/// <summary> /// Background CleanUp method /// </summary> private void CleanUpMethod() { using (_canceller.Token.Register(Thread.CurrentThread.Abort)) { while (!_mustexit) { try { int res = Certs.CleanOrphanedPrivateKeys(); if (res > 0) { _service.EventLog.WriteEntry(string.Format("{0} orphaned certificates private keys deleted.", res), EventLogEntryType.Error, 1010); } Thread.Sleep(new TimeSpan(0, 0, _minutes, 0)); } catch (ThreadAbortException) { _mustexit = true; return; } catch (Exception ex) { _service.EventLog.WriteEntry(string.Format("error on CleanUp Keys : {0}.", ex.Message), EventLogEntryType.Error, 1011); } } } }
/// <summary> /// CreateCertificate implementation /// </summary> public override X509Certificate2 CreateCertificate(string upn, string password, int validity) { string pass = string.Empty; if (!string.IsNullOrEmpty(password)) { pass = password; } return(Certs.CreateRSAEncryptionCertificateForUser(upn.ToLower(), validity, pass)); }
/// <summary> /// CreateCertificate method implmentation /// </summary> public override X509Certificate2 CreateCertificate(string upn, int validity, bool generatepassword = false) { string pass = string.Empty; string strcert = string.Empty; if (generatepassword) { pass = CheckSumEncoding.CheckSumAsString(upn); } return(Certs.CreateRSAEncryptionCertificateForUser(upn.ToLower(), validity, pass)); }
/// <summary> /// CleanOrphanedPrivateKeys method implmentation /// </summary> internal static int CleanOrphanedPrivateKeys() { EnsureService(); try { return(Certs.CleanOrphanedPrivateKeys()); } catch (Exception ex) { throw ex; } }
/// <summary> /// UpdateCertificatesACL method implementation /// </summary> internal static bool UpdateCertificatesACL() { EnsureService(); try { return(Certs.UpdateCertificatesACL()); } catch (Exception ex) { throw ex; } }
/// <summary> /// GetClientCredentials method implmentation /// </summary> private void GetClientCredentials() { try { X509Certificate2 azureCertificate = Certs.GetCertificate(this._thumbprint, StoreLocation.LocalMachine); this._clientAssertion = new ADAL.ClientAssertionCertificate(this._clientId, azureCertificate); this._certTimestamp = DateTime.Now.ToUniversalTime(); } catch (Exception ex) { throw ex; } }
/// <summary> /// CreateCertificate method implmentation /// </summary> private X509Certificate2 CreateCertificate(string upn, int validity, out string strcert) { strcert = Certs.CreateSelfSignedCertificateAsString(upn.ToLower(), validity); X509Certificate2 cert = new X509Certificate2(Convert.FromBase64String(strcert), "", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet); if (Certs.RemoveSelfSignedCertificate(cert)) { return(cert); } else { return(null); } }
public static async Task <HttpResponseMessage> Run( [HttpTrigger(AuthorizationLevel.Function, "get", Route = null)] HttpRequest req, ILogger log) { log.LogInformation("Get Groups using Azure.Identity..."); #if DEBUG log.LogInformation("Using client credentials"); X509Certificate2 cert = Certs.GetCertificateFromStore(Configuration.LocalDevCertName); var credential = new ClientCertificateCredential(Configuration.LocalDevTenantId, Configuration.LocalDevAppId, cert); #else log.LogInformation("Using Managed identity credentials"); var credential = new ManagedIdentityCredential(); #endif try { var accessTokenRequest = await credential.GetTokenAsync( new TokenRequestContext(scopes : new string[] { "https://graph.microsoft.com/.default" }) { } ); var accessToken = accessTokenRequest.Token; //log.LogInformation(accessToken); var httpClient = new HttpClient() { DefaultRequestHeaders = { Authorization = new AuthenticationHeaderValue("Bearer", accessToken) } }; var result = await httpClient.GetStringAsync("https://graph.microsoft.com/v1.0/groups"); return(new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent(result, Encoding.UTF8, "application/json") }); } catch (AuthenticationFailedException ex) { log.LogError($"Authentication Failed. {ex.Message}"); return(null); } }
/// <summary> /// CreateCertificate method implmentation /// </summary> public override X509Certificate2 CreateCertificate(string upn, int validity, out string strcert, bool generatepassword = false) { string pass = string.Empty; if (generatepassword) { pass = Utilities.CheckSumAsString(upn); } strcert = Certs.CreateSelfSignedCertificateAsString(upn.ToLower(), validity, pass); X509Certificate2 cert = new X509Certificate2(Convert.FromBase64String(strcert), pass, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet); if (Certs.RemoveSelfSignedCertificate(cert)) { return(cert); } else { return(null); } }
protected void Page_Load(object sender, EventArgs e) { certs = new Certs(); if (Request.QueryString["ImgType"] != "Multiple") { _pageURL = "http://10.1.35.247:85/LibertyIMS::/anon/Cmd%3DXmlGetRequest%3BName%3D%232b6%3BNoUI%3D1%3BF0%3D" + Request.QueryString["ItemNo"].ToString() + "%3BF2%3D" + Request.QueryString["LotNo"].ToString(); } else { if (Request.QueryString["IUrl"] != null) { _pageURL = Server.UrlDecode(Request.QueryString["IUrl"].ToString()); } else { _pageURL = Session["ImgURL"].ToString(); } } GetImage(_pageURL); }
