public static IVaultClient GetVaultClient(string token, string vaultUri)
{
IAuthMethodInfo authMethod = new TokenAuthMethodInfo(token);
var vaultClientSettings = new VaultClientSettings(vaultUri, authMethod);
IVaultClient vaultClient = new VaultSharp.VaultClient(vaultClientSettings);
return(vaultClient);
}
public async Task <IDictionary <string, object> > GetAsync(string key)
{
if (string.IsNullOrWhiteSpace(key))
{
throw new VaultException("Vault secret key can not be empty.");
}
try
{
var settings = new VaultClientSettings(_options.Url, GetAuthMethod());
var client = new VaultSharp.VaultClient(settings);
var secret = await client.V1.Secrets.KeyValue.V2.ReadSecretAsync(key);
return(secret.Data.Data);
}
catch (Exception exception)
{
throw new VaultException($"Getting Vault secret for key: '{key}' caused an error. " +
$"{exception.Message}", exception, key);
}
}
/// <summary>
/// Creates an instance of the vault client, with the provided <see cref="IAuthenticationInfo" /> used to authenticate and authorize the user.
/// This is the typical client you would need for your consuming applications.
/// <para>
/// If you need an instance of an administrative/root user based <see cref="IVaultClient" />, pass a <see cref="IAuthenticationInfo" /> with a root policy mapping.
/// If you need an instance of an unauthenticated <see cref="IVaultClient" />, pass a <value>null</value> value for <see cref="IAuthenticationInfo" />.
/// An unauthenticated client can do very few operations. e.g. Check seal status, initialization status etc.
/// </para><para>var vaultClient = VaultClientFactory.CreateVaultClient(new Uri("http://127.0.0.1:8200", new GitHubAuthenticationInfo(personalAccessToken: "YOUR_TOKEN"));</para><para>var administrativeVaultClient = VaultClientFactory.CreateVaultClient(new Uri("http://127.0.0.1:8200", new TokenAuthenticationInfo(token: "ROOT_POLICY_TOKEN"));</para><para>var unauthenticatedVaultClient = VaultClientFactory.CreateVaultClient(new Uri("http://127.0.0.1:8200", authenticationInfo: null));</para>
/// </summary>
/// <param name="vaultServerUriWithPort"><para>[required]</para>
/// The vault server URI with port.</param>
/// <param name="authenticationInfo"><para>[optional]</para>
/// The authentication information. e.g. GitHub, AppId, LDAP etc.</param>
/// <param name="continueAsyncTasksOnCapturedContext"><para>[optional]</para>
/// if set to <c>true</c> [continue asynchronous tasks on captured context].</param>
/// <param name="serviceTimeout"><para>[optional]</para>
/// The timeout value for the Vault Service calls. Do not specify a value, if you want to go with the default timeout values.</param>
/// <param name="postHttpClientInitializeAction"><para>[optional]</para>
/// A post-processing delegate on the <see cref="HttpClient"/> instance used by the library.
/// This can be used to setup any custom message handlers, proxy settings etc.
/// Please note that the delegate will get an instance of <see cref="HttpClient"/> that is initialized with the address
/// and timeout settings.
/// </param>
/// <returns>
/// An instance of the <see cref="IVaultClient" /> interface implementation.
/// </returns>
public static IVaultClient CreateVaultClient(Uri vaultServerUriWithPort, IAuthenticationInfo authenticationInfo, bool continueAsyncTasksOnCapturedContext = false, TimeSpan?serviceTimeout = null, Action <HttpClient> postHttpClientInitializeAction = null)
{
IVaultClient vaultClient = new VaultClient(vaultServerUriWithPort, authenticationInfo, continueAsyncTasksOnCapturedContext, serviceTimeout, postHttpClientInitializeAction: postHttpClientInitializeAction);
return(vaultClient);
}
