public void BothCredentialTypesDefined_Throw() { // Arrange CertificateDescription certificateDescription = CertificateDescription.FromBase64Encoded("encoded"); MicrosoftIdentityOptions microsoftIdentityOptions = new MicrosoftIdentityOptions { Authority = TestConstants.AuthorityCommonTenant, ClientId = TestConstants.ConfidentialClientId, ClientCertificates = new CertificateDescription[] { certificateDescription }, }; ConfidentialClientApplicationOptions options = new ConfidentialClientApplicationOptions { ClientSecret = "some secret", }; // Act MicrosoftIdentityOptionsValidation microsoftIdentityOptionsValidation = new MicrosoftIdentityOptionsValidation(); Action credentialAction = () => microsoftIdentityOptionsValidation.ValidateEitherClientCertificateOrClientSecret(options.ClientSecret, microsoftIdentityOptions.ClientCertificates); // Assert var exception = Assert.Throws <MsalClientException>(credentialAction); Assert.Equal( string.Format(CultureInfo.InvariantCulture, "Both Client secret & client certificate, " + "cannot be included in the configuration of the web app when calling a web API. "), exception.Message); Assert.Equal("duplicate_client_credentials", exception.ErrorCode); }
private static void RegisterAuthenticationServicesWithCertificate( IServiceCollection services, IConfiguration configuration, AuthenticationOptions authenticationOptions, AzureADOptions azureADOptions) { services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddMicrosoftIdentityWebApi( options => { options.Authority = $"{azureADOptions.Instance}{azureADOptions.TenantId}/v2.0"; options.SaveToken = true; options.TokenValidationParameters.ValidAudiences = AuthenticationServiceCollectionExtensions.GetValidAudiences(authenticationOptions); options.TokenValidationParameters.AudienceValidator = AuthenticationServiceCollectionExtensions.AudienceValidator; options.TokenValidationParameters.ValidIssuers = AuthenticationServiceCollectionExtensions.GetValidIssuers(authenticationOptions); }, microsoftIdentityOptions => { configuration.Bind("AzureAd", microsoftIdentityOptions); microsoftIdentityOptions.ClientCertificates = new CertificateDescription[] { CertificateDescription.FromKeyVault(configuration.GetValue <string>("KeyVault:Url"), configuration.GetValue <string>("GraphAppCertName")), }; }) .EnableTokenAcquisitionToCallDownstreamApi( confidentialClientApplicationOptions => { configuration.Bind("AzureAd", confidentialClientApplicationOptions); }) .AddInMemoryTokenCaches(); }
internal static MockupJsonModel CreateMockupJsonModel( int nodeTypeCount, int vmInstancePerNodeType, List <SettingsSectionDescription> fabricSettings, Security security = null, EncryptableDiagnosticStoreInformation diagnosticsStore = null, CertificateDescription certificate = null, DiagnosticsStorageAccountConfig diagnosticsStorageAccountConfig = null) { MockupJsonModel jsonModel = new MockupJsonModel(); jsonModel.Name = "TestJsonConfig"; jsonModel.ClusterConfigurationVersion = "1.0.0"; jsonModel.ApiVersion = "2016-09-26"; jsonModel.Nodes = new List <NodeDescription>(); jsonModel.Properties = new MockupProperty(); jsonModel.Properties.DiagnosticsStore = diagnosticsStore; jsonModel.Properties.FabricSettings = fabricSettings; jsonModel.Properties.Security = security; jsonModel.Properties.NodeTypes = new List <NodeTypeDescription>(); jsonModel.Properties.DiagnosticsStorageAccountConfig = diagnosticsStorageAccountConfig; for (int i = 0; i < nodeTypeCount; i++) { jsonModel.Properties.NodeTypes.Add(CreateNodeType("NodeType" + i, vmInstancePerNodeType, i == 0)); } for (int j = 0; j < vmInstancePerNodeType * nodeTypeCount; j++) { jsonModel.Nodes.Add(CreateNodeDescription("Node" + j, "NodeType0", "localhost", "fd:/dc1/r0", "UD0")); } return(jsonModel); }
