private void StoreVaultParameters(
Hashtable vaultInfo,
string vaultName,
Hashtable parameters)
{
var parametersName = string.Empty;
if (parameters != null)
{
// Generate unique name for parameters based on vault name.
// e.g., "_SPT_Parameters_VaultName_"
parametersName = ScriptParamTag + vaultName + "_";
// Store parameters in built-in local secure vault.
int errorCode = 0;
if (!LocalSecretStore.WriteObject(
name: parametersName,
parameters,
ref errorCode))
{
var msg = string.Format(
CultureInfo.InvariantCulture,
"Unable to register vault extension because writing script parameters to the built-in local store failed with error: {0}",
LocalSecretStore.GetErrorMessage(errorCode));
ThrowTerminatingError(
new ErrorRecord(
new PSInvalidOperationException(msg),
"RegisterSecretsVaultCannotSaveParameters",
ErrorCategory.WriteError,
this));
}
}
// Add parameters store name to the vault registry information.
vaultInfo.Add(
key: ExtensionVaultModule.VaultParametersStr,
value: parametersName);
}
protected override void EndProcessing()
{
if (ParameterSetName == SecureStringParameterSet)
{
Secret = SecureStringSecret;
}
var secretToWrite = (Secret is PSObject psObject) ? psObject.BaseObject : Secret;
// Add to specified vault.
if (!string.IsNullOrEmpty(Vault) &&
!Vault.Equals(RegisterSecretsVaultCommand.BuiltInLocalVault, StringComparison.OrdinalIgnoreCase))
{
var extensionModule = GetExtensionVault(Vault);
// If NoClobber is selected, then check to see if it already exists.
if (NoClobber)
{
var result = extensionModule.InvokeGetSecret(
name: Name,
cmdlet: this);
if (result != null)
{
var msg = string.Format(CultureInfo.InvariantCulture,
"A secret with name {0} already exists in vault {1}", Name, Vault);
ThrowTerminatingError(
new ErrorRecord(
new PSInvalidOperationException(msg),
"AddSecretAlreadyExists",
ErrorCategory.ResourceExists,
this));
}
}
// Add new secret to vault.
extensionModule.InvokeSetSecret(
name: Name,
secret: secretToWrite,
cmdlet: this);
return;
}
// Add to default built-in vault (after NoClobber check).
int errorCode = 0;
if (NoClobber)
{
if (LocalSecretStore.ReadObject(
name: Name,
out object _,
ref errorCode))
{
var msg = string.Format(CultureInfo.InvariantCulture,
"A secret with name {0} already exists in the local default vault", Name);
ThrowTerminatingError(
new ErrorRecord(
new PSInvalidOperationException(msg),
"AddSecretAlreadyExists",
ErrorCategory.ResourceExists,
this));
}
}
errorCode = 0;
if (!LocalSecretStore.WriteObject(
name: Name,
objectToWrite: secretToWrite,
ref errorCode))
{
var errorMessage = LocalSecretStore.GetErrorMessage(errorCode);
var msg = string.Format(CultureInfo.InvariantCulture,
"The secret could not be written to the local default vault. Error: {0}", errorMessage);
ThrowTerminatingError(
new ErrorRecord(
new PSInvalidOperationException(msg),
"AddSecretCannotWrite",
ErrorCategory.WriteError,
this));
}
else
{
WriteVerbose(
string.Format("Secret {0} was successfully added to vault {1}.", Name, RegisterSecretsVaultCommand.BuiltInLocalVault));
}
}