Exemplo n.º 1
0
        /// <summary>
        /// Retrieves a new instance of a key vault certificate
        /// </summary>
        /// <param name="version">The version of the client to use</param>
        /// <returns>A key vault certificate instance</returns>
        public KeyVaultCertificates GetCertificatesClient(CertificateClientOptions.ServiceVersion version = CertificateClientOptions.ServiceVersion.V7_1)
        {
            var options = KeyVaultCertificates.GetOptions(version);

            KeyVaultCertificates.ConfigureRetries(options, RetryMode.Exponential, MaximumRetries, Delay, MaximumDelay, NetworkTimeout);

            if (EnableDiagnostics)
            {
                KeyVaultCertificates.ConfigureDiagnostics(options, (string.IsNullOrWhiteSpace(DiagnosticsApplicationId) ? DefaultApplicationId : DiagnosticsApplicationId), true, true, true, true, 4096);
            }

            return(new KeyVaultCertificates(Uri, _credential, options));
        }
        /// <inheritdoc />
        public async Task <SecretStoreResponse <X509Certificate2> > GetCertificateAsync(string certificateName, string version = null, CancellationToken cancellationToken = default)
        {
            Guard.NotNullOrWhitespace(nameof(certificateName), certificateName);

            var results = new SecretStoreResponse <X509Certificate2>();

            if (_certificates == null)
            {
                using (await _control.LockAsync(cancellationToken).ConfigureAwait(false))
                {
                    if (_certificates == null)
                    {
                        _certificates = _keyVault.GetCertificatesClient(CertificateClientOptions.ServiceVersion.V7_1);
                    }
                }
            }

            var certificateResponse = await _certificates.GetAsync(certificateName, version, cancellationToken).ConfigureAwait(false);

            if (certificateResponse.IsSuccess)
            {
                var secretId = certificateResponse.SecretId;

                var elements = secretId.AbsoluteUri.Split("/", StringSplitOptions.RemoveEmptyEntries);

                if (elements.Length > 2)
                {
                    try
                    {
                        var secretVersion = elements[elements.Length - 1];
                        var name          = elements[elements.Length - 2];

                        if (_secrets == null)
                        {
                            using (await _control.LockAsync(cancellationToken).ConfigureAwait(false))
                            {
                                if (_secrets == null)
                                {
                                    _secrets = _keyVault.GetSecretsClient(SecretClientOptions.ServiceVersion.V7_1);
                                }
                            }
                        }

                        var secretResponse = await _secrets.GetCertificateAsync(name, secretVersion, cancellationToken).ConfigureAwait(false);

                        results.Exception     = secretResponse.Exception;
                        results.IsSuccessCode = secretResponse.IsSuccess;
                        results.StatusCode    = secretResponse.HttpStatus;
                        results.TimeToExecute = TimeSpan.FromMilliseconds(secretResponse.ElapsedMilliseconds);
                        if (secretResponse.IsSuccess)
                        {
                            results.Value = secretResponse.Value;
                        }
                    }
                    catch (Exception e)
                    {
                        results.Exception     = e;
                        results.IsSuccessCode = false;
                        results.StatusCode    = (int)HttpStatusCode.ServiceUnavailable;
                        results.TimeToExecute = TimeSpan.FromMilliseconds(certificateResponse.ElapsedMilliseconds);
                    }
                }
            }
            else
            {
                results.Exception     = certificateResponse.Exception;
                results.IsSuccessCode = certificateResponse.IsSuccess;
                results.StatusCode    = certificateResponse.HttpStatus;
                results.TimeToExecute = TimeSpan.FromMilliseconds(certificateResponse.ElapsedMilliseconds);
            }

            return(results);
        }