public void TestLoadAllCertificates( CertificateSource certificateSource, string container, string referenceOrValue) { List <CertificateDescription> certDescriptions = CreateCertificateDescriptions( certificateSource, container, referenceOrValue).ToList(); certDescriptions.Add(new CertificateDescription { SourceType = certificateSource, Container = container, ReferenceOrValue = referenceOrValue, }); certDescriptions.Add(CertificateDescription.FromCertificate(null)); IEnumerable <X509Certificate2> certificates = DefaultCertificateLoader.LoadAllCertificates(certDescriptions); Assert.NotNull(certificates); Assert.Equal(2, certificates.Count()); Assert.Equal(3, certDescriptions.Count); Assert.Equal("CN=ACS2ClientCertificate", certificates.First().Issuer); Assert.Equal("CN=ACS2ClientCertificate", certificates.Last().Issuer); Assert.Null(certDescriptions.ElementAt(2).Certificate); }
internal void InternalValidateClusterCertUpdateTest( string originalThumbprint, string originalSecondaryThumbprint, string updatedThumbprint, string updatedSecondaryThumbprint, ClusterManagementErrorCode?expectedErrorCode = null) { CertificateDescription currentCert = new CertificateDescription() { Thumbprint = originalThumbprint, ThumbprintSecondary = originalSecondaryThumbprint, }; CertificateDescription updatedCert = new CertificateDescription() { Thumbprint = updatedThumbprint, ThumbprintSecondary = updatedSecondaryThumbprint, }; Utility.ValidateExpectedValidationException( delegate { StandaloneSettingsValidator.ValidateClusterCertificateUpdate( new X509() { ClusterCertificate = currentCert }, new X509() { ClusterCertificate = updatedCert }, new StandAloneTraceLogger("StandAloneDeploymentManager")); }, expectedErrorCode); }
internal void VerifyFlow_ReplaceThumbprint(CertificateDescription currentCert, CertificateDescription targetCert, List <CertificateClusterUpgradeStep> steps) { Assert.AreEqual(3, steps.Count); CertificateClusterUpgradeStep step = steps[0]; Assert.AreEqual(2, step.ThumbprintWhiteList.Count); Assert.IsTrue(step.ThumbprintWhiteList.Contains(currentCert.Thumbprint) && step.ThumbprintWhiteList.Contains(targetCert.Thumbprint)); Assert.AreEqual(currentCert.Thumbprint, step.ThumbprintLoadList.Thumbprint); Assert.IsNull(step.ThumbprintLoadList.ThumbprintSecondary); Assert.AreEqual(currentCert.Thumbprint, step.ThumbprintFileStoreSvcList.Thumbprint); Assert.IsNull(step.ThumbprintFileStoreSvcList.ThumbprintSecondary); step = steps[1]; Assert.AreEqual(2, step.ThumbprintWhiteList.Count); Assert.IsTrue(step.ThumbprintWhiteList.Contains(currentCert.Thumbprint) && step.ThumbprintWhiteList.Contains(targetCert.Thumbprint)); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintLoadList.Thumbprint); Assert.IsNull(step.ThumbprintLoadList.ThumbprintSecondary); Assert.AreEqual(currentCert.Thumbprint, step.ThumbprintFileStoreSvcList.Thumbprint); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintFileStoreSvcList.ThumbprintSecondary); step = steps[2]; Assert.AreEqual(1, step.ThumbprintWhiteList.Count); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintWhiteList[0]); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintLoadList.Thumbprint); Assert.IsNull(step.ThumbprintLoadList.ThumbprintSecondary); Assert.AreEqual(targetCert.Thumbprint, step.ThumbprintFileStoreSvcList.Thumbprint); Assert.IsNull(step.ThumbprintFileStoreSvcList.ThumbprintSecondary); }
internal void InternalValidateClusterThumbprintUpdateTest( string originalThumbprint, string originalSecondaryThumbprint, string updatedThumbprint, string updatedSecondaryThumbprint, ClusterManagementErrorCode?expectedErrorCode = null) { CertificateDescription currentCert = new CertificateDescription() { Thumbprint = originalThumbprint, ThumbprintSecondary = originalSecondaryThumbprint, }; CertificateDescription updatedCert = new CertificateDescription() { Thumbprint = updatedThumbprint, ThumbprintSecondary = updatedSecondaryThumbprint, }; Utility.ValidateExpectedValidationException( delegate { StandaloneSettingsValidator.ValidateClusterCertificateThumbprintAndCnUpdate( StandaloneSettingsValidator.GetUniqueThumbprints(currentCert), StandaloneSettingsValidator.GetUniqueThumbprints(updatedCert), true, true); }, expectedErrorCode); }
