/// <summary>
/// Retrieves a new instance of a key vault certificate
/// </summary>
/// <param name="version">The version of the client to use</param>
/// <returns>A key vault certificate instance</returns>
public KeyVaultCertificates GetCertificatesClient(CertificateClientOptions.ServiceVersion version = CertificateClientOptions.ServiceVersion.V7_1)
{
var options = KeyVaultCertificates.GetOptions(version);
KeyVaultCertificates.ConfigureRetries(options, RetryMode.Exponential, MaximumRetries, Delay, MaximumDelay, NetworkTimeout);
if (EnableDiagnostics)
{
KeyVaultCertificates.ConfigureDiagnostics(options, (string.IsNullOrWhiteSpace(DiagnosticsApplicationId) ? DefaultApplicationId : DiagnosticsApplicationId), true, true, true, true, 4096);
}
return(new KeyVaultCertificates(Uri, _credential, options));
}
/// <inheritdoc />
public async Task <SecretStoreResponse <X509Certificate2> > GetCertificateAsync(string certificateName, string version = null, CancellationToken cancellationToken = default)
{
Guard.NotNullOrWhitespace(nameof(certificateName), certificateName);
var results = new SecretStoreResponse <X509Certificate2>();
if (_certificates == null)
{
using (await _control.LockAsync(cancellationToken).ConfigureAwait(false))
{
if (_certificates == null)
{
_certificates = _keyVault.GetCertificatesClient(CertificateClientOptions.ServiceVersion.V7_1);
}
}
}
var certificateResponse = await _certificates.GetAsync(certificateName, version, cancellationToken).ConfigureAwait(false);
if (certificateResponse.IsSuccess)
{
var secretId = certificateResponse.SecretId;
var elements = secretId.AbsoluteUri.Split("/", StringSplitOptions.RemoveEmptyEntries);
if (elements.Length > 2)
{
try
{
var secretVersion = elements[elements.Length - 1];
var name = elements[elements.Length - 2];
if (_secrets == null)
{
using (await _control.LockAsync(cancellationToken).ConfigureAwait(false))
{
if (_secrets == null)
{
_secrets = _keyVault.GetSecretsClient(SecretClientOptions.ServiceVersion.V7_1);
}
}
}
var secretResponse = await _secrets.GetCertificateAsync(name, secretVersion, cancellationToken).ConfigureAwait(false);
results.Exception = secretResponse.Exception;
results.IsSuccessCode = secretResponse.IsSuccess;
results.StatusCode = secretResponse.HttpStatus;
results.TimeToExecute = TimeSpan.FromMilliseconds(secretResponse.ElapsedMilliseconds);
if (secretResponse.IsSuccess)
{
results.Value = secretResponse.Value;
}
}
catch (Exception e)
{
results.Exception = e;
results.IsSuccessCode = false;
results.StatusCode = (int)HttpStatusCode.ServiceUnavailable;
results.TimeToExecute = TimeSpan.FromMilliseconds(certificateResponse.ElapsedMilliseconds);
}
}
}
else
{
results.Exception = certificateResponse.Exception;
results.IsSuccessCode = certificateResponse.IsSuccess;
results.StatusCode = certificateResponse.HttpStatus;
results.TimeToExecute = TimeSpan.FromMilliseconds(certificateResponse.ElapsedMilliseconds);
}
return(results);
}