/// <summary> /// Creates a Vault instance and connects it with either the default testing token or the specified token /// </summary> /// <param name="name">Name to be given to this Vault object</param> /// <param name="overrideToken">The TokenId to use if you do not wish to use the default testing token</param> /// <returns></returns> public static async Task <VaultAgentAPI> ConnectVault(string name, string overrideToken = "") { vaultURI = new Uri("http://" + ipAddress + ":" + ipPort); VaultAgentAPI vault = new VaultAgentAPI(name, vaultURI); string thisToken; if (overrideToken != string.Empty) { thisToken = overrideToken; } else { thisToken = rootToken; } TokenLoginConnector loginConnector = new TokenLoginConnector(vault, "Testing", thisToken, TokenAuthEngine.TOKEN_DEFAULT_MOUNT_NAME); bool success = await loginConnector.Connect(); if (!success) { throw new ApplicationException("Error connecting to the Vault Instance using Token " + thisToken); } return(vault); }
public async Task TokenLogin_InvalidToken() { // Load engine and create a token VaultAgentAPI vault = new VaultAgentAPI("LoginConnVault", VaultServerRef.vaultURI); // TODO this test is not valid. We kind of already test it, because every Test requires a connection to Vault which we do in the VaultServerSetup Class. TokenLoginConnector tlc = new TokenLoginConnector(vault, "Token Connector"); tlc.TokenId = "bbnbb"; bool success = await tlc.Connect(); Assert.IsFalse(success); /* * * * TokenAuthEngine tokenAuthEngine = (TokenAuthEngine)_vault.ConnectAuthenticationBackend(EnumBackendTypes.A_Token); * * TokenNewSettings tokenSettings = new TokenNewSettings(); * tokenSettings.Name = "Test"; * tokenSettings.IsRenewable = false; * tokenSettings.NumberOfUses = 4; * * Token token = await tokenAuthEngine.CreateToken(tokenSettings); * TokenLoginConnector lc = new TokenLoginConnector(_vault,tokenAuthEngine.MountPoint,tokenAuthEngine.Name); * lc.TokenId = token.ID; * Assert.IsTrue(await lc.Connect()); */ Assert.IsTrue(true); }
public async Task TokenLogin_ValidToken() { TokenLoginConnector tlc = new TokenLoginConnector(_vault, "Token Connector Good"); tlc.TokenId = VaultServerRef.rootToken; bool success = await tlc.Connect(); Assert.IsTrue(success); }
public async Task Run() { TokenLoginConnector loginConnector = new TokenLoginConnector(_vault, "ClientSysBE", _token, TokenAuthEngine.TOKEN_DEFAULT_MOUNT_NAME); bool success = await loginConnector.Connect(); _vaultSystemBackend = new VaultSystemBackend(_vault.TokenID, _vault); await PolicyCreateExamples(); await PolicyReadExamples(); await PolicyListExamples(); await PolicyDeleteExamples(); }
public async Task NormalLogin() { // SETUP // We need our own vault since we will be manipulating the token value VaultAgentAPI ourVault = await VaultServerRef.ConnectVault("TokenTest"); TokenAuthEngine ourTokenAuthEngine = (TokenAuthEngine)ourVault.ConnectAuthenticationBackend(EnumBackendTypes.A_Token); // Need a Token Role so we can autogenerate a token TokenRole tokenRole = new TokenRole(); UniqueKeys UK = new UniqueKeys("", ""); // Unique Key generator tokenRole.Name = UK.GetKey(); await ourTokenAuthEngine.SaveTokenRole(tokenRole); string tokenName = "Name" + tokenRole.Name; TokenNewSettings tokenNewSettings = new TokenNewSettings() { Name = tokenName, NumberOfUses = 6, NoParentToken = true, RoleName = tokenRole.Name }; Token token = await ourTokenAuthEngine.CreateToken(tokenNewSettings); Assert.NotNull(token, "A10: Expected to receive the new token back, instead we received a null value."); // Read the token we just created. //Token token = await _tokenAuthEngine.GetTokenWithID(tokenID); Assert.IsNotNull(token, "A20: No Token returned. Was expecting one."); VaultAgentAPI vault2 = await VaultServerRef.ConnectVault("TokenLoginTest"); TokenLoginConnector loginConnector = new TokenLoginConnector(vault2, "test"); loginConnector.TokenId = token.ID; Assert.IsTrue(await loginConnector.Connect(), "A30: Login Failed"); }