public void BothCredentialTypesDefined_Throw() { // Arrange CertificateDescription certificateDescription = CertificateDescription.FromBase64Encoded("encoded"); MicrosoftIdentityOptions microsoftIdentityOptions = new MicrosoftIdentityOptions { Authority = TestConstants.AuthorityCommonTenant, ClientId = TestConstants.ConfidentialClientId, ClientCertificates = new CertificateDescription[] { certificateDescription }, }; ConfidentialClientApplicationOptions options = new ConfidentialClientApplicationOptions { ClientSecret = "some secret", }; // Act Action credentialAction = () => MicrosoftIdentityOptionsValidation.ValidateEitherClientCertificateOrClientSecret(options.ClientSecret, microsoftIdentityOptions.ClientCertificates); // Assert var exception = Assert.Throws <MsalClientException>(credentialAction); Assert.Equal(IDWebErrorMessage.BothClientSecretAndCertificateProvided, exception.Message); Assert.Equal(ErrorCodes.DuplicateClientCredentials, exception.ErrorCode); }
public override void ExecuteCmdlet() { if (ParameterSetName.Equals(InputObjectParameterSet)) { this.ResourceGroupName = this.InputObject.Resourcegroup; this.Name = this.InputObject.Name; } if (ParameterSetName.Equals(ResourceIdParameterSet)) { this.ResourceGroupName = IotHubUtils.GetResourceGroupName(this.ResourceId); this.Name = IotHubUtils.GetIotHubName(this.ResourceId); } if (!string.IsNullOrEmpty(CertificateName)) { CertificateDescription certificateDescription = this.IotHubClient.Certificates.Get(this.ResourceGroupName, this.Name, this.CertificateName); this.WriteObject(IotHubUtils.ToPSCertificateDescription(certificateDescription)); } else { CertificateListDescription certificateDescriptions = this.IotHubClient.Certificates.ListByIotHub(this.ResourceGroupName, this.Name); if (certificateDescriptions.Value.Count == 1) { this.WriteObject(IotHubUtils.ToPSCertificateDescription(certificateDescriptions.Value[0])); } else { this.WriteObject(IotHubUtils.ToPSCertificates(certificateDescriptions), true); } } }
public void TestFromBase64Encoded(string base64Encoded) { CertificateDescription certificateDescription = CertificateDescription.FromBase64Encoded(base64Encoded); Assert.Equal(CertificateSource.Base64Encoded, certificateDescription.SourceType); Assert.Equal(base64Encoded, certificateDescription.ReferenceOrValue); Assert.Equal(base64Encoded, certificateDescription.Base64EncodedValue); }
public void TestFromCertificate() { using (X509Certificate2 certificate2 = new X509Certificate2()) { CertificateDescription certificateDescription = CertificateDescription.FromCertificate(certificate2); } }
public void TestFromKeyVault(string keyVaultUrl, string certificateName) { CertificateDescription certificateDescription = CertificateDescription.FromKeyVault(keyVaultUrl, certificateName); Assert.Equal(CertificateSource.KeyVault, certificateDescription.SourceType); Assert.Equal(keyVaultUrl, certificateDescription.Container); Assert.Equal(certificateName, certificateDescription.ReferenceOrValue); Assert.Equal(certificateName, certificateDescription.KeyVaultCertificateName); Assert.Equal(keyVaultUrl, certificateDescription.KeyVaultUrl); }
public void TestFromPath(string certificatePath, string password) { CertificateDescription certificateDescription = CertificateDescription.FromPath(certificatePath, password); Assert.Equal(CertificateSource.Path, certificateDescription.SourceType); Assert.Equal(certificatePath, certificateDescription.Container); Assert.Equal(password, certificateDescription.ReferenceOrValue); Assert.Equal(certificatePath, certificateDescription.CertificateDiskPath); Assert.Equal(password, certificateDescription.CertificatePassword); }
public void TestFromStoreWithThumprint(string certificateThumbprint, StoreLocation storeLocation, StoreName storeName) { CertificateDescription certificateDescription = CertificateDescription.FromStoreWithThumprint(certificateThumbprint, storeLocation, storeName); Assert.Equal(CertificateSource.StoreWithThumbprint, certificateDescription.SourceType); Assert.Equal($"{storeLocation}/{storeName}", certificateDescription.Container); Assert.Equal(certificateThumbprint, certificateDescription.ReferenceOrValue); Assert.Equal($"{storeLocation}/{storeName}", certificateDescription.CertificateStorePath); Assert.Equal(certificateThumbprint, certificateDescription.CertificateThumbprint); }
