public async Task <SecurityResult> GetPermissionsAsync(string token) { if (string.IsNullOrEmpty(token)) { return(new SecurityResult(HttpStatusCode.Unauthorized, AUTHORIZATION_HEADER_INVALID)); } var checkPermissionsUri = _options.CloudFoundryApi + "/v2/apps/" + _options.ApplicationId + "/permissions"; var request = new HttpRequestMessage(HttpMethod.Get, checkPermissionsUri); var auth = new AuthenticationHeaderValue("bearer", token); request.Headers.Authorization = auth; // If certificate validation is disabled, inject a callback to handle properly HttpClientHelper.ConfigureCertificateValidation( _options.ValidateCertificates, out var prevProtocols, out var prevValidator); try { _logger?.LogDebug("GetPermissions({0}, {1})", checkPermissionsUri, SecurityUtilities.SanitizeInput(token)); _httpClient ??= HttpClientHelper.GetHttpClient(_options.ValidateCertificates, DEFAULT_GETPERMISSIONS_TIMEOUT); using var response = await _httpClient.SendAsync(request).ConfigureAwait(false); if (response.StatusCode != HttpStatusCode.OK) { _logger?.LogInformation( "Cloud Foundry returned status: {HttpStatus} while obtaining permissions from: {PermissionsUri}", response.StatusCode, checkPermissionsUri); return(response.StatusCode == HttpStatusCode.Forbidden ? new SecurityResult(HttpStatusCode.Forbidden, ACCESS_DENIED_MESSAGE) : new SecurityResult(HttpStatusCode.ServiceUnavailable, CLOUDFOUNDRY_NOT_REACHABLE_MESSAGE)); } return(new SecurityResult(await GetPermissions(response).ConfigureAwait(false))); } catch (Exception e) { _logger?.LogError("Cloud Foundry returned exception: {SecurityException} while obtaining permissions from: {PermissionsUri}", e, checkPermissionsUri); return(new SecurityResult(HttpStatusCode.ServiceUnavailable, CLOUDFOUNDRY_NOT_REACHABLE_MESSAGE)); } finally { HttpClientHelper.RestoreCertificateValidation(_options.ValidateCertificates, prevProtocols, prevValidator); } }
protected internal async void DoPost(HttpClient client, HttpRequestMessage request) { HttpClientHelper.ConfigureCertificateValidation( options.ValidateCertificates, out SecurityProtocolType prevProtocols, out RemoteCertificateValidationCallback prevValidator); try { using (HttpResponseMessage response = await client.SendAsync(request)) { logger?.LogDebug("DoPost {0}, status: {1}", request.RequestUri, response.StatusCode); if (response.StatusCode != HttpStatusCode.OK && response.StatusCode != HttpStatusCode.Accepted) { var headers = response.Headers; var statusCode = (int)response.StatusCode; if (statusCode == UNPROCESSABLE_ENTITY) { logger?.LogError("Failed to send metrics to Metrics Forwarder service due to unprocessable payload. Discarding metrics."); } else if (statusCode == PAYLOAD_TOO_LARGE) { logger?.LogError("Failed to send metrics to Metrics Forwarder service due to rate limiting. Discarding metrics."); } else if (statusCode == TOO_MANY_REQUESTS) { logger?.LogError("Failed to send metrics to Metrics Forwarder service due to rate limiting. Discarding metrics."); } else { logger?.LogError("Failed to send metrics to Metrics Forwarder service. Discarding metrics. StatusCode: {status}", statusCode); } } return; } } catch (Exception e) { logger?.LogError(e, "DoPost Exception: {uri}", request.RequestUri); } finally { client.Dispose(); HttpClientHelper.RestoreCertificateValidation(options.ValidateCertificates, prevProtocols, prevValidator); } }
public async Task <CredHubCredential <T> > GenerateAsync <T>(CredHubGenerateRequest requestParameters) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out var protocolType, out var prevValidator); try { _logger?.LogTrace($"About to POST {_baseCredHubUrl}/v1/data"); var response = await _httpClient.PostAsJsonAsync($"{_baseCredHubUrl}/v1/data", requestParameters, SerializerOptions).ConfigureAwait(false); return(await HandleErrorParseResponse <CredHubCredential <T> >(response, $"Generate {typeof(T).Name}").ConfigureAwait(false)); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
private async Task<List<CredentialPermission>> AddPermissionsInternalAsync(string name, List<CredentialPermission> permissions) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out var protocolType, out var prevValidator); try { _logger?.LogTrace($"About to POST {_baseCredHubUrl}/v1/permissions"); var newPermissions = new CredentialPermissions { CredentialName = name, Permissions = permissions }; _ = await _httpClient.PostAsJsonAsync($"{_baseCredHubUrl}/v1/permissions", newPermissions, SerializerOptions).ConfigureAwait(false); return await GetPermissionsAsync(name).ConfigureAwait(false); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
