private ASRVaultCreds ReadAadASRVaultCreds()
{
ASRVaultCreds asrVaultCreds;
var serializer = new DataContractSerializer(typeof(RSVaultAsrCreds));
using (var s = new FileStream(
this.Path,
FileMode.Open,
FileAccess.Read,
FileShare.Read))
{
RSVaultAsrCreds aadCreds = (RSVaultAsrCreds)serializer.ReadObject(s);
asrVaultCreds = new ASRVaultCreds();
asrVaultCreds.ChannelIntegrityKey = aadCreds.ChannelIntegrityKey;
asrVaultCreds.ResourceGroupName = aadCreds.VaultDetails.ResourceGroup;
asrVaultCreds.Version = aadCreds.Version;
asrVaultCreds.SiteId = aadCreds.SiteId;
asrVaultCreds.SiteName = aadCreds.SiteName;
asrVaultCreds.ResourceNamespace = aadCreds.VaultDetails.ProviderNamespace;
asrVaultCreds.ARMResourceType = aadCreds.VaultDetails.ResourceType;
asrVaultCreds.ResourceName = aadCreds.VaultDetails.ResourceName;
asrVaultCreds.PrivateEndpointStateForSiteRecovery = aadCreds.PrivateEndpointStateForSiteRecovery;
}
return(asrVaultCreds);
}
/// <summary>
/// Generates vault creds file content for Site Recovery Vault
/// </summary>
/// <param name="cert">management certificate</param>
/// <param name="subscriptionId">subscription Id</param>
/// <param name="vaultCertificateResponse">vaultCertificate Response</param>
/// <param name="asrSite">asrSite Info</param>
/// <returns>xml file in string format</returns>
private string GenerateVaultCredsForSiteRecovery(X509Certificate2 cert, string subscriptionId,
VaultCertificateResponse vaultCertificateResponse, ASRSite asrSite)
{
using (var output = new MemoryStream())
{
using (var writer = XmlWriter.Create(output, GetXmlWriterSettings()))
{
ResourceCertificateAndAadDetails aadDetails = vaultCertificateResponse.Properties as ResourceCertificateAndAadDetails;
string resourceProviderNamespace = string.Empty;
string resourceType = string.Empty;
Utilities.GetResourceProviderNamespaceAndType(this.Vault.ID, out resourceProviderNamespace, out resourceType);
Logger.Instance.WriteDebug(string.Format(
"GenerateVaultCredential resourceProviderNamespace = {0}, resourceType = {1}",
resourceProviderNamespace,
resourceType));
// Update vault settings with the working vault to generate file
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceGroupName = this.Vault.ResourceGroupName,
ResourceName = this.Vault.Name,
ResourceNamespace = resourceProviderNamespace,
ARMResourceType = resourceType
});
//Code taken from Ibiza code
string aadAudience = string.Format(CultureInfo.InvariantCulture,
@"https://RecoveryServiceVault/{0}/{1}/{2}",
Vault.Location,
Vault.Name,
aadDetails.ResourceId);
RSVaultAsrCreds vaultCreds = new RSVaultAsrCreds()
{
VaultDetails = new ASRVaultDetails
{
SubscriptionId = subscriptionId,
ResourceGroup = this.Vault.ResourceGroupName,
ResourceName = this.Vault.Name,
ResourceId = aadDetails.ResourceId.Value,
Location = Vault.Location,
ResourceType = RecoveryServicesVaultType,
ProviderNamespace = PSRecoveryServicesClient.ProductionRpNamespace
},
ManagementCert = CertUtils.SerializeCert(cert, X509ContentType.Pfx),
Version = VaultCredentialVersionAad,
AadDetails = new ASRVaultAadDetails
{
AadAuthority = aadDetails.AadAuthority,
AadTenantId = aadDetails.AadTenantId,
ServicePrincipalClientId = aadDetails.ServicePrincipalClientId,
AadVaultAudience = aadAudience,
ArmManagementEndpoint = aadDetails.AzureManagementEndpointAudience
},
ChannelIntegrityKey = this.RecoveryServicesClient.GetCurrentVaultChannelIntegrityKey(),
SiteId = asrSite.ID == null ? String.Empty : asrSite.ID,
SiteName = asrSite.Name == null ? String.Empty : asrSite.Name
};
DataContractSerializer serializer = new DataContractSerializer(typeof(RSVaultAsrCreds));
serializer.WriteObject(writer, vaultCreds);
}
return(Encoding.UTF8.GetString(output.ToArray()));
}
}
