/// <summary> /// Retrieves a <see cref="CryptographyClient"/> capable of performing cryptographic operations with the key represented by the specified <paramref name="keyId"/>. /// </summary> /// <param name="keyId">The key identifier of the key used by the created <see cref="CryptographyClient"/>.</param> /// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param> /// <returns>A new <see cref="CryptographyClient"/> capable of performing cryptographic operations with the key represented by the specified <paramref name="keyId"/>.</returns> /// <exception cref="ArgumentNullException"><paramref name="keyId"/> is null.</exception> public virtual CryptographyClient Resolve(Uri keyId, CancellationToken cancellationToken = default) { Argument.AssertNotNull(keyId, nameof(keyId)); using DiagnosticScope scope = _clientDiagnostics.CreateScope($"{nameof(KeyResolver)}.{nameof(Resolve)}"); scope.AddAttribute("key", keyId); scope.Start(); try { Argument.AssertNotNull(keyId, nameof(keyId)); KeyVaultKey key = GetKey(keyId, cancellationToken); KeyVaultPipeline pipeline = new KeyVaultPipeline(keyId, _apiVersion, _pipeline, _clientDiagnostics); // Since we already attempted to download the key, do not let the CryptographyClient needlessly try again. return((key != null) ? new CryptographyClient(key, pipeline) : new CryptographyClient(keyId, pipeline, forceRemote: true)); } catch (Exception e) { scope.Failed(e); throw; } }
internal RecoverDeletedKeyOperation(KeyVaultPipeline pipeline, Response <KeyVaultKey> response) { _pipeline = pipeline; _value = response.Value ?? throw new InvalidOperationException("The response does not contain a value."); _operationInternal = new(_pipeline.Diagnostics, this, response.GetRawResponse(), nameof(RecoverDeletedKeyOperation), new[] { new KeyValuePair <string, string>("secret", _value.Name), // Retained for backward compatibility. new KeyValuePair <string, string>("key", _value.Name), }); }
internal DeleteCertificateOperation(KeyVaultPipeline pipeline, Response <DeletedCertificate> response) { _pipeline = pipeline; _value = response.Value ?? throw new InvalidOperationException("The response does not contain a value."); _response = response.GetRawResponse(); // The recoveryId is only returned if soft-delete is enabled. if (_value.RecoveryId is null) { _completed = true; } }
/// <summary> /// Initializes a new instance of the <see cref="CryptographyClient"/> class. /// </summary> /// <param name="keyId">The <see cref="KeyBase.Id"/> of the <see cref="Key"/> which will be used for cryptographic operations.</param> /// <param name="credential">A <see cref="TokenCredential"/> capable of providing an OAuth token.</param> /// <param name="options">Options to configure the management of the request sent to Key Vault.</param> /// <exception cref="ArgumentNullException"><paramref name="keyId"/> or <paramref name="credential"/> is null.</exception> /// <exception cref="NotSupportedException">The <see cref="CryptographyClientOptions.Version"/> is not supported.</exception> public CryptographyClient(Uri keyId, TokenCredential credential, CryptographyClientOptions options) { Argument.AssertNotNull(keyId, nameof(keyId)); Argument.AssertNotNull(credential, nameof(credential)); _keyId = keyId; options ??= new CryptographyClientOptions(); var remoteProvider = new RemoteCryptographyClient(keyId, credential, options); _pipeline = remoteProvider.Pipeline; _remoteProvider = remoteProvider; }
internal DeleteSecretOperation(KeyVaultPipeline pipeline, Response <DeletedSecret> response) { _pipeline = pipeline; _value = response.Value ?? throw new InvalidOperationException("The response does not contain a value."); _operationInternal = new(_pipeline.Diagnostics, this, response.GetRawResponse(), nameof(DeleteSecretOperation), new[] { new KeyValuePair <string, string>("secret", _value.Name) }); // The recoveryId is only returned if soft delete is enabled. if (_value.RecoveryId is null) { // If soft delete is not enabled, deleting is immediate so set success accordingly. _operationInternal.SetState(OperationState.Success(response.GetRawResponse())); } }