private async Task<RegeneratedCertificates> BulkRegenerateInternalAsync(string certificateAuthority) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out var protocolType, out var prevValidator); try { _logger?.LogTrace($"About to POST {_baseCredHubUrl}/v1/bulk-regenerate"); #pragma warning disable CS0618 // Type or member is obsolete var response = await _httpClient.PostAsJsonAsync($"{_baseCredHubUrl}/v1/bulk-regenerate", new Dictionary<string, string> { { "signed_by", certificateAuthority } }).ConfigureAwait(false); #pragma warning restore CS0618 // Type or member is obsolete return await HandleErrorParseResponse<RegeneratedCertificates>(response, "Bulk Regenerate Credentials").ConfigureAwait(false); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
private async Task<CredHubCredential<T>> RegenerateInternalAsync<T>(string name) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out var protocolType, out var prevValidator); try { _logger?.LogTrace($"About to POST {_baseCredHubUrl}/v1/data"); #pragma warning disable CS0618 // Type or member is obsolete var response = await _httpClient.PostAsJsonAsync($"{_baseCredHubUrl}/v1/regenerate", new Dictionary<string, string> { { "name", name } }).ConfigureAwait(false); #pragma warning restore CS0618 // Type or member is obsolete return await HandleErrorParseResponse<CredHubCredential<T>>(response, $"Regenerate {typeof(T).Name}").ConfigureAwait(false); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
#pragma warning disable SA1202 // Elements must be ordered by access public async Task<CredHubCredential<T>> WriteAsync<T>(CredentialSetRequest credentialRequest) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out var protocolType, out var prevValidator); try { _logger?.LogTrace($"About to PUT {_baseCredHubUrl}/v1/data"); var response = await _httpClient.PutAsJsonAsync($"{_baseCredHubUrl}/v1/data", credentialRequest, SerializerOptions).ConfigureAwait(false); #pragma warning restore CS0618 // Type or member is obsolete return await HandleErrorParseResponse<CredHubCredential<T>>(response, $"Write {typeof(T).Name}").ConfigureAwait(false); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
private async Task <CredHubCredential <T> > RegenerateInternalAsync <T>(string name) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to POST {_baseCredHubUrl}/v1/data"); var response = await _httpClient.PostAsJsonAsync($"{_baseCredHubUrl}/v1/regenerate", new Dictionary <string, string> { { "name", name } }).ConfigureAwait(false); return(await HandleErrorParseResponse <CredHubCredential <T> >(response, $"Regenerate {typeof(T).Name}").ConfigureAwait(false)); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
private async Task <RegeneratedCertificates> BulkRegenerateInternalAsync(string certificateAuthority) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to POST {_baseCredHubUrl}/v1/bulk-regenerate"); var response = await _httpClient.PostAsJsonAsync($"{_baseCredHubUrl}/v1/bulk-regenerate", new Dictionary <string, string> { { "signed_by", certificateAuthority } }).ConfigureAwait(false); return(await HandleErrorParseResponse <RegeneratedCertificates>(response, "Bulk Regenerate Credentials").ConfigureAwait(false)); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
protected internal async void RefreshVaultTokenAsync(object state) { if (string.IsNullOrEmpty(Settings.Token)) { return; } var obscuredToken = Settings.Token.Substring(0, 4) + "[*]" + Settings.Token.Substring(Settings.Token.Length - 4); // If certificate validation is disabled, inject a callback to handle properly SecurityProtocolType prevProtocols = (SecurityProtocolType)0; HttpClientHelper.ConfigureCertificateValidation( _settings.ValidateCertificates, out prevProtocols, out RemoteCertificateValidationCallback prevValidator); HttpClient client = null; try { client = GetHttpClient(Settings); var uri = GetVaultRenewUri(); var message = GetValutRenewMessage(uri); _logger?.LogInformation("Renewing Vault token {0} for {1} milliseconds at Uri {2}", obscuredToken, Settings.TokenTtl, uri); using (HttpResponseMessage response = await client.SendAsync(message).ConfigureAwait(false)) { if (response.StatusCode != HttpStatusCode.OK) { _logger?.LogWarning("Renewing Vault token {0} returned status: {1}", obscuredToken, response.StatusCode); } } } catch (Exception e) { _logger?.LogError("Unable to renew Vault token {0}. Is the token invalid or expired? - {1}", obscuredToken, e); } finally { client.Dispose(); HttpClientHelper.RestoreCertificateValidation(_settings.ValidateCertificates, prevProtocols, prevValidator); } }
