public async Task CreateTrackDocumentAsync(Track mTrack, string tenantName = null, string trackName = null) { mTrack.Key = new TrackKey() { Type = TrackKeyType.KeyVaultRenewSelfSigned, ExternalName = await externalKeyLogic.CreateExternalKeyAsync(mTrack, tenantName, trackName) }; await tenantRepository.CreateAsync(mTrack); }
private async Task ValidatePrimaryTrackKeyAsync(RouteTrackKey trackKey) { var nowLocal = DateTime.Now; var certificate = trackKey.PrimaryKey.Key.ToX509Certificate(); try { if (certificate.NotBefore > nowLocal) { throw new KeyException($"Track primary key certificate not valid yet. Not before {certificate.NotBefore.ToUniversalTime():u}."); } if (certificate.NotAfter < nowLocal) { throw new KeyException($"Track primary key certificate has expired. Not after {certificate.NotAfter.ToUniversalTime():u}."); } } catch (Exception ex) { if (RouteBinding.TrackName == Constants.Routes.MasterTrackName && RouteBinding.Key.Type != TrackKeyType.KeyVaultRenewSelfSigned) { var mTrack = await tenantRepository.GetTrackByNameAsync(new Track.IdKey { TenantName = RouteBinding.TenantName, TrackName = RouteBinding.TrackName }); mTrack.Key.Type = TrackKeyType.KeyVaultRenewSelfSigned; mTrack.Key.Keys = null; mTrack.Key.ExternalName = await externalKeyLogic.CreateExternalKeyAsync(mTrack); await tenantRepository.UpdateAsync(mTrack); throw new ExternalKeyIsNotReadyException("The old primary master track key certificate is invalid. A new primary external track key certificate is under construction in Key Vault, it is ready in a little while.", ex); } throw; } }