public async Task Setup() { string rootToken = "tokenA"; string ip = "127.0.0.1"; int port = 47002; Uri vaultURI = new Uri("http://" + ip + ":" + port); // Connect to Vault, add an authentication backend of AppRole. _vaultAgent = new VaultAgentAPI("Vault", vaultURI); TokenLoginConnector loginConnector = new TokenLoginConnector(_vaultAgent, "Token Authenticator", rootToken); await CreateBackendMounts(); _appRoleAuthEngine = (AppRoleAuthEngine)_vaultAgent.ConnectAuthenticationBackend(EnumBackendTypes.A_AppRole, _beAuthName, _beAuthName); _secretEngine = (KV2SecretEngine)_vaultAgent.ConnectToSecretBackend(EnumSecretBackendTypes.KeyValueV2, "Benchmarking KV2 Secrets", _beKV2Name); await SetupRoles(); }
public async Task Run(bool runRotateTest = false, bool runRekeyTest = true) { TokenLoginConnector loginConnector = new TokenLoginConnector(_vault, "ClientSysBE", TokenAuthEngine.TOKEN_DEFAULT_MOUNT_NAME); bool success = await loginConnector.Connect(); TB = (TransitSecretEngine)_vault.ConnectToSecretBackend(VaultAgent.Backends.System.EnumSecretBackendTypes.Transit, "transit", "transit"); try { Console.WriteLine("Running thru Vault TransitSecretEngine exercises."); string eKey = Guid.NewGuid().ToString(); // Create an Encryption Key: //Run_CreateKey("keyA"); //await Run_DeleteKey(); //await Run_BulkOps(); // List Keys List <string> transitKeys = await Run_ListKeys(); // Read a key await Run_ReadKey(eKey); // Encrypt Single Item Console.WriteLine("Encrypting a single item."); await Run_EncryptData(eKey); } catch (Exception e) { Console.WriteLine("Errors - {0}", e.Message); Console.WriteLine(" Full Exception is:"); Console.WriteLine(e.ToString()); } }
public static async Task Main(string[] args) { string rootToken; string ip; int port; // Use local dev server. rootToken = "tokenA"; ip = "127.0.0.1"; port = 16100; // Connect to Vault, add an authentication backend of AppRole. Uri vaultURI = new Uri("http://" + ip + ":" + port); VaultAgentAPI vaultAgent = new VaultAgentAPI("VaultClient", vaultURI); TokenLoginConnector loginConnector = new TokenLoginConnector(vaultAgent, "Client", rootToken, TokenAuthEngine.TOKEN_DEFAULT_MOUNT_NAME); bool success = await loginConnector.Connect(); //VaultAgentAPI vaultAgent = await VaultServerRef.ConnectVault("AppRoleVault"); //new VaultAgentAPI("Vault", ip, port, rootToken, true); InitiateVault initiateVault = new InitiateVault(vaultAgent); await initiateVault.WipeVault(); await initiateVault.InitialSetup(); // This Client Requires AD Credentials string config = await initiateVault.GetConfig(); await initiateVault.Login(); // Run the Policy Secret Tutorial Example PolicyRoleSecurityExample policySecretExample = new PolicyRoleSecurityExample(vaultAgent); await policySecretExample.Run(); // Sample Scenarios determine which of the below to run. // 1 = Optimize Scenario // 2 = AppRole Scenario // 3 = System Backend Scenario // 4 = Transit Scenario int runSampleScenario = 4; // Perform optimize tests switch (runSampleScenario) { case 1: OptimizeTests optimize = new OptimizeTests(vaultAgent); await optimize.Run(); break; case 2: VC_AppRoleAuthEngine roleBE = new VC_AppRoleAuthEngine(vaultAgent); await roleBE.Run(); break; case 3: // System Backend Examples: VaultClient_SystemBackend sysBE = new VaultClient_SystemBackend(rootToken, ip, port); await sysBE.Run(); break; case 4: // Transit Backend string transitDB = "transit"; VaultClient_TransitBackend transit = new VaultClient_TransitBackend(rootToken, ip, port, transitDB); await transit.Run(); break; } Console.WriteLine("Finished with all sample runs."); Console.WriteLine(" -- Press any key to exit program."); Console.ReadKey(); }