public void TestFromCertificateDistinguishedName(string certificateDistinguishedName, StoreLocation storeLocation, StoreName storeName) { CertificateDescription certificateDescription = CertificateDescription.FromStoreWithDistinguishedName(certificateDistinguishedName, storeLocation, storeName); Assert.Equal(CertificateSource.StoreWithDistinguishedName, certificateDescription.SourceType); Assert.Equal($"{storeLocation}/{storeName}", certificateDescription.Container); Assert.Equal(certificateDistinguishedName, certificateDescription.ReferenceOrValue); Assert.Equal(certificateDistinguishedName, certificateDescription.CertificateDistinguishedName); Assert.Equal($"{storeLocation}/{storeName}", certificateDescription.CertificateStorePath); }
public override void ExecuteCmdlet() { Path = ResolveUserPath(Path); if (ShouldProcess(CertificateName, Properties.Resources.VerifyIotHubCertificate)) { string certificate = string.Empty; FileInfo fileInfo = new FileInfo(this.Path); switch (fileInfo.Extension.ToLower(CultureInfo.InvariantCulture)) { case ".cer": var certificateByteContent = File.ReadAllBytes(this.Path); certificate = Convert.ToBase64String(certificateByteContent); break; case ".pem": certificate = File.ReadAllText(this.Path); break; default: certificate = this.Path; break; } if (ParameterSetName.Equals(InputObjectParameterSet)) { this.ResourceGroupName = this.InputObject.ResourceGroupName; this.Name = this.InputObject.Name; this.CertificateName = this.InputObject.CertificateName; this.Etag = this.InputObject.Etag; } if (ParameterSetName.Equals(ResourceIdParameterSet)) { this.ResourceGroupName = IotHubUtils.GetResourceGroupName(this.ResourceId); this.Name = IotHubUtils.GetIotHubName(this.ResourceId); this.CertificateName = IotHubUtils.GetIotHubCertificateName(this.ResourceId); } try { certificate = Encoding.UTF8.GetString(Encoding.UTF8.GetBytes(certificate)); CertificateVerificationDescription certificateVerificationDescription = new CertificateVerificationDescription(); certificateVerificationDescription.Certificate = certificate; CertificateDescription certificateDescription = this.IotHubClient.Certificates.Verify(this.ResourceGroupName, this.Name, this.CertificateName, certificateVerificationDescription, this.Etag); this.WriteObject(IotHubUtils.ToPSCertificateDescription(certificateDescription)); } catch (Exception e) { throw e; } } }
internal void InternalGetUniqueThumbprintsTest(CertificateDescription cert, int expectedThumbprints) { IEnumerable <string> thumbprints = StandaloneSettingsValidator.GetUniqueThumbprints(cert); Assert.AreEqual(expectedThumbprints, thumbprints.Count()); Assert.IsTrue(thumbprints.Contains(cert.Thumbprint)); if (expectedThumbprints > 1) { Assert.IsTrue(thumbprints.Contains(cert.ThumbprintSecondary)); } }
public void TestFromKeyVault(string keyVaultUrl, string certificateName) { CertificateDescription certificateDescription = CertificateDescription.FromKeyVault(keyVaultUrl, certificateName); Assert.Equal(CertificateSource.KeyVault, certificateDescription.SourceType); Assert.Equal(keyVaultUrl, certificateDescription.Container); Assert.Equal(certificateName, certificateDescription.ReferenceOrValue); Assert.Equal(certificateName, certificateDescription.KeyVaultCertificateName); Assert.Equal(keyVaultUrl, certificateDescription.KeyVaultUrl); Assert.Equal(X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.EphemeralKeySet, certificateDescription.X509KeyStorageFlags); certificateDescription.X509KeyStorageFlags = X509KeyStorageFlags.UserKeySet; Assert.Equal(X509KeyStorageFlags.UserKeySet, certificateDescription.X509KeyStorageFlags); }
public async Task <IActionResult> OnGetAsync(int?id) { if (id == null) { return(NotFound()); } Certificate = await _context.CertificateDescriptions.FindAsync(id); if (Certificate == null) { return(NotFound()); } return(Page()); }
