Пример #1
0
        /// <summary>
        /// Fetch keyvault certificate
        /// </summary>
        /// <returns>bool</returns>
        private bool FetchKeyvaultCertificate()
        {
            if (string.IsNullOrWhiteSpace(KeyvaultCertficateId))
            {
                Console.WriteLine("Key Vault certificate id is empty or null.");
                return(true);
            }

            Console.WriteLine($"{nameof(FetchKeyvaultCertificate)} called with AAD Client ID '{AADClientId}', AAD Cert Subject Name '{AadCertSubjectName}'");

            // Fetch certificate from the keyvault
            AadSettings           aadSettings           = new AadSettings(AADClientId, AadCertSubjectName);
            AadAccessTokenHandler aadAccessTokenHandler = new AadAccessTokenHandler(aadSettings);

            aadAccessTokenHandler._aadCert = KvCertificate;
            KeyVaultSecretAccessor keyValutSecretAccessor = new KeyVaultSecretAccessor(aadAccessTokenHandler);
            string kvCertificateString = keyValutSecretAccessor.GetCertificate(KeyvaultCertficateId).Result;

            // NEVER Log secret along with the KV path.
            Console.WriteLine($"Fetched keyvault certificate for key {KeyvaultCertficateId}");

            // Always call validate and metric emission.
            this.ValidateCertificate(kvCertificateString);
            return(true);
        }
Пример #2
0
 /// <summary>
 /// Function to fetch secret
 /// </summary>
 /// <returns>true is fetch was successful</returns>
 private void FetchKeyvaultSecret(out string value)
 {
     value = string.Empty;
     try
     {
         if (string.IsNullOrWhiteSpace(KeyvaultSecretId))
         {
             Console.WriteLine("Key Vault secret id is empty or null.");
             return;
         }
         // Fetch secret from the keyvault
         AadSettings           aadSettings           = new AadSettings(AADClientId, AadCertSubjectName);
         AadAccessTokenHandler aadAccessTokenHandler = new AadAccessTokenHandler(aadSettings);
         aadAccessTokenHandler._aadCert = KvCertificate;
         KeyVaultSecretAccessor keyValutSecretAccessor = new KeyVaultSecretAccessor(aadAccessTokenHandler);
         value = keyValutSecretAccessor.GetSecret(KeyvaultSecretId).Result;
         // NEVER Log secret along with the KV path.
         Console.WriteLine($"Fetched kevault secret value for secret id {KeyvaultSecretId}");
     }
     catch (Exception ex)
     {
         Console.WriteLine($"Error while feaching Keyvault Secret id {KeyvaultSecretId}. Exception {ex.Message}");
     }
 }