Пример #1
0
            /// <summary>
            /// Create new instance
            /// </summary>
            /// <param name="configuration"></param>
            /// <param name="keyVaultUrlVarName"></param>
            /// <param name="lazyLoad"></param>
            /// <param name="allowDeveloperAccess"></param>
            /// <returns></returns>
            private static async Task <KeyVaultConfigurationProvider> CreateInstanceAsync(
                IConfigurationRoot configuration, string keyVaultUrlVarName,
                bool lazyLoad, bool allowDeveloperAccess)
            {
                var vaultUri = configuration.GetValue <string>(keyVaultUrlVarName, null);

                if (string.IsNullOrEmpty(vaultUri))
                {
                    Log.Logger.Debug("No keyvault uri found in configuration under {key}. " +
                                     "Cannot read configuration from keyvault.",
                                     keyVaultUrlVarName);
                    vaultUri = Environment.GetEnvironmentVariable(keyVaultUrlVarName);
                    if (string.IsNullOrEmpty(vaultUri))
                    {
                        Log.Logger.Debug("No keyvault uri found in environment.",
                                         keyVaultUrlVarName);
                        return(null);
                    }
                }
                var keyVault = await TryKeyVaultClientAsync(vaultUri,
                                                            configuration, keyVaultUrlVarName, allowDeveloperAccess);

                if (keyVault == null)
                {
                    return(null);
                }
                var provider = new KeyVaultConfigurationProvider(keyVault, vaultUri);

                if (!lazyLoad)
                {
                    await provider.LoadAllSecretsAsync();
                }
                return(provider);
            }
Пример #2
0
        /// <summary>
        /// Add configuration from Azure KeyVault. Providers configured prior to
        /// this one will be used to get Azure KeyVault connection details.
        /// </summary>
        /// <param name="builder"></param>
        /// <param name="allowInteractiveLogon"></param>
        /// <param name="singleton"></param>
        /// <param name="keyVaultUrlVarName"></param>
        /// <param name="providerPriority"> Determines where in the configuration
        /// providers chain current provider should be added. Default to lowest
        /// </param>
        /// <returns></returns>
        public static IConfigurationBuilder AddFromKeyVault(this IConfigurationBuilder builder,
                                                            ConfigurationProviderPriority providerPriority = ConfigurationProviderPriority.Lowest,
                                                            bool allowInteractiveLogon = false, bool singleton = true, string keyVaultUrlVarName = null)
        {
            var configuration = builder.Build();
            var provider      = KeyVaultConfigurationProvider.CreateInstanceAsync(
                allowInteractiveLogon, singleton, configuration, keyVaultUrlVarName).Result;

            if (provider != null)
            {
                switch (providerPriority)
                {
                case ConfigurationProviderPriority.Highest:
                    builder.Add(provider);
                    break;

                case ConfigurationProviderPriority.Lowest:
                    builder.Sources.Insert(0, provider);
                    break;

                default:
                    throw new ArgumentException(
                              $"Unknown ConfigurationProviderPriority value: {providerPriority}");
                }
            }
            return(builder);
        }
Пример #3
0
            /// <summary>
            /// Create new instance
            /// </summary>
            /// <param name="configuration"></param>
            /// <param name="allowInteractiveLogon"></param>
            /// <param name="keyVaultUrlVarName"></param>
            /// <param name="lazyLoad"></param>
            /// <returns></returns>
            private static async Task <KeyVaultConfigurationProvider> CreateInstanceAsync(
                IConfigurationRoot configuration, bool allowInteractiveLogon, string keyVaultUrlVarName,
                bool lazyLoad)
            {
                var vaultUri = configuration.GetValue <string>(keyVaultUrlVarName, null);

                if (string.IsNullOrEmpty(vaultUri))
                {
                    Log.Logger.Debug("No keyvault uri found in configuration under {key}. ",
                                     keyVaultUrlVarName);
                    vaultUri = Environment.GetEnvironmentVariable(keyVaultUrlVarName);
                    if (string.IsNullOrEmpty(vaultUri))
                    {
                        Log.Logger.Debug("No keyvault uri found in environment under {key}. " +
                                         "Not reading configuration from keyvault without keyvault uri.",
                                         keyVaultUrlVarName);
                        return(null);
                    }
                }
                var provider = new KeyVaultConfigurationProvider(configuration, vaultUri,
                                                                 allowInteractiveLogon);

                try {
                    await provider.ValidateReadSecretAsync(keyVaultUrlVarName);
                }
                catch (Exception ex) {
                    // https://github.com/Azure/Industrial-IoT/tree/master/deploy/helm/azure-industrial-iot#load-configuration-from-azure-key-vault
                    throw new InvalidConfigurationException(
                              "Could not access the provided keyvault URI. " +
                              "If you want to read configuration from the keyvault, make sure " +
                              "it is reachable, the required permissions are configured " +
                              "and authentication provider information is available. " +
                              "Sign into Visual Studio or Azure CLI on this machine and try again.", ex);
                }
                if (!lazyLoad)
                {
                    while (true)
                    {
                        try {
                            await provider.LoadAllSecretsAsync();