public void TestDefaultCertificateLoader(CertificateSource certificateSource, string container, string referenceOrValue) { CertificateDescription certificateDescription; switch (certificateSource) { case CertificateSource.KeyVault: certificateDescription = CertificateDescription.FromKeyVault(container, referenceOrValue); break; case CertificateSource.Base64Encoded: certificateDescription = CertificateDescription.FromBase64Encoded(referenceOrValue); break; case CertificateSource.Path: certificateDescription = CertificateDescription.FromPath(container, referenceOrValue); break; case CertificateSource.StoreWithThumbprint: certificateDescription = new CertificateDescription() { SourceType = CertificateSource.StoreWithThumbprint }; certificateDescription.CertificateThumbprint = referenceOrValue; certificateDescription.CertificateStorePath = container; break; case CertificateSource.StoreWithDistinguishedName: certificateDescription = new CertificateDescription() { SourceType = CertificateSource.StoreWithDistinguishedName }; certificateDescription.CertificateDistinguishedName = referenceOrValue; certificateDescription.CertificateStorePath = container; break; default: certificateDescription = null; break; } ICertificateLoader loader = new DefaultCertificateLoader(); loader.LoadIfNeeded(certificateDescription); Assert.NotNull(certificateDescription.Certificate); }
public void ValidateCredentialType_Certificate(string base64Encoded) { // Arrange CertificateDescription certificateDescription = CertificateDescription.FromBase64Encoded(base64Encoded); MicrosoftIdentityOptions microsoftIdentityOptions = new MicrosoftIdentityOptions { Authority = TestConstants.AuthorityCommonTenant, ClientId = TestConstants.ConfidentialClientId, ClientCertificates = new CertificateDescription[] { certificateDescription }, }; ConfidentialClientApplicationOptions options = new ConfidentialClientApplicationOptions { ClientSecret = string.Empty, }; // Act & Assert // Should not throw MicrosoftIdentityOptionsValidation.ValidateEitherClientCertificateOrClientSecret(options.ClientSecret, microsoftIdentityOptions.ClientCertificates); }
protected override List <SettingsTypeSection> OnGenerateFabricSettings(Security security, CertificateDescription thumbprintFileStoreCert, List <string> thumbprintClusterCertList, ServerCertificateCommonNames commonNameFileStoreCert, Dictionary <string, string> commonNameClusterCertList, int currentClusterSize) { return(new List <SettingsTypeSection>()); }
static async Task Main(string[] args) { string clientId = "6af093f3-b445-4b7a-beae-046864468ad6"; string tenant = "msidentitysamplestesting.onmicrosoft.com"; string[] scopes = new[] { "api://8206b76f-586e-4098-b1e5-598c1aa3e2a1/.default" }; // Simulates the configuration, could be a IConfiguration or anything Dictionary <string, string> Configuration = new Dictionary <string, string>(); // Certificate Loading string keyVaultContainer = "https://WebAppsApisTests.vault.azure.net"; string keyVaultReference = "Self-Signed-5-5-22"; CertificateDescription certDescription = CertificateDescription.FromKeyVault(keyVaultContainer, keyVaultReference); ICertificateLoader certificateLoader = new DefaultCertificateLoader(); certificateLoader.LoadIfNeeded(certDescription); // Create the confidential client application IConfidentialClientApplication app; app = ConfidentialClientApplicationBuilder.Create(clientId) // Alternatively to the certificate you can use .WithClientSecret(clientSecret) .WithCertificate(certDescription.Certificate) .WithTenantId(tenant) .Build(); // In memory token caches (App and User caches) // app.AddInMemoryTokenCache(); // Or // Distributed token caches (App and User caches) // Add one of the below: SQL, Redis, CosmosDb app.AddDistributedTokenCache(services => { services.AddDistributedMemoryCache(); services.AddLogging(configure => configure.AddConsole()) .Configure <LoggerFilterOptions>(options => options.MinLevel = Microsoft.Extensions.Logging.LogLevel.Debug); /* Remove comments to use SQL cache implementation * services.AddDistributedSqlServerCache(options => * { * // SQL Server token cache * // Requires to reference Microsoft.Extensions.Caching.SqlServer * options.ConnectionString = @"Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=TestCache;Integrated Security=True;Connect Timeout=30;Encrypt=False;TrustServerCertificate=False;ApplicationIntent=ReadWrite;MultiSubnetFailover=False"; * options.SchemaName = "dbo"; * options.TableName = "TestCache"; * * // You don't want the SQL token cache to be purged before the access token has expired. Usually * // access tokens expire after 1 hour (but this can be changed by token lifetime policies), whereas * // the default sliding expiration for the distributed SQL database is 20 mins. * // Use a value which is above 60 mins (or the lifetime of a token in case of longer lived tokens) * options.DefaultSlidingExpiration = TimeSpan.FromMinutes(90); * }); */ /* Remove comments to use Redis cache implementation * // Add Redis * services.AddStackExchangeRedisCache(options => * { * options.Configuration = "localhost"; * options.InstanceName = "Redis"; * }); */ /* Remove comments to use CosmosDB cache implementation * // Add CosmosDB * services.AddCosmosCache((CosmosCacheOptions cacheOptions) => * { * cacheOptions.ContainerName = Configuration["CosmosCacheContainer"]; * cacheOptions.DatabaseName = Configuration["CosmosCacheDatabase"]; * cacheOptions.ClientBuilder = new CosmosClientBuilder(Configuration["CosmosConnectionString"]); * cacheOptions.CreateIfNotExists = true; * }); */ }); // Acquire a token (twice) var result = await app.AcquireTokenForClient(scopes) .ExecuteAsync(); Console.WriteLine(result.AuthenticationResultMetadata.TokenSource); result = await app.AcquireTokenForClient(scopes) .ExecuteAsync(); Console.WriteLine(result.AuthenticationResultMetadata.TokenSource); }
public async Task IotHubClient_HubCertificate() { try { using var context = MockContext.Start(GetType()); Initialize(context); // Create resource group ResourceGroup resourceGroup = await CreateResourceGroupAsync(IotHubTestUtilities.DefaultCertificateResourceGroupName).ConfigureAwait(false); // Check if hub exists and delete IotHubNameAvailabilityInfo iotHubNameAvailabilityInfo = await _iotHubClient.IotHubResource .CheckNameAvailabilityAsync(IotHubTestUtilities.DefaultCertificateIotHubName) .ConfigureAwait(false); if (!iotHubNameAvailabilityInfo.NameAvailable.Value) { _ = await _iotHubClient.IotHubResource .DeleteAsync( IotHubTestUtilities.DefaultCertificateResourceGroupName, IotHubTestUtilities.DefaultCertificateIotHubName) .ConfigureAwait(false); } // Create hub IotHubDescription iotHub = await CreateIotHubAsync(resourceGroup, IotHubTestUtilities.DefaultLocation, IotHubTestUtilities.DefaultCertificateIotHubName, null) .ConfigureAwait(false); // Upload certificate to the hub CertificateDescription newCertificateDescription = await CreateCertificateAsync( resourceGroup, IotHubTestUtilities.DefaultCertificateIotHubName, IotHubTestUtilities.DefaultIotHubCertificateName) .ConfigureAwait(false); newCertificateDescription.Name.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateName); newCertificateDescription.Properties.Subject.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateSubject); newCertificateDescription.Properties.Thumbprint.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateThumbprint); newCertificateDescription.Type.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateType); newCertificateDescription.Properties.IsVerified.Should().BeFalse(); // Get all certificates var certificateList = await GetCertificatesAsync(resourceGroup, IotHubTestUtilities.DefaultCertificateIotHubName).ConfigureAwait(false); certificateList.Value.Count().Should().Be(1); // Get certificate CertificateDescription certificate = await GetCertificateAsync(resourceGroup, IotHubTestUtilities.DefaultCertificateIotHubName, IotHubTestUtilities.DefaultIotHubCertificateName) .ConfigureAwait(false); certificate.Name.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateName); certificate.Properties.Subject.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateSubject); certificate.Properties.Thumbprint.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateThumbprint); certificate.Type.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateType); certificate.Properties.IsVerified.Should().BeFalse(); CertificateWithNonceDescription certificateWithNonceDescription = await GenerateVerificationCodeAsync( resourceGroup, IotHubTestUtilities.DefaultCertificateIotHubName, IotHubTestUtilities.DefaultIotHubCertificateName, certificate.Etag) .ConfigureAwait(false); certificateWithNonceDescription.Name.