public async Task <Secret <TOTPCode> > GetCodeAsync(string keyName, string mountPoint = SecretsEngineDefaultPaths.TOTP, string wrapTimeToLive = null) { Checker.NotNull(mountPoint, "mountPoint"); Checker.NotNull(keyName, "keyName"); return(await _polymath.MakeVaultApiRequest <Secret <TOTPCode> >("v1/" + mountPoint.Trim('/') + "/code/" + keyName.Trim('/'), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <SecretData> > ReadSecretAsync(string path, int?version = null, string mountPoint = SecretsEngineDefaultPaths.KeyValue, string wrapTimeToLive = null) { Checker.NotNull(mountPoint, "mountPoint"); Checker.NotNull(path, "path"); return(await _polymath.MakeVaultApiRequest <Secret <SecretData> >("v1/" + mountPoint.Trim('/') + "/data/" + path.Trim('/') + (version != null ? ("?version=" + version) : ""), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <EncryptionResponse> > EncryptAsync(string keyName, EncryptRequestOptions encryptRequestOptions, string mountPoint = null, string wrapTimeToLive = null) { Checker.NotNull(keyName, "keyName"); Checker.NotNull(encryptRequestOptions, "encryptRequestOptions"); return(await _polymath.MakeVaultApiRequest <Secret <EncryptionResponse> >(mountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.GoogleCloudKMS, "/encrypt/" + keyName.Trim('/'), HttpMethod.Post, encryptRequestOptions, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <Dictionary <string, object> > > ReadSecretAsync(string path, string mountPoint = SecretsEngineDefaultPaths.KeyValueV1, string wrapTimeToLive = null) { Checker.NotNull(mountPoint, "mountPoint"); Checker.NotNull(path, "path"); return(await _polymath.MakeVaultApiRequest <Secret <Dictionary <string, object> > >("v1/" + mountPoint.Trim('/') + "/" + path.Trim('/'), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <IdentityToken> > GetTokenAsync(string roleName, string mountPoint = SecretsEngineDefaultPaths.Identity, string wrapTimeToLive = null) { Checker.NotNull(mountPoint, "mountPoint"); Checker.NotNull(roleName, "roleName"); return(await _polymath.MakeVaultApiRequest <Secret <IdentityToken> >("v1/" + mountPoint.Trim('/') + "/oidc/token/" + roleName.Trim('/'), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <AWSCredentials> > GetCredentialsAsync(string awsRoleName, string awsMountPoint = SecretsEngineDefaultPaths.AWS, string wrapTimeToLive = null) { Checker.NotNull(awsMountPoint, "awsMountPoint"); Checker.NotNull(awsRoleName, "awsRoleName"); return(await _polymath.MakeVaultApiRequest <Secret <AWSCredentials> >("v1/" + awsMountPoint.Trim('/') + "/creds/" + awsRoleName.Trim('/'), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <EncodedResponse> > EncodeAsync(string roleName, EncodeRequestOptions encodeRequestOptions, string mountPoint = null, string wrapTimeToLive = null) { Checker.NotNull(roleName, "roleName"); Checker.NotNull(encodeRequestOptions, "encodeRequestOptions"); return(await _polymath.MakeVaultApiRequest <Secret <EncodedResponse> >(mountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.Transform, "/encode/" + roleName.Trim('/'), HttpMethod.Post, encodeRequestOptions, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <SSHCredentials> > GetCredentialsAsync(string roleName, string ipAddress, string username = null, string mountPoint = null, string wrapTimeToLive = null) { Checker.NotNull(roleName, "roleName"); Checker.NotNull(ipAddress, "ipAddress"); var requestData = new { ip = ipAddress, username = username }; return(await _polymath.MakeVaultApiRequest <Secret <SSHCredentials> >(mountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.SSH, "/creds/" + roleName.Trim('/'), HttpMethod.Post, requestData, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task ReloadBackendsAsync(string plugin, IEnumerable <string> backendMountPaths) { var requestData = new { plugin = plugin, mounts = backendMountPaths }; await _polymath.MakeVaultApiRequest("v1/sys/plugin/reload/backend", HttpMethod.Put, requestData).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext); }
public async Task <Secret <CertificateCredentials> > GetCredentialsAsync(string pkiRoleName, CertificateCredentialsRequestOptions certificateCredentialRequestOptions, string pkiBackendMountPoint = null, string wrapTimeToLive = null) { Checker.NotNull(pkiRoleName, "pkiRoleName"); Checker.NotNull(certificateCredentialRequestOptions, "certificateCredentialRequestOptions"); var result = await _polymath.MakeVaultApiRequest <Secret <CertificateCredentials> >(pkiBackendMountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.PKI, "/issue/" + pkiRoleName, HttpMethod.Post, certificateCredentialRequestOptions, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext); result.Data.CertificateFormat = certificateCredentialRequestOptions.CertificateFormat; return(result); }
