/// <summary>
/// Gets the vault credential object
/// </summary>
/// <param name="managementCert">certificate to be uploaded</param>
/// <param name="vault">vault object</param>
/// <param name="site">site object </param>
/// <returns>credential object</returns>
public ASRVaultCreds GenerateVaultCredential(X509Certificate2 managementCert, ASRVault vault, Site site)
{
string currentResourceName = PSRecoveryServicesClient.asrVaultCreds.ResourceName;
string currentCloudServiceName = PSRecoveryServicesClient.asrVaultCreds.CloudServiceName;
// Update vault settings with the working vault to generate file
Utilities.UpdateVaultSettings(new ASRVaultCreds()
{
CloudServiceName = vault.CloudServiceName,
ResourceName = vault.Name
});
// Get Channel Integrity key
string channelIntegrityKey;
Task<string> getChannelIntegrityKey = this.GetChannelIntegrityKey();
// Making sure we can generate the file, once the SDK and portal are inter-operable
// upload certificate and fetch of ACIK can be made parallel to improvve the performace.
getChannelIntegrityKey.Wait();
// Upload certificate
UploadCertificateResponse acsDetails;
Task<UploadCertificateResponse> uploadCertificate = this.UpdateVaultCertificate(managementCert);
uploadCertificate.Wait();
acsDetails = uploadCertificate.Result;
channelIntegrityKey = getChannelIntegrityKey.Result;
ASRVaultCreds asrVaultCreds = this.GenerateCredentialObject(
managementCert,
acsDetails,
channelIntegrityKey,
vault,
site);
// Update back the original vault settings
Utilities.UpdateVaultSettings(new ASRVaultCreds()
{
CloudServiceName = currentCloudServiceName,
ResourceName = currentResourceName
});
return asrVaultCreds;
}
/// <summary>
/// Initializes a new instance of the <see cref="ASRSite" /> class.
/// </summary>
/// <param name="site">Hydra site object.</param>
public ASRSite(Site site)
{
this.Name = site.Name;
this.ID = site.ID;
this.Type = site.Type;
}
/// <summary>
/// Method to execute the command
/// </summary>
private void GetByObject()
{
AzureSubscription subscription = this.Profile.Context.Subscription;
this.Vault.SubscriptionId = subscription.Id.ToString();
CloudService cloudService = RecoveryServicesClient.GetCloudServiceForVault(this.Vault);
this.Vault.CloudServiceName = cloudService.Name;
// Generate certificate
X509Certificate2 cert = CertUtils.CreateSelfSignedCertificate(VaultCertificateExpiryInHoursForHRM, subscription.Id.ToString(), this.Vault.Name);
var site = new Site();
if (this.Site != null)
{
site.ID = this.Site.ID;
site.Name = this.Site.Name;
site.Type = this.Site.Type;
}
// Generate file.
ASRVaultCreds vaultCreds = RecoveryServicesClient.GenerateVaultCredential(
cert,
this.Vault,
site);
string filePath = string.IsNullOrEmpty(this.Path) ? Utilities.GetDefaultPath() : this.Path;
string fileName = this.GenerateFileName();
// write the content to a file.
VaultSettingsFilePath output = new VaultSettingsFilePath()
{
FilePath = Utilities.WriteToFile<ASRVaultCreds>(vaultCreds, filePath, fileName)
};
// print the path to the user.
this.WriteObject(output, true);
}
/// <summary>
/// Method to generate the credential file content
/// </summary>
/// <param name="managementCert">management cert</param>
/// <param name="acsDetails">ACS details</param>
/// <param name="channelIntegrityKey">Integrity key</param>
/// <param name="vault">vault object</param>
/// <param name="site">site object</param>
/// <returns>vault credential object</returns>
private ASRVaultCreds GenerateCredentialObject(X509Certificate2 managementCert, UploadCertificateResponse acsDetails, string channelIntegrityKey, ASRVault vault, Site site)
{
string serializedCertifivate = Convert.ToBase64String(managementCert.Export(X509ContentType.Pfx));
AcsNamespace acsNamespace = new AcsNamespace(acsDetails);
ASRVaultCreds vaultCreds = new ASRVaultCreds(
vault.SubscriptionId,
vault.Name,
serializedCertifivate,
acsNamespace,
channelIntegrityKey,
vault.CloudServiceName,
site.ID,
site.Name);
return vaultCreds;
}