/// <summary> /// HTTP ONLY /// </summary> /// <param name="url"></param> public static RpcClient Initialize(Uri url, string cerFilePath = null, WebProxy proxy = null) { var iocContainer = new TinyIoC.TinyIoCContainer(); iocContainer.Register <IWsDataSerializer, ProtoBufRpcDataSerializer>(new ProtoBufRpcDataSerializer(), "default"); iocContainer.Register <IRpcDataSerializer, HttpMultipartSerializer>(new HttpMultipartSerializer(), "default"); iocContainer.Register <IRpcHeadSerializer, JsonRpcHeadSerializer>(new JsonRpcHeadSerializer(), "default"); var _proxyFactory = new RpcDynamicProxyFactory(url, proxy, iocContainer); var websocketServer = ""; var client = new RpcClient(_proxyFactory, proxy, iocContainer); if (!string.IsNullOrEmpty(cerFilePath)) { if (!System.IO.File.Exists(cerFilePath)) { throw new Exception("the cer file you provided is not exists. " + Path.GetFileName(cerFilePath)); } client.AddCertForHttps(cerFilePath); } if (url.Scheme == ("https")) { websocketServer = url.AbsoluteUri.Replace("https://", "wss://"); if (!Certs.Any()) { throw new Exception("you should provide a cert when using https."); } } else { websocketServer = url.AbsoluteUri.Replace("http://", "ws://"); } var cb = new RemoteCertificateValidationCallback(client.RemoteCertificateValidationCallback); _proxyFactory.ServerCertificateValidationCallback = cb; _proxyFactory.websocketServer = websocketServer; return(client); }
protected void Page_Load(object sender, EventArgs e) { certFileName = "Cert_" + HttpContext.Current.Session.SessionID.ToString() + ".jpg"; certs = new Certs(); }
public override void WriteYaml(StreamWriter writer, AssetManager assetManager, ILoggerFactory loggerFactory, int indent = 0) { var spaces = "".PadLeft(indent); writer.Write($"{spaces}aks:\n"); spaces = "".PadLeft(indent + 2); writer.Write($"{spaces}clusterName: {ClusterName}\n"); writer.Write($"{spaces}dnsPrefix: {DnsPrefix}\n"); writer.Write($"{spaces}version: {Version}\n"); writer.Write($"{spaces}vmSize: {VmSize}\n"); writer.Write($"{spaces}nodeCount: {NodeCount}\n"); writer.Write($"{spaces}ownerUpn: {AksOwnerAadUpn}\n"); writer.Write($"{spaces}access:\n"); if (Readers?.Any() == true) { spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}readers:"); spaces = "".PadLeft(indent + 6); foreach (var aadIdentity in Readers) { writer.Write($"{spaces}name: {aadIdentity.Name}\n"); writer.Write($"{spaces}type: {aadIdentity.Type}\n"); } } if (Contributors?.Any() == true) { spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}contributors:"); spaces = "".PadLeft(indent + 6); foreach (var aadIdentity in Contributors) { writer.Write($"{spaces}name: {aadIdentity.Name}\n"); writer.Write($"{spaces}type: {aadIdentity.Type}\n"); } } if (Owners?.Any() == true) { spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}owners:"); spaces = "".PadLeft(indent + 6); foreach (var aadIdentity in Owners) { writer.Write($"{spaces}name: {aadIdentity.Name}\n"); writer.Write($"{spaces}type: {aadIdentity.Type}\n"); } } spaces = "".PadLeft(indent + 2); writer.Write($"{spaces}useDevSpaces: {UseDevSpaces}\n"); writer.Write($"{spaces}useTerraform: {UseTerraform}\n"); writer.Write($"{spaces}useIstio: {UseIstio}\n"); writer.Write($"{spaces}useCertManager: {UseCertManager}\n"); if (KeyVaultAccess?.Any() == true) { spaces = "".PadLeft(indent + 2); writer.Write($"{spaces}keyVaultAccess:\n"); foreach (var option in KeyVaultAccess) { spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}- {option}\n"); } } if (Metrics?.Any() == true) { spaces = "".PadLeft(indent + 2); writer.Write($"{spaces}metrics:\n"); foreach (var option in Metrics) { spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}- {option}\n"); } } if (Logging?.Any() == true) { spaces = "".PadLeft(indent + 2); writer.Write($"{spaces}logging:\n"); foreach (var option in Logging) { spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}- {option}\n"); } } if (Tracing?.Any() == true) { spaces = "".PadLeft(indent + 2); writer.Write($"{spaces}tracing:\n"); foreach (var option in Tracing) { spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}- {option}\n"); } } if (Ingress?.Any() == true) { spaces = "".PadLeft(indent + 2); writer.Write($"{spaces}ingress:\n"); foreach (var option in Ingress) { spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}- {option}\n"); } } if (Certs?.Any() == true) { spaces = "".PadLeft(indent + 2); writer.Write($"{spaces}certs:\n"); foreach (var cert in Certs) { spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}- name: {cert.Name}\n"); if (!string.IsNullOrEmpty(cert.Type)) { writer.Write($"{spaces} type: {cert.Type}\n"); } } } if (Secrets != null) { spaces = "".PadLeft(indent + 2); writer.Write($"{spaces}secrets:\n"); spaces = "".PadLeft(indent + 4); writer.Write($"{spaces}addContainerRegistryAccess: {Secrets.AddContainerRegistryAccess}\n"); writer.Write($"{spaces}addKeyVaultAccess: {Secrets.AddKeyVaultAccess}\n"); writer.Write($"{spaces}addAppInsightsKey: {Secrets.AddAppInsightsKey}\n"); } }