private async Task<CredHubClient> InitializeAsync(CredHubOptions options) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out var protocolType, out var prevValidator); try { Uri tokenUri; var uaaOverrideUrl = Environment.GetEnvironmentVariable("UAA_Server_Override"); if (string.IsNullOrEmpty(uaaOverrideUrl)) { var info = await _httpClient.GetAsync($"{_baseCredHubUrl.Replace("/api", "/info")}").ConfigureAwait(false); var infoResponse = await HandleErrorParseResponse<CredHubServerInfo>(info, "GET /info from CredHub Server").ConfigureAwait(false); tokenUri = new Uri($"{infoResponse.AuthServer.First().Value}/oauth/token"); _logger?.LogInformation($"Targeted CredHub server uses UAA server at {tokenUri}"); } else { tokenUri = new Uri(uaaOverrideUrl); _logger?.LogInformation($"UAA set by ENV variable {tokenUri}"); } // login to UAA var token = await HttpClientHelper.GetAccessToken( tokenUri, options.ClientId, options.ClientSecret, additionalParams: new Dictionary<string, string> { { "response_type", "token" } }, httpClient: _httpClient, logger: _logger); if (token is object) { // set the token _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token); return this; } else { throw new AuthenticationException($"Authentication with UAA Server failed"); } } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
#pragma warning disable SA1202 // Elements must be ordered by access public async Task <CredHubCredential <T> > WriteAsync <T>(CredentialSetRequest credentialRequest) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to PUT {_baseCredHubUrl}/v1/data"); var response = await _httpClient.PutAsJsonAsync($"{_baseCredHubUrl}/v1/data", credentialRequest, _serializerSettings); var dataAsString = await response.Content.ReadAsStringAsync(); var s = JsonConvert.DeserializeObject <CredHubCredential <T> >(dataAsString, _serializerSettings); return(await HandleErrorParseResponse <CredHubCredential <T> >(response, $"Write {typeof(T).Name}")); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
/// <summary> /// Get an access token using client_credentials grant /// </summary> /// <param name="targetUrl">full address of the token endpoint at the auth server</param> /// <returns>HttpResponse from the auth server</returns> public async Task <HttpResponseMessage> GetAccessTokenWithClientCredentials(string targetUrl) { HttpRequestMessage requestMessage = GetTokenRequestMessage(ClientCredentialsTokenRequestParameters(), targetUrl); HttpClientHelper.ConfigureCertificateValidation(_options.ValidateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); HttpResponseMessage response; try { response = await _httpClient.SendAsync(requestMessage); } finally { HttpClientHelper.RestoreCertificateValidation(_options.ValidateCertificates, protocolType, prevValidator); } return(response); }
public void ConfigureCertificateValidation_ValidateTrue() { ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls; ServicePointManager.ServerCertificateValidationCallback = null; HttpClientHelper.ConfigureCertificateValidation(true, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); if (Platform.IsNetCore) { Assert.Equal(SecurityProtocolType.Tls, ServicePointManager.SecurityProtocol); Assert.Null(ServicePointManager.ServerCertificateValidationCallback); } if (Platform.IsFullFramework) { Assert.Equal(SecurityProtocolType.Tls, ServicePointManager.SecurityProtocol); Assert.Null(ServicePointManager.ServerCertificateValidationCallback); } }
public async Task <List <FoundCredential> > FindByPathAsync(string path) { if (string.IsNullOrEmpty(path)) { throw new ArgumentException("Path is required"); } HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to GET {_baseCredHubUrl}/v1/data?path={path}"); var response = await _httpClient.GetAsync($"{_baseCredHubUrl}/v1/data?path={path}"); return((await HandleErrorParseResponse <CredentialFindResponse>(response, "Find by Path")).Credentials); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
private async Task <bool> DeletePermissionInternalAsync(string name, string actor) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out var protocolType, out var prevValidator); try { _logger?.LogTrace($"About to DELETE {_baseCredHubUrl}/v1/permissions?credential_name={name}&actor={actor}"); var response = await _httpClient.DeleteAsync($"{_baseCredHubUrl}/v1/permissions?credential_name={name}&actor={actor}").ConfigureAwait(false); if (response.StatusCode == System.Net.HttpStatusCode.NoContent || response.StatusCode == System.Net.HttpStatusCode.NotFound) { return(true); } return(false); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