/// <summary> /// Initializes a new instance of the <see cref="SecretClient"/> class for the specified vault. /// </summary> /// <param name="vaultUri">A <see cref="Uri"/> to the vault on which the client operates. Appears as "DNS Name" in the Azure portal.</param> /// <param name="credential">A <see cref="TokenCredential"/> used to authenticate requests to the vault, such as DefaultAzureCredential.</param> /// <param name="options"><see cref="SecretClientOptions"/> that allow to configure the management of the request sent to Key Vault.</param> /// <exception cref="ArgumentNullException"><paramref name="vaultUri"/> or <paramref name="credential"/> is null.</exception> public SecretClient(Uri vaultUri, TokenCredential credential, SecretClientOptions options) { Argument.AssertNotNull(vaultUri, nameof(vaultUri)); Argument.AssertNotNull(credential, nameof(credential)); options ??= new SecretClientOptions(); string apiVersion = options.GetVersionString(); HttpPipeline pipeline = HttpPipelineBuilder.Build(options, new ChallengeBasedAuthenticationPolicy(credential)); _pipeline = new KeyVaultPipeline(vaultUri, apiVersion, pipeline, new ClientDiagnostics(options)); }
internal RemoteCryptographyClient(Uri keyId, TokenCredential credential, CryptographyClientOptions options) { Argument.AssertNotNull(keyId, nameof(keyId)); Argument.AssertNotNull(credential, nameof(credential)); _keyId = keyId; options ??= new CryptographyClientOptions(); string apiVersion = options.GetVersionString(); HttpPipeline pipeline = HttpPipelineBuilder.Build(options, new ChallengeBasedAuthenticationPolicy(credential)); Pipeline = new KeyVaultPipeline(keyId, apiVersion, pipeline, new ClientDiagnostics(options)); }
/// <summary> /// Initializes a new instance of the CryptographyClient class. /// </summary> /// <param name="keyId">The <see cref="KeyBase.Id"/> of the <see cref="Key"/> which will be used for cryptographic operations</param> /// <param name="credential">Represents a credential capable of providing an OAuth token.</param> /// <param name="options">Options that allow to configure the management of the request sent to Key Vault.</param> public CryptographyClient(Uri keyId, TokenCredential credential, CryptographyClientOptions options) { _keyId = keyId ?? throw new ArgumentNullException(nameof(keyId)); if (credential is null) { throw new ArgumentNullException(nameof(credential)); } options ??= new CryptographyClientOptions(); var remoteProvider = new RemoteCryptographyClient(keyId, credential, options); _pipeline = remoteProvider.Pipeline; _cryptoProvider = remoteProvider; }
/// <summary> /// Initializes a new instance of the SecretClient class. /// </summary> /// <param name="vaultUri">Endpoint URL for the Azure Key Vault service.</param> /// <param name="credential">Represents a credential capable of providing an OAuth token.</param> /// <param name="options">Options that allow to configure the management of the request sent to Key Vault.</param> /// <exception cref="ArgumentNullException"><paramref name="vaultUri"/> or <paramref name="credential"/> is null.</exception> public SecretClient(Uri vaultUri, TokenCredential credential, SecretClientOptions options) { _vaultUri = vaultUri ?? throw new ArgumentNullException(nameof(vaultUri)); if (credential is null) { throw new ArgumentNullException(nameof(credential)); } options ??= new SecretClientOptions(); string apiVersion = options.GetVersionString(); HttpPipeline pipeline = HttpPipelineBuilder.Build(options, new ChallengeBasedAuthenticationPolicy(credential)); _pipeline = new KeyVaultPipeline(_vaultUri, apiVersion, pipeline); }
/// <summary> /// /// </summary> /// <param name="keyId"></param> /// <param name="credential"></param> /// <param name="options"></param> public RemoteCryptographyClient(Uri keyId, TokenCredential credential, CryptographyClientOptions options) { KeyId = keyId ?? throw new ArgumentNullException(nameof(keyId)); if (credential is null) { throw new ArgumentNullException(nameof(credential)); } options ??= new CryptographyClientOptions(); string apiVersion = options.GetVersionString(); HttpPipeline pipeline = HttpPipelineBuilder.Build(options, new ChallengeBasedAuthenticationPolicy(credential)); Pipeline = new KeyVaultPipeline(keyId, apiVersion, pipeline); }
