Exemplo n.º 1
0
        public static async Task <bool> CreateOrUpdateAppSettingAsync(string key, string value, AppSettings config = null)
        {
            try
            {
                if (config == null)
                {
                    config = SecretsProvider.GetSecrets();
                }

                var token = AzureAccessTokenProvider.GetToken(config);
                using (var client = new HttpClient())
                {
                    var name = key
                               .Replace(":", "--")
                               .Replace(".", "---");

                    name = $"{config.SecretName}--AppSettings--{name}";

                    var secret = string.Format(API.Secret, config.KeyVaultUrl, name);
                    client.DefaultRequestHeaders.Add("Authorization", token.ToString());

                    var keyVaultSecret = new KeyVaultSecret
                    {
                        Id    = secret,
                        Value = value
                    };
                    var json = JsonConvert.SerializeObject(keyVaultSecret);

                    var response = await client.PutAsync(secret, new StringContent(json, Encoding.UTF8, "application/json"));

                    if (response.IsSuccessStatusCode)
                    {
                        AppSettings[key] = value;
                        return(true);
                    }
                    else if (response.ReasonPhrase == "FORBIDDEN")
                    {
                        throw new ForbiddenKeyMasterException();
                    }
                }
            }
            catch (Exception ex)
            {
                var logger = LoggerSource.Instance.GetLogger("KeyMaster");
                logger.Error(ex.Message, ex);
                throw new KeyMasterException("Unable to delete secret", ex);
            }

            return(false);
        }
Exemplo n.º 2
0
        public static string GetConnectionString(AppSettings appsettings = null)
        {
            try
            {
                if (appsettings == null)
                {
                    appsettings = SecretsProvider.GetSecrets();
                }

                var token = AzureAccessTokenProvider.GetToken(appsettings);
                using (var client = new HttpClient())
                {
                    var secretVersions = string.Format(API.Secret, appsettings.KeyVaultUrl, appsettings.SecretName);
                    client.DefaultRequestHeaders.Add("Authorization", token.ToString());
                    var response = client.GetAsync(secretVersions).Result;
                    if (response.IsSuccessStatusCode)
                    {
                        var json   = response.Content.ReadAsStringAsync().Result;
                        var secret = JsonConvert.DeserializeObject <KeyVaultSecret>(json);

                        if (secret != null)
                        {
                            return(secret.Value);
                        }
                    }

                    throw new AzureSecretsKeyMasterException();
                }
            }
            catch (FileNotFoundException ex)
            {
                throw new KeyMasterException("Unable to find Key Master Secrets file, check logs for more details", ex);
            }
            catch (AzureSecretsKeyMasterException ex)
            {
                throw new KeyMasterException("Unable to verify Key Master secrets with Azure, check logs for more details", ex);
            }
            catch (AzureKeyMasterException ex)
            {
                var logger = LoggerSource.Instance.GetLogger("KeyMaster");
                logger.Error(JsonConvert.SerializeObject(ex.TokenError), ex);
                throw new KeyMasterException("Unable to verify Key Master secrets with Azure, check logs for more details", ex);
            }
            catch (Exception ex)
            {
                throw new KeyMasterException("Internal Key Master Error Occurred. Check the logs for more details", ex);
            }
        }
Exemplo n.º 3
0
        private static NameValueCollection GetAppSettings(AppSettings config = null)
        {
            try
            {
                if (config == null)
                {
                    config = SecretsProvider.GetSecrets();
                }

                var token = AzureAccessTokenProvider.GetToken(config);
                using (var client = new HttpClient())
                {
                    var secrets = string.Format(API.GetAllSecrets, config.KeyVaultUrl);
                    client.DefaultRequestHeaders.Add("Authorization", token.ToString());

                    var response = client.GetAsync(secrets).Result;
                    if (response.IsSuccessStatusCode)
                    {
                        var json  = response.Content.ReadAsStringAsync().Result;
                        var items = JsonConvert.DeserializeObject <KeyVaultSecretListResponse>(json);

                        if (items != null)
                        {
                            var appsettings = new NameValueCollection();

                            foreach (var secretListItem in items.Secrets
                                     .Where(x => x.Id.Split('/').LastOrDefault().StartsWith($"{config.SecretName}--AppSettings--")))
                            {
                                var current = GetSecret(secretListItem, token, config);
                                appsettings.Add(current.Key, current.Value);
                            }

                            return(appsettings);
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                throw new KeyMasterException("Unable to retrieve App Settings", ex);
            }

            throw new KeyMasterException("Azure Key Vault App Settings are empty");
        }
Exemplo n.º 4
0
        public static async Task <bool> DeleteSecretAsync(string key, AppSettings config = null)
        {
            try
            {
                if (config == null)
                {
                    config = SecretsProvider.GetSecrets();
                }

                var token = AzureAccessTokenProvider.GetToken(config);
                using (var client = new HttpClient())
                {
                    var name = key
                               .Replace(":", "--")
                               .Replace(".", "---");

                    name = $"{config.SecretName}--AppSettings--{name}";

                    var secret = string.Format(API.Secret, config.KeyVaultUrl, name);
                    client.DefaultRequestHeaders.Add("Authorization", token.ToString());

                    var response = await client.DeleteAsync(secret);

                    if (response.IsSuccessStatusCode)
                    {
                        AppSettings.Remove(key);
                        return(true);
                    }
                    else if (response.ReasonPhrase == "FORBIDDEN")
                    {
                        throw new ForbiddenKeyMasterException();
                    }
                }
            }
            catch (Exception ex)
            {
                var logger = LoggerSource.Instance.GetLogger("KeyMaster");
                logger.Error(ex.Message, ex);
                throw new KeyMasterException("Unable to delete secret", ex);
            }

            return(false);
        }
Exemplo n.º 5
0
        private static KeyValuePair <string, string> GetSecret(KeyVaultSecretListItem item, AccessTokenResponse token = null, AppSettings config = null)
        {
            if (config == null)
            {
                config = SecretsProvider.GetSecrets();
            }

            if (token == null)
            {
                token = AzureAccessTokenProvider.GetToken(config);
            }

            try
            {
                using (var client = new HttpClient())
                {
                    client.DefaultRequestHeaders.Add("Authorization", token.ToString());
                    var secretResponse = client.GetAsync($"{item.Id}?{API.ApiVersion}").Result;
                    if (secretResponse.IsSuccessStatusCode)
                    {
                        var secretJson = secretResponse.Content.ReadAsStringAsync().Result;
                        var secret     = JsonConvert.DeserializeObject <KeyVaultSecret>(secretJson);

                        var name = item.Id
                                   .Split('/').LastOrDefault()
                                   .Replace($"{config.SecretName}--AppSettings--", string.Empty)
                                   .Replace("---", ".")
                                   .Replace("--", ":");

                        return(new KeyValuePair <string, string>(name, secret.Value));
                    }
                }
            }
            catch (Exception ex)
            {
                throw new AzureSecretsKeyMasterException();
            }

            throw new AzureSecretsKeyMasterException(item.Id.Split('/').LastOrDefault());
        }