private async Task UsernamePasswordAuthenticationProviderTests()
{
// userpass auth
var path = "userpass" + Guid.NewGuid();
var prefix = "auth/" + path;
var username = "******";
var password = "******";
var authenticationInfo = new UsernamePasswordAuthenticationInfo(path, username, password);
var userPassClient = VaultClientFactory.CreateVaultClient(_vaultUri, authenticationInfo);
var authBackend = new AuthenticationBackend {
BackendType = AuthenticationBackendType.UsernamePassword, AuthenticationPath = authenticationInfo.MountPoint
};
await _authenticatedVaultClient.EnableAuthenticationBackendAsync(authBackend);
await _authenticatedVaultClient.WriteSecretAsync(prefix + "/users/" + username, new Dictionary <string, object>
{
{ "password", password },
{ "policies", "root" }
});
var authBackends = await userPassClient.GetAllEnabledAuthenticationBackendsAsync();
Assert.True(authBackends.Data.Any());
await _authenticatedVaultClient.DisableAuthenticationBackendAsync(authBackend.AuthenticationPath);
}
/// <summary>
/// Adds an <see cref="IConfigurationProvider"/> that reads configuration values from Hashicorp Vault.
/// </summary>
/// <param name="configurationBuilder">The <see cref="IConfigurationBuilder"/> to add to.</param>
/// <param name="vaultUri">The Vault uri with port.</param>
/// <param name="username">The username to use for authentication.</param>
/// <param name="password">The password to use for authentication.</param>
/// <param name="secretLocationPaths">The paths for the secrets to load.</param>
/// <returns>The <see cref="IConfigurationBuilder"/>.</returns>
public static IConfigurationBuilder AddVaultWithUserPass(
this IConfigurationBuilder configurationBuilder,
string vaultUri,
string username,
string password,
params string[] secretLocationPaths)
{
if (string.IsNullOrWhiteSpace(vaultUri))
{
throw new ArgumentException("vaultUri must be a valid URI", nameof(vaultUri));
}
if (string.IsNullOrEmpty(username))
{
throw new ArgumentException("username must not be null or empty", nameof(username));
}
if (string.IsNullOrEmpty(password))
{
throw new ArgumentException("password must not be null or empty", nameof(password));
}
var authInfo = new UsernamePasswordAuthenticationInfo(username, password);
return(AddVault(configurationBuilder, vaultUri, authInfo, secretLocationPaths));
}
public UsernamePasswordAuthenticationProvider(UsernamePasswordAuthenticationInfo userPassAuthenticationInfo, IDataAccessManager dataAccessManager, bool continueAsyncTasksOnCapturedContext = false)
{
_userPassAuthenticationInfo = userPassAuthenticationInfo;
_dataAccessManager = dataAccessManager;
_continueAsyncTasksOnCapturedContext = continueAsyncTasksOnCapturedContext;
}
