            string rawVaultUri,
            string clientId,
            X509Certificate2 certificate,
            ICacheConfiguration cacheConfiguration)
        {
            Guard.NotNull(rawVaultUri, nameof(rawVaultUri));
            Guard.NotNull(clientId, nameof(clientId));
            Guard.NotNull(certificate, nameof(certificate));

            return(AddAzureKeyVault(
                       builder,
                       new CertificateBasedAuthentication(clientId, certificate),
                       new KeyVaultConfiguration(rawVaultUri),
                       cacheConfiguration: cacheConfiguration));
        }
コード例 #24
0
        /// <summary>
        /// Adds Azure Key Vault as a secret source which uses client secret authentication.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="rawVaultUri">The Uri of the Azure Key Vault you want to connect to.</param>
        /// <param name="clientId">The ClientId of the service principal, used to connect to Azure Key Vault</param>
        /// <param name="clientKey">The Secret ClientKey of the service principal, used to connect to Azure Key Vault</param>
        /// <param name="cacheConfiguration">The configuration to control how the caching will be done.</param>
        public static SecretStoreBuilder AddAzureKeyVaultWithServicePrincipal(
            this SecretStoreBuilder builder,
            string rawVaultUri,
            string clientId,
            string clientKey,
            ICacheConfiguration cacheConfiguration)
        {
            Guard.NotNull(rawVaultUri, nameof(rawVaultUri));
            Guard.NotNullOrEmpty(clientId, nameof(clientId));
            Guard.NotNullOrEmpty(clientKey, nameof(clientKey));

            return(AddAzureKeyVault(
                       builder,
                       new ServicePrincipalAuthentication(clientId, clientKey),
                       new KeyVaultConfiguration(rawVaultUri),
                       cacheConfiguration: cacheConfiguration));
        }
コード例 #25
0
        /// <summary>
        /// Adds a secret source to the secret store of the application that gets its secrets from the environment.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="target">The target on which the environment variables should be retrieved.</param>
        /// <param name="prefix">The optional prefix which will be prepended to the secret name when retrieving environment variables.</param>
        /// <param name="name">The unique name to register this Environment Variables provider in the secret store.</param>
        /// <param name="mutateSecretName">The optional function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> is <c>null</c>.</exception>
        /// <exception cref="ArgumentException">Thrown when the <paramref name="target"/> is outside the bounds of the enumeration.</exception>
        public static SecretStoreBuilder AddEnvironmentVariables(
            this SecretStoreBuilder builder,
            EnvironmentVariableTarget target,
            string prefix,
            string name,
            Func <string, string> mutateSecretName)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the environment secrets");
            Guard.For <ArgumentException>(() => !Enum.IsDefined(typeof(EnvironmentVariableTarget), target),
                                          $"Requires an environment variable target of either '{EnvironmentVariableTarget.Process}', '{EnvironmentVariableTarget.Machine}', or '{EnvironmentVariableTarget.User}'");

            return(builder.AddProvider(new EnvironmentVariableSecretProvider(target, prefix), options =>
            {
                options.Name = name;
                options.MutateSecretName = mutateSecretName;
            }));
        }
コード例 #26
0
        /// <summary>
        /// Adds command line arguments as secrets to the secret store.
        /// </summary>
        /// <param name="builder">The secret store to add the command line arguments to.</param>
        /// <param name="arguments">The command line arguments that will be considered secrets.</param>
        /// <param name="name">The unique name to register this provider in the secret store.</param>
        /// <param name="mutateSecretName">The function to mutate the secret name before looking it up.</param>
        /// <exception cref="ArgumentNullException">Thrown when the <paramref name="builder"/> or <paramref name="arguments"/> is <c>null</c>.</exception>
        public static SecretStoreBuilder AddCommandLine(this SecretStoreBuilder builder, string[] arguments, string name, Func <string, string> mutateSecretName)
        {
            Guard.NotNull(builder, nameof(builder), "Requires a secret store builder to add the command line arguments as secrets to the secret store");
            Guard.NotNull(arguments, nameof(arguments), "Requires a set of command line arguments to be set as secret in the secret store");

            var configProvider = new CommandLineConfigurationProvider(arguments);

            configProvider.Load();

            var secretProvider = new CommandLineSecretProvider(configProvider);

            return(builder.AddProvider(secretProvider, options =>
            {
                options.Name = name;
                options.MutateSecretName = mutateSecretName;
            }));
        }
コード例 #27
0
        /// <summary>
        /// Adds Azure Key Vault as a secret source.
        /// </summary>
        /// <param name="builder">The builder to create the secret store.</param>
        /// <param name="authentication">The requested authentication type for connecting to the Azure Key Vault instance.</param>
        /// <param name="configuration">The configuration related to the Azure Key Vault instance to use.</param>
        /// <param name="cacheConfiguration">The configuration to control how the caching will be done.</param>
        public static SecretStoreBuilder AddAzureKeyVault(
            this SecretStoreBuilder builder,
            IKeyVaultAuthentication authentication,
            IKeyVaultConfiguration configuration,
            ICacheConfiguration cacheConfiguration)
        {
            Guard.NotNull(builder, nameof(builder));
            Guard.NotNull(authentication, nameof(authentication));
            Guard.NotNull(configuration, nameof(configuration));

            var keyVaultSecretProvider = new KeyVaultSecretProvider(authentication, configuration);

            if (cacheConfiguration != null)
            {
                var cachedSecretProvider = new CachedSecretProvider(keyVaultSecretProvider, cacheConfiguration);
                return(builder.AddProvider(cachedSecretProvider));
            }

            return(builder.AddProvider(keyVaultSecretProvider));
        }
コード例 #28
0
        private static SecretStoreBuilder AddUserSecrets(this SecretStoreBuilder builder, Assembly assembly, Action <SecretProviderOptions> configureOptions)
        {
            string userSecretsId = GetUserSecretsIdFromTypeAssembly(assembly);

            return(AddUserSecrets(builder, userSecretsId, configureOptions));
        }