public async Task <Secret <KMIPCredentials> > GetCredentialsAsync(string scopeName, string roleName, CertificateFormat format = CertificateFormat.pem, string mountPoint = null, string wrapTimeToLive = null) { Checker.NotNull(scopeName, "scopeName"); Checker.NotNull(roleName, "roleName"); return(await _polymath.MakeVaultApiRequest <Secret <KMIPCredentials> >(mountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.KMIP, "/scope/" + scopeName.Trim('/') + "/role/" + scopeName.Trim('/') + "/credential/generate", HttpMethod.Post, new { format }, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <string> GetVaultTokenAsync() { var signingTime = DateTime.UtcNow; var signature = CloudFoundrySignatureProvider.GetSignature(signingTime, _cloudFoundryAuthMethodInfo.CFInstanceCertContent, _cloudFoundryAuthMethodInfo.RoleName, _cloudFoundryAuthMethodInfo.CFInstanceKeyContent); var requestData = new { role = _cloudFoundryAuthMethodInfo.RoleName, cf_instance_cert = _cloudFoundryAuthMethodInfo.CFInstanceCertContent, signing_time = CloudFoundrySignatureProvider.GetFormattedSigningTime(signingTime), signature }; // make an unauthenticated call to Vault, since this is the call to get the token. // It shouldn't need a token. var response = await _polymath.MakeVaultApiRequest <Secret <Dictionary <string, object> > >(LoginResourcePath, HttpMethod.Post, requestData, unauthenticated : true).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext); _cloudFoundryAuthMethodInfo.ReturnedLoginAuthInfo = response?.AuthInfo; if (response?.AuthInfo != null && !string.IsNullOrWhiteSpace(response.AuthInfo.ClientToken)) { return(response.AuthInfo.ClientToken); } throw new Exception("The call to the Vault authentication method backend did not yield a client token. Please verify your credentials."); }
public async Task WriteGroupAsync(string groupName, IList <string> policies, string mountPoint = AuthMethodDefaultPaths.LDAP) { Checker.NotNull(mountPoint, "mountPoint"); Checker.NotNull(groupName, "groupName"); var flatPolicies = string.Join(",", policies); await _polymath.MakeVaultApiRequest("v1/auth/" + mountPoint.Trim('/') + "/groups/" + groupName.Trim('/'), HttpMethod.Post, new { policies = flatPolicies }).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext); }
public async Task <Secret <object> > CreateTokenAsync(CreateTokenRequest createTokenRequest) { var request = createTokenRequest ?? new CreateTokenRequest(); var suffix = "create"; if (createTokenRequest.NoParent) { suffix = "create-orphan"; } if (!string.IsNullOrWhiteSpace(createTokenRequest.RoleName)) { suffix = "create/" + createTokenRequest.RoleName.Trim('/'); } return(await _polymath.MakeVaultApiRequest <Secret <object> >("v1/auth/token/" + suffix, HttpMethod.Post, request).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <string> GetVaultTokenAsync() { // Make an unauthenticated call to Vault, since this is the call to get the token. // It shouldn't need a token. var response = string.IsNullOrWhiteSpace(_certAuthMethodInfo.RoleName) ? (await _polymath.MakeVaultApiRequest <Secret <JToken> >(LoginResourcePath, HttpMethod.Post, unauthenticated: true).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)) : (await _polymath.MakeVaultApiRequest <Secret <JToken> >(LoginResourcePath, HttpMethod.Post, new { name = _certAuthMethodInfo.RoleName }, unauthenticated: true).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); _certAuthMethodInfo.ReturnedLoginAuthInfo = response?.AuthInfo; if (response?.AuthInfo != null && !string.IsNullOrWhiteSpace(response.AuthInfo.ClientToken)) { return(response.AuthInfo.ClientToken); } throw new Exception("The call to the Vault authentication method backend did not yield a client token. Please verify your credentials."); }