public async Task <bool> DeleteByNameInternalAsync(string name) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to DELETE {_baseCredHubUrl}/v1/data?name={name}"); var response = await _httpClient.DeleteAsync($"{_baseCredHubUrl}/v1/data?name={name}").ConfigureAwait(false); if (response.StatusCode == System.Net.HttpStatusCode.NoContent || response.StatusCode == System.Net.HttpStatusCode.NotFound) { return(true); } return(false); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
public async Task <CredHubCredential <T> > GetByIdAsync <T>(Guid id) { if (id == Guid.Empty) { throw new ArgumentException("Id of credential is required"); } HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to GET {_baseCredHubUrl}/v1/data{id}"); var response = await _httpClient.GetAsync($"{_baseCredHubUrl}/v1/data/{id}"); return(await HandleErrorParseResponse <CredHubCredential <T> >(response, $"Get {typeof(T).Name} by Id")); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
public async Task <CredHubCredential <T> > GetByNameAsync <T>(string name) { if (string.IsNullOrEmpty(name)) { throw new ArgumentException("Name of credential is required"); } HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to GET {_baseCredHubUrl}/v1/data?name={name}¤t=true"); var response = await _httpClient.GetAsync($"{_baseCredHubUrl}/v1/data?name={name}¤t=true"); return((await HandleErrorParseResponse <CredHubResponse <T> >(response, $"Get {typeof(T).Name} by Name")).Data.First()); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
public async Task <List <CredentialPermission> > GetPermissionsAsync(string name) { if (string.IsNullOrEmpty(name)) { throw new ArgumentException("Name is required"); } HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to GET {_baseCredHubUrl}/v1/permissions?credential_name={name}"); var response = await _httpClient.GetAsync($"{_baseCredHubUrl}/v1/permissions?credential_name={name}"); return((await HandleErrorParseResponse <CredentialPermissions>(response, "Get Permissions")).Permissions); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
public async Task <List <CredHubCredential <T> > > GetByNameWithHistoryAsync <T>(string name, int entries = 10) { if (string.IsNullOrEmpty(name)) { throw new ArgumentException("Name is required"); } HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to GET {_baseCredHubUrl}/v1/data?name={name}&versions={entries}"); var response = await _httpClient.GetAsync($"{_baseCredHubUrl}/v1/data?name={name}&versions={entries}"); return((await HandleErrorParseResponse <CredHubResponse <T> >(response, "Get credential by name with History")).Data); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
// fire and forget #pragma warning disable S3168 // "async" methods should not return "void" protected internal async void RefreshVaultTokenAsync(object state) #pragma warning restore S3168 // "async" methods should not return "void" { if (string.IsNullOrEmpty(Settings.Token)) { return; } var obscuredToken = Settings.Token.Substring(0, 4) + "[*]" + Settings.Token.Substring(Settings.Token.Length - 4); // If certificate validation is disabled, inject a callback to handle properly HttpClientHelper.ConfigureCertificateValidation( _settings.ValidateCertificates, out var prevProtocols, out var prevValidator); try { _httpClient ??= GetHttpClient(Settings); var uri = GetVaultRenewUri(); var message = GetVaultRenewMessage(uri); _logger?.LogInformation("Renewing Vault token {0} for {1} milliseconds at Uri {2}", obscuredToken, Settings.TokenTtl, uri); using var response = await _httpClient.SendAsync(message).ConfigureAwait(false); if (response.StatusCode != HttpStatusCode.OK) { _logger?.LogWarning("Renewing Vault token {0} returned status: {1}", obscuredToken, response.StatusCode); } } catch (Exception e) { _logger?.LogError("Unable to renew Vault token {0}. Is the token invalid or expired? - {1}", obscuredToken, e); } finally { HttpClientHelper.RestoreCertificateValidation(_settings.ValidateCertificates, prevProtocols, prevValidator); } }
/// <summary> /// Perform the HTTP call to exchange an authorization code for a token /// </summary> /// <param name="code">The auth code to exchange</param> /// <param name="targetUrl">The full address of the token endpoint</param> /// <param name="cancellationToken">Your CancellationToken</param> /// <returns>The response from the remote server</returns> public async Task <HttpResponseMessage> ExchangeCodeForToken(string code, string targetUrl, CancellationToken cancellationToken) { var requestParameters = AuthCodeTokenRequestParameters(code); HttpRequestMessage requestMessage = GetTokenRequestMessage(requestParameters, targetUrl); _logger?.LogDebug("Exchanging code {code} for token at {accessTokenUrl}", code, targetUrl); HttpClientHelper.ConfigureCertificateValidation( _options.ValidateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { return(await _httpClient.SendAsync(requestMessage, cancellationToken).ConfigureAwait(false)); } finally { HttpClientHelper.RestoreCertificateValidation(_options.ValidateCertificates, protocolType, prevValidator); } }
