/// <summary>
/// Reads the Secret from the Engine
/// </summary>
/// <param name="engine"></param>
/// <param name="secretPath"></param>
/// <returns></returns>
private async Task <(bool isSuccess, KV2Secret theSecret)> ReadSecret(KV2SecretEngine engine, string secretPath)
{
try
{
KV2Secret secret = await engine.ReadSecret <KV2Secret>(secretPath);
return(true, secret);
}
catch (VaultForbiddenException e)
{
return(false, null);
}
}
/// <summary>
/// Performs tasks that the teen wants to to.
/// </summary>
/// <returns></returns>
private async Task Perform_TeenTasks()
{
// We cannot use the Vault Agent _masterVaultAgent, since it has the Master Token tied to it. We will create a new VaultAgent and SecretEngine for use during this Task, which will have our
// Mother role token AND not the master Token.
// So, we wire up a new Vault, AppRole and Secret Engines AND use them throughout this routine.
VaultAgentAPI vault = new VaultAgentAPI("TeenConnector", _masterVaultAgent.Uri);
AppRoleAuthEngine authEngine = (AppRoleAuthEngine)vault.ConnectAuthenticationBackend(EnumBackendTypes.A_AppRole, _AppBEName, _AppBEName);
KV2SecretEngine secretEngine =
(KV2SecretEngine)vault.ConnectToSecretBackend(EnumSecretBackendTypes.KeyValueV2, _beKV2Name, _beKV2Name);
// Login.
Token token = await authEngine.Login(roleTeenager.RoleID, _sidTeenager.ID);
// Should be able to load the House Secret. But not updated it.
KV2Secret a = await secretEngine.ReadSecret <KV2Secret>(HOUSE.HOUSE_PATH);
a.Attributes["Electric"] = "No";
// Should Fail
bool rc = await SaveSecret(secretEngine, a);
// Should NOT be able to read anything in the Toddler's Bedroom
(bool rcB, KV2Secret b) = await ReadSecret(secretEngine, HOUSE.TODDLER_BEDROOM);
// Should be able to read and update the Kitchen secret
(bool rcK, KV2Secret k) = await ReadSecret(secretEngine, HOUSE.KITCHEN);
k.Attributes["Carrots"] = "Need";
rcK = await SaveSecret(secretEngine, k);
// Should be able to read and update the Fridge
(bool rcR, KV2Secret r) = await ReadSecret(secretEngine, HOUSE.REFRIGERATOR);
k.Attributes["Cold"] = "True";
rcR = await SaveSecret(secretEngine, r);
// Should have no writes to the Dishwasher
(bool rcD, KV2Secret d) = await ReadSecret(secretEngine, HOUSE.DISHWASHER);
}
/// <summary>
/// Perform tasks the mother wants to do
/// </summary>
/// <returns></returns>
private async Task Perform_MotherTasks()
{
// We cannot use the Vault Agent _masterVaultAgent, since it has the Master Token tied to it. We will create a new VaultAgent and SecretEngine for use during this Task, which will have our
// Mother role token AND not the master Token.
// So, we wire up a new Vault, AppRole and Secret Engines AND use them throughout this routine.
VaultAgentAPI vault = new VaultAgentAPI("MotherConnector", _masterVaultAgent.Uri);
AppRoleAuthEngine authEngine = (AppRoleAuthEngine)vault.ConnectAuthenticationBackend(EnumBackendTypes.A_AppRole, _AppBEName, _AppBEName);
KV2SecretEngine secretEngine =
(KV2SecretEngine)vault.ConnectToSecretBackend(EnumSecretBackendTypes.KeyValueV2, _beKV2Name, _beKV2Name);
// Login.
Token token = await authEngine.Login(roleMother.RoleID, _sidMother.ID);
// Load the house secret, modify it and save it.
KV2Secret a = await secretEngine.ReadSecret <KV2Secret>(HOUSE.HOUSE_PATH);
a.Attributes.Add("Electric", "Yes");
await SaveSecret(secretEngine, a);
// Create the Kitchen
KV2Secret b = new KV2Secret(HOUSE.KITCHEN);
b.Attributes.Add("Dishwasher", "Yes");
await SaveSecret(secretEngine, b);
// Refrigerator
KV2Secret c = new KV2Secret(HOUSE.REFRIGERATOR);
c.Attributes.Add("Milk", "Chocolate");
c.Attributes.Add("Cheese", "American");
await SaveSecret(secretEngine, c);
// DishWasher
KV2Secret c1 = new KV2Secret(HOUSE.DISHWASHER);
c1.Attributes.Add("Drawers", "3");
await SaveSecret(secretEngine, c1);
// Garage
KV2Secret d = new KV2Secret(HOUSE.GARAGE);
d.Attributes.Add("Car", "Porsche");
await SaveSecret(secretEngine, d);
// Master Bedroom
KV2Secret e = new KV2Secret(HOUSE.MASTER_BEDROOM);
e.Attributes.Add("Safe", "Yes");
await SaveSecret(secretEngine, e);
// Teen Bedroom
KV2Secret f = new KV2Secret(HOUSE.TEEN_BEDROOM);
f.Attributes.Add("CarPoster", "Yes");
await SaveSecret(secretEngine, f);
// Toddler Bedroom
KV2Secret g = new KV2Secret(HOUSE.TODDLER_BEDROOM);
g.Attributes.Add("BabyMonitor", "On");
await SaveSecret(secretEngine, g);
}
/// <summary>
/// Reusable method that updates the provided secret and then returns the updated version.
/// </summary>
/// <param name="secret"></param>
/// <returns></returns>
private async Task <KV2Secret> UpdateSecretRandom(KV2Secret secret)
{
secret.Attributes.Add(_uniqueKeys.GetKey("attr"), "val");
Assert.True(await _rootEng.SaveSecret(secret, KV2EnumSecretSaveOptions.OnlyOnExistingVersionMatch, secret.Version), "UpdateSecretRandom: Failed to save correctly.");
return(await _rootEng.ReadSecret(secret));
}