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateName); certificateWithNonceDescription.Properties.Subject.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateSubject); certificateWithNonceDescription.Properties.Thumbprint.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateThumbprint); certificateWithNonceDescription.Type.Should().Be(IotHubTestUtilities.DefaultIotHubCertificateType); certificateWithNonceDescription.Properties.IsVerified.Should().BeFalse(); certificateWithNonceDescription.Properties.VerificationCode.Should().NotBeNull(); // Delete certificate await DeleteCertificateAsync( resourceGroup, IotHubTestUtilities.DefaultCertificateIotHubName, IotHubTestUtilities.DefaultIotHubCertificateName, certificateWithNonceDescription.Etag) .ConfigureAwait(false); // Get all certificate after delete var certificateListAfterDelete = await GetCertificatesAsync(resourceGroup, IotHubTestUtilities.DefaultCertificateIotHubName) .ConfigureAwait(false); certificateListAfterDelete.Value.Count().Should().Be(0); } catch (ErrorDetailsException ex) { Console.WriteLine(ex.ToString()); Console.WriteLine($"{ex.Body.Message}: {ex.Body.Details}"); throw; } catch (Exception ex) { Console.WriteLine(ex.ToString()); throw; } }
public static PSCertificateDescription ToPSCertificateDescription(CertificateDescription certificateDescription) { return ConvertObject<CertificateDescription, PSCertificateDescription>(certificateDescription); }
protected override List <SettingsTypeSection> OnGenerateFabricSettings( Security security, CertificateDescription thumbprintFileStoreCert, List <string> thumbprintClusterCertList, ServerCertificateCommonNames commonNameFileStoreCert, Dictionary <string, string> commonNameClusterCertList, int currentClusterSize = -1) { var result = new List <SettingsTypeSection>(); // GenerateSecuritySection always returns a non-null value var securitySections = this.GenerateSecuritySection(security, thumbprintClusterCertList, commonNameClusterCertList); result.AddRange(securitySections); var runAsSection = this.GenerateRunAsSection(security); if (runAsSection != null) { result.Add(runAsSection); } var httpApplicationGatewaySection = this.GenerateHttpApplicationGatewaySection(); if (httpApplicationGatewaySection != null) { result.Add(httpApplicationGatewaySection); } if (security == null || security.WindowsIdentities == null || security.WindowsIdentities.ClustergMSAIdentity == null) { var fileStoreSection = this.GenerateFileStoreServiceSection( thumbprintFileStoreCert, commonNameFileStoreCert, this.currentPrimaryAccountNtlmPassword, this.currentSecondaryAccountNtlmPassword, this.currentCommonNameNtlmPassword); if (fileStoreSection != null) { result.Add(fileStoreSection); } } var failoverManagerSection = currentClusterSize == -1 ? this.GenerateFailoverManagerSection() : this.GenerateFailoverManagerSection(currentClusterSize); result.Add(failoverManagerSection); if (this.TargetCsmConfig.DiagnosticsStoreInformation != null) { var dcaSections = this.GenerateDcaSections(); if (dcaSections != null) { result.AddRange(dcaSections); } } result.AddRange(this.GenerateClusterManagerSection()); var upgradeOrchestrationServiceSection = this.GenerateUpgradeOrchestrationServiceSection(); result.Add(upgradeOrchestrationServiceSection); result.AddRange(this.GenerateCommonSection()); result.AddRange(StandAloneFabricSettingsGenerator.GenerateSecretStoreSections(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateRepairManagerSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateDnsServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateBackupRestoreServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateResourceMonitorServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateSFVolumeDiskServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateEventStoreServiceSection(this.TargetCsmConfig)); result.AddRange(StandAloneFabricSettingsGenerator.GenerateGatewayResourceManagerSection(this.TargetCsmConfig)); return(result); }