private async Task <string> InterpolateServiceDataInternalAsync(string serviceData) { HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out var protocolType, out var prevValidator); try { _logger?.LogTrace($"About to POST {_baseCredHubUrl}/v1/interpolate"); var response = await _httpClient.PostAsync($"{_baseCredHubUrl}/v1/interpolate", new StringContent(serviceData, Encoding.Default, "application/json")).ConfigureAwait(false); if (response.IsSuccessStatusCode) { return(await response.Content.ReadAsStringAsync().ConfigureAwait(false)); } else { throw new CredHubException($"Failed to interpolate credentials, status code: {response.StatusCode}"); } } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
public async Task <CredHubCredential <T> > RegenerateAsync <T>(string name) { if (string.IsNullOrEmpty(name)) { throw new ArgumentException("Name of credential to regenerate is required"); } HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to POST {_baseCredHubUrl}/v1/data"); var response = await _httpClient.PostAsJsonAsync($"{_baseCredHubUrl}/v1/regenerate", new Dictionary <string, string> { { "name", name } }); return(await HandleErrorParseResponse <CredHubCredential <T> >(response, $"Regenerate {typeof(T).Name}")); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
public async Task <RegeneratedCertificates> BulkRegenerateAsync(string certificateAuthority) { if (string.IsNullOrEmpty(certificateAuthority)) { throw new ArgumentException("Certificate authority used for certificates is required"); } HttpClientHelper.ConfigureCertificateValidation(_validateCertificates, out SecurityProtocolType protocolType, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogTrace($"About to POST {_baseCredHubUrl}/v1/bulk-regenerate"); var response = await _httpClient.PostAsJsonAsync($"{_baseCredHubUrl}/v1/bulk-regenerate", new Dictionary <string, string> { { "signed_by", certificateAuthority } }); return(await HandleErrorParseResponse <RegeneratedCertificates>(response, "Bulk Regenerate Credentials")); } finally { HttpClientHelper.RestoreCertificateValidation(_validateCertificates, protocolType, prevValidator); } }
protected internal async Task <ConfigEnvironment> RemoteLoadAsync(string[] requestUris, string label) { // Get client if not already set if (_client == null) { _client = GetHttpClient(_settings); } Exception error = null; foreach (var requestUri in requestUris) { error = null; // Get a config server uri and username passwords to use var trimUri = requestUri.Trim(); var serverUri = _settings.GetRawUri(trimUri); string username = _settings.GetUserName(trimUri); string password = _settings.GetPassword(trimUri); // Make Config Server URI from settings var path = GetConfigServerUri(serverUri, label); // Get the request message var request = GetRequestMessage(path, username, password); // If certificate validation is disabled, inject a callback to handle properly SecurityProtocolType prevProtocols = (SecurityProtocolType)0; HttpClientHelper.ConfigureCertificateValidation(_settings.ValidateCertificates, out prevProtocols, out RemoteCertificateValidationCallback prevValidator); // Invoke config server try { using (HttpResponseMessage response = await _client.SendAsync(request).ConfigureAwait(false)) { // Log status var message = $"Config Server returned status: {response.StatusCode} invoking path: {requestUri}"; _logger?.LogInformation(WebUtility.UrlEncode(message)); if (response.StatusCode != HttpStatusCode.OK) { if (response.StatusCode == HttpStatusCode.NotFound) { return(null); } // Throw if status >= 400 if (response.StatusCode >= HttpStatusCode.BadRequest) { // HttpClientErrorException throw new HttpRequestException(message); } else { return(null); } } Stream stream = await response.Content.ReadAsStreamAsync().ConfigureAwait(false); return(Deserialize(stream)); } } catch (Exception e) { error = e; _logger?.LogError(e, "Config Server exception, path: {requestUri}", WebUtility.UrlEncode(requestUri)); if (IsContinueExceptionType(e)) { continue; } throw; } finally { HttpClientHelper.RestoreCertificateValidation(_settings.ValidateCertificates, prevProtocols, prevValidator); } } if (error != null) { throw error; } return(null); }