internal DeleteKeyOperation(KeyVaultPipeline pipeline, Response <DeletedKey> response) { _pipeline = pipeline; _value = response.Value ?? throw new InvalidOperationException("The response does not contain a value."); // The recoveryId is only returned if soft delete is enabled. if (_value.RecoveryId is null) { // If soft delete is not enabled, deleting is immediate so set success accordingly. _operationInternal = OperationInternal.Succeeded(response.GetRawResponse()); } else { _operationInternal = new(_pipeline.Diagnostics, this, response.GetRawResponse(), nameof(DeleteKeyOperation), new[] { new KeyValuePair <string, string>("secret", _value.Name), // Retained for backward compatibility. new KeyValuePair <string, string>("key", _value.Name), }); } }
/// <summary> /// Retrieves a <see cref="CryptographyClient"/> capable of performing cryptographic operations with the key represented by the specfiied keyId. /// </summary> /// <param name="keyId">The key idenitifier of the key used by the created <see cref="CryptographyClient"/> </param> /// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param> /// <returns>A new <see cref="CryptographyClient"/> capable of performing cryptographic operations with the key represented by the specfiied keyId</returns> public virtual async Task <CryptographyClient> ResolveAsync(Uri keyId, CancellationToken cancellationToken = default) { Argument.AssertNotNull(keyId, nameof(keyId)); using DiagnosticScope scope = _clientDiagnostics.CreateScope("Azure.Security.KeyVault.Keys.Cryptography.KeyResolver.Resolve"); scope.AddAttribute("key", keyId); scope.Start(); try { Argument.AssertNotNull(keyId, nameof(keyId)); Key key = await GetKeyAsync(keyId, cancellationToken).ConfigureAwait(false); KeyVaultPipeline pipeline = new KeyVaultPipeline(keyId, _apiVersion, _pipeline, _clientDiagnostics); return((key != null) ? new CryptographyClient(key, pipeline) : new CryptographyClient(keyId, pipeline)); } catch (Exception e) { scope.Failed(e); throw; } }
/// <summary> /// Retrieves a <see cref="CryptographyClient"/> capable of performing cryptographic operations with the key represented by the specfiied <paramref name="keyId"/>. /// </summary> /// <param name="keyId">The key idenitifier of the key used by the created <see cref="CryptographyClient"/>.</param> /// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param> /// <returns>A new <see cref="CryptographyClient"/> capable of performing cryptographic operations with the key represented by the specfiied <paramref name="keyId"/>.</returns> /// <exception cref="ArgumentNullException"><paramref name="keyId"/> is null.</exception> public virtual CryptographyClient Resolve(Uri keyId, CancellationToken cancellationToken = default) { Argument.AssertNotNull(keyId, nameof(keyId)); using DiagnosticScope scope = _clientDiagnostics.CreateScope($"{nameof(KeyResolver)}.{nameof(Resolve)}"); scope.AddAttribute("key", keyId); scope.Start(); try { Argument.AssertNotNull(keyId, nameof(keyId)); KeyVaultKey key = GetKey(keyId, cancellationToken); KeyVaultPipeline pipeline = new KeyVaultPipeline(keyId, _apiVersion, _pipeline, _clientDiagnostics); return((key != null) ? new CryptographyClient(key, pipeline) : new CryptographyClient(keyId, pipeline)); } catch (Exception e) { scope.Failed(e); throw; } }
internal RecoverDeletedSecretOperation(KeyVaultPipeline pipeline, Response <SecretProperties> response) { _pipeline = pipeline; _value = response.Value ?? throw new InvalidOperationException("The response does not contain a value."); _response = response.GetRawResponse(); }
internal RecoverDeletedCertificateOperation(KeyVaultPipeline pipeline, Response <KeyVaultCertificateWithPolicy> response) { _pipeline = pipeline; _value = response.Value ?? throw new InvalidOperationException("The response does not contain a value."); _response = response.GetRawResponse(); }
internal RecoverDeletedSecretOperation(KeyVaultPipeline pipeline, Response <SecretProperties> response) { _pipeline = pipeline; _value = response.Value ?? throw new InvalidOperationException("The response does not contain a value."); _operationInternal = new(_pipeline.Diagnostics, this, response.GetRawResponse(), nameof(RecoverDeletedSecretOperation), new[] { new KeyValuePair <string, string>("secret", _value.Name) }); }
internal RemoteCryptographyClient(KeyVaultPipeline pipeline) { Pipeline = pipeline; }