public async Task <string> GetVaultTokenAsync() { var requestData = _cloudFoundryAuthMethodInfo.Signature; // make an unauthenticated call to Vault, since this is the call to get the token. It shouldn't need a token. var response = await _polymath.MakeVaultApiRequest <Secret <Dictionary <string, object> > >(LoginResourcePath, HttpMethod.Post, requestData, unauthenticated : true).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext); _cloudFoundryAuthMethodInfo.ReturnedLoginAuthInfo = response?.AuthInfo; if (response?.AuthInfo != null && !string.IsNullOrWhiteSpace(response.AuthInfo.ClientToken)) { return(response.AuthInfo.ClientToken); } throw new Exception("The call to the Vault authentication method backend did not yield a client token. Please verify your credentials."); }
public async Task <Secret <NomadCredentials> > GetCredentialsAsync(string roleName, string mountPoint = null, string wrapTimeToLive = null) { Checker.NotNull(roleName, "roleName"); return(await _polymath.MakeVaultApiRequest <Secret <NomadCredentials> >(mountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.Nomad, "/creds/" + roleName.Trim('/'), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <GoogleCloudOAuth2Token> > GetOAuth2TokenAsync(string roleset, string mountPoint = null, string wrapTimeToLive = null) { Checker.NotNull(roleset, "roleset"); return(await _polymath.MakeVaultApiRequest <Secret <GoogleCloudOAuth2Token> >(mountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.GoogleCloud, "/token/" + roleset.Trim('/'), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <T> > ReadSecretAsync <T>(string path, string mountPoint = null, string wrapTimeToLive = null) { Checker.NotNull(path, "path"); return(await _polymath.MakeVaultApiRequest <Secret <T> >(mountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.KeyValueV1, "/" + path.Trim('/'), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <EncryptionResponse> > EncryptAsync(string keyName, EncryptRequestOptions encryptRequestOptions, string mountPoint = SecretsEngineDefaultPaths.Transit, string wrapTimeToLive = null) { Checker.NotNull(keyName, "keyName"); return(await _polymath.MakeVaultApiRequest <Secret <EncryptionResponse> >("v1/" + mountPoint.Trim('/') + "/encrypt/" + keyName.Trim('/'), HttpMethod.Post, encryptRequestOptions, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <CallingTokenInfo> > LookupSelfAsync() { return(await _polymath.MakeVaultApiRequest <Secret <CallingTokenInfo> >("v1/auth/token/lookup-self", HttpMethod.Get).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <Dictionary <string, object> > > ReadSecretAsync(string secretPath, string wrapTimeToLive = null) { Checker.NotNull(secretPath, "secretPath"); return(await _polymath.MakeVaultApiRequest <Secret <Dictionary <string, object> > >("v1/" + SecretsEngineDefaultPaths.Cubbyhole + "/" + secretPath.TrimStart('/'), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <Dictionary <string, AbstractAuditBackend> > > GetAuditBackendsAsync() { var response = await _polymath.MakeVaultApiRequest <Secret <Dictionary <string, AbstractAuditBackend> > >("v1/sys/audit", HttpMethod.Get).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext); foreach (var kv in response.Data) { kv.Value.MountPoint = kv.Key; } return(response); }
public async Task CreateRoleAsync(string roleName, Role role, string mountPoint = null) { Checker.NotNull(roleName, "roleName"); Checker.NotNull(role, "role"); await _polymath.MakeVaultApiRequest(mountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.Database, "/roles/" + roleName.Trim('/'), HttpMethod.Post, role).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext); }
public async Task <Secret <ControlGroup> > GetControlGroupConfigAsync() { return(await _polymath.MakeVaultApiRequest <Secret <ControlGroup> >("v1/sys/config/control-group", HttpMethod.Get).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <KeyManagementKey> > ReadKeyAsync(string keyName, string mountPoint = null, string wrapTimeToLive = null) { Checker.NotNull(keyName, "keyName"); return(await _polymath.MakeVaultApiRequest <Secret <KeyManagementKey> >(mountPoint ?? _polymath.VaultClientSettings.SecretsEngineMountPoints.KeyManagement, "/key/" + keyName.Trim('/'), HttpMethod.Get, wrapTimeToLive : wrapTimeToLive).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }
public async Task <Secret <AppRoleInfo> > ReadRoleAsync(string roleName, string mountPoint = AuthMethodDefaultPaths.AppRole) { Checker.NotNull(mountPoint, "mountPoint"); Checker.NotNull(roleName, "roleName"); return(await _polymath.MakeVaultApiRequest <Secret <AppRoleInfo> >("v1/auth/" + mountPoint.Trim('/') + "/role/" + roleName.Trim('/'), HttpMethod.Get).ConfigureAwait(_polymath.VaultClientSettings.ContinueAsyncTasksOnCapturedContext)); }