public void ConfigureSecretStore_WithUniqueNames_Succeeds()
{
// Arrange
var name1 = $"name-{Guid.NewGuid()}";
var stubProvider1 = new InMemorySecretProvider();
var name2 = $"name-{Guid.NewGuid()}";
var stubProvider2 = new InMemorySecretProvider();
var builder = new HostBuilder();
// Act
builder.ConfigureSecretStore((config, stores) =>
{
stores.AddProvider(stubProvider1, options => options.Name = name1)
.AddProvider(stubProvider2, options => options.Name = name2);
});
// Assert
using (IHost host = builder.Build())
{
var secretStore = host.Services.GetRequiredService <ISecretStore>();
Assert.Same(stubProvider1, secretStore.GetProvider(name1));
Assert.Same(stubProvider2, secretStore.GetProvider <InMemorySecretProvider>(name2));
}
}
public async Task ConfigureSecretStore_WithoutFoundSecretProvider_ThrowsException()
{
// Arrange
var builder = new HostBuilder();
var emptyProvider = new InMemorySecretProvider();
// Act
builder.ConfigureSecretStore((config, stores) => stores.AddProvider(emptyProvider));
// Assert
IHost host = builder.Build();
var provider = host.Services.GetRequiredService <ISecretProvider>();
await Assert.ThrowsAsync <SecretNotFoundException>(() => provider.GetSecretAsync("ignored-key"));
}
public async Task ConfigureSecretStore_WithNotPermittedRole_CantAccess(Role permittedRole, Role currentRole)
{
// Arrange
const string secretKey = "MySecret";
var stubProvider = new InMemorySecretProvider(secretKey, $"secret-{Guid.NewGuid()}");
IRoleAuthorization authorization = new FixedRoleAuthorization(currentRole);
IHostBuilder builder = new HostBuilder().ConfigureServices(services => services.AddSingleton(authorization));
// Act
builder.ConfigureSecretStore((config, stores) =>
{
stores.AddProvider(new InMemorySecretProvider())
.AuthorizedWithin(permittedRole, x => x.AddProvider(stubProvider));
});
// Assert
IHost host = builder.Build();
var provider = host.Services.GetRequiredService <ISecretProvider>();
await Assert.ThrowsAsync <AuthorizationException>(() => provider.GetRawSecretAsync(secretKey));
}
public async Task ConfigureSecretStore_WithInvalidExceptionFilter_CatchesGeneral()
{
// Arrange
var stubProvider = new InMemorySecretProvider();
var builder = new HostBuilder();
// Act
builder.ConfigureSecretStore((config, stores) =>
{
stores.AddCriticalException <CryptographicException>(
ex => throw new Exception("Throw something to let the exception filter fail"));
stores.AddProvider(stubProvider);
});
// Assert
IHost host = builder.Build();
var provider = host.Services.GetRequiredService <ISecretProvider>();
await Assert.ThrowsAsync <SecretNotFoundException>(() => provider.GetRawSecretAsync("some secret name"));
}
public void ConfigureSecretStore_WithoutNamedProviderT_Fails()
{
// Arrange
var stubProvider1 = new InMemorySecretProvider();
var stubProvider2 = new InMemorySecretProvider();
var builder = new HostBuilder();
// Act
builder.ConfigureSecretStore((config, stores) =>
{
stores.AddProvider(stubProvider1)
.AddProvider(stubProvider2);
});
// Assert
using (IHost host = builder.Build())
{
var store = host.Services.GetRequiredService <ISecretStore>();
Assert.Throws <KeyNotFoundException>(() => store.GetCachedProvider <InMemoryCachedSecretProvider>("some ignored name"));
}
}
public void ConfigureSecretStore_WithoutCachedProviderT_FailsWhenRetrievedCachedProvider()
{
// Arrange
var name = $"provider-{Guid.NewGuid()}";
var stubProvider1 = new InMemorySecretProvider();
var stubProvider2 = new InMemoryCachedSecretProvider();
var builder = new HostBuilder();
// Act
builder.ConfigureSecretStore((config, stores) =>
{
stores.AddProvider(stubProvider1, options => options.Name = name)
.AddProvider(stubProvider2);
});
// Assert
using (IHost host = builder.Build())
{
var store = host.Services.GetRequiredService <ISecretStore>();
Assert.Throws <NotSupportedException>(() => store.GetCachedProvider <InMemoryCachedSecretProvider>(name));
}
}
public void ConfigureSecretStore_WithNamedProviderT_RetrievedCorrectProvider()
{
// Arrange
var name = $"provider-{Guid.NewGuid()}";
var stubProvider1 = new InMemorySecretProvider();
var stubProvider2 = new InMemorySecretProvider();
var builder = new HostBuilder();
// Act
builder.ConfigureSecretStore((config, stores) =>
{
stores.AddProvider(stubProvider1, options => options.Name = name)
.AddProvider(stubProvider2);
});
// Assert
using (IHost host = builder.Build())
{
var store = host.Services.GetRequiredService <ISecretStore>();
var actual = store.GetProvider <InMemorySecretProvider>(name);
Assert.Same(stubProvider1, actual);
Assert.NotSame(stubProvider2, actual);
}
}