                            break;
                        }
                        // try again...
                        catch (TaskCanceledException) {}
                        catch (SocketException) {}
                        await Task.Delay(TimeSpan.FromSeconds(1));

                        Log.Logger.Information(
                            "Failed loading secrets due to timeout or network - try again ...");
                    }
                }
                return(provider);
            }
Пример #4
0
        /// <summary>
        /// Add configuration from azure keyvault.
        /// </summary>
        /// <param name="builder"></param>
        /// <param name="singleton"></param>
        /// <param name="keyVaultUrlVarName"></param>
        /// <returns></returns>
        public static IConfigurationBuilder AddFromKeyVault(
            this IConfigurationBuilder builder, bool singleton = true,
            string keyVaultUrlVarName = null)
        {
            var provider = KeyVaultConfigurationProvider.CreateInstanceAsync(
                singleton, builder.Build(), keyVaultUrlVarName).Result;

            if (provider != null)
            {
                builder.Add(provider);
            }
            return(builder);
        }
Пример #5
0
            /// <summary>
            /// Create new instance
            /// </summary>
            /// <param name="configuration"></param>
            /// <param name="keyVaultUrlVarName"></param>
            /// <param name="lazyLoad"></param>
            /// <returns></returns>
            private static async Task <KeyVaultConfigurationProvider> CreateInstanceAsync(
                IConfigurationRoot configuration, string keyVaultUrlVarName, bool lazyLoad)
            {
                var vaultUri = configuration.GetValue <string>(keyVaultUrlVarName, null);

                if (string.IsNullOrEmpty(vaultUri))
                {
                    Log.Logger.Debug("No keyvault uri found in configuration under {key}. ",
                                     keyVaultUrlVarName);
                    vaultUri = Environment.GetEnvironmentVariable(keyVaultUrlVarName);
                    if (string.IsNullOrEmpty(vaultUri))
                    {
                        Log.Logger.Debug("No keyvault uri found in environment under {key}. " +
                                         "Not reading configuration from keyvault without keyvault uri.",
                                         keyVaultUrlVarName);
                        return(null);
                    }
                }

                var provider = new KeyVaultConfigurationProvider(configuration, vaultUri);

                if (!await provider.TryReadSecretAsync(keyVaultUrlVarName))
                {
                    throw new InvalidConfigurationException(
                              "A keyvault uri was provided could not access keyvault at the address. " +
                              "If you want to read configuration from keyvault, make sure " +
                              "the keyvault is reachable, the required permissions are configured " +
                              "on keyvault and authentication provider information is available. " +
                              "Sign into Visual Studio or Azure CLI on this machine and try again.");
                }
                if (!lazyLoad)
                {
                    while (true)
                    {
                        try {
                            await provider.LoadAllSecretsAsync();

                            break;
                        }
                        // try again...
                        catch (TaskCanceledException) {}
                        catch (SocketException) {}
                        await Task.Delay(TimeSpan.FromSeconds(1));

                        Log.Logger.Information(
                            "Failed loading secrets due to timeout or network - try again ...");
                    }
                }
                return(provider);
            }
        /// <summary>
        /// Add configuration from Azure KeyVault. Providers configured prior to
        /// this one will be used to get Azure KeyVault connection details.
        /// </summary>
        /// <param name="builder"></param>
        /// <param name="allowInteractiveLogon"></param>
        /// <param name="singleton"></param>
        /// <param name="keyVaultUrlVarName"></param>
        /// <param name="providerPriority"> Determines where in the configuration
        /// providers chain current provider should be added. Default to lowest
        /// </param>
        /// <returns></returns>
        public static IConfigurationBuilder AddFromKeyVault(this IConfigurationBuilder builder,
                                                            ConfigurationProviderPriority providerPriority = ConfigurationProviderPriority.Lowest,
                                                            bool allowInteractiveLogon = false, bool singleton = true, string keyVaultUrlVarName = null)
        {
            var configuration = builder.Build();

            // Check if configuration should be loaded from KeyVault, default to true.
            var keyVaultConfigEnabled = configuration.GetValue(PcsVariable.PCS_KEYVAULT_CONFIG_ENABLED, true);

            if (!keyVaultConfigEnabled)
            {
                return(builder);
            }

            var provider = KeyVaultConfigurationProvider.CreateInstanceAsync(
                allowInteractiveLogon, singleton, configuration, keyVaultUrlVarName).Result;

            if (provider != null)
            {
                switch (providerPriority)
                {
                case ConfigurationProviderPriority.Highest:
                    builder.Add(provider);
                    break;

                case ConfigurationProviderPriority.Lowest:
                    builder.Sources.Insert(0, provider);
                    break;

                default:
                    throw new ArgumentException(
                              $"Unknown ConfigurationProviderPriority value: {providerPriority}");
                }
            }
            return(builder);
        }
Пример #7
0
        public IConfigurationProvider Build(IConfigurationBuilder builder)
        {
            var config = new KeyVaultConfigurationProvider(keyVaultKeys, keyVaultService);

            return(config);
        }