public async Task Rotate(IActiveDirectoryApplication application, string keyName = null, int keyDurationInMinutes = 0) { _keyVaultService.Log = Log; _applicationService.Log = Log; if (string.IsNullOrWhiteSpace(keyName)) { keyName = Environment.GetEnvironmentVariable("DefaultKeyName", EnvironmentVariableTarget.Process); Log.LogDebug($"No custom keyname so use default keyname '{keyName}'"); } var allSecrets = await _keyVaultService.GetAllSecretsFromKeyVault(); var secret = GetSecretByApplicationObjectId(allSecrets, application.Id); if (secret == null) { Log.LogWarning($"No secret found in the KeyVault that belongs by the application with ObjectId '{application.Id}'. Key rotation for this application will be skipped. Add a secret to the KeyVault for this application to start key rotation."); } else { string key = SecretHelper.GenerateSecretKey(); await _applicationService.AddSecretToActiveDirectoryApplication(application, keyName, key, keyDurationInMinutes); await _keyVaultService.SetSecret(secret, key, secret.Tags); } await _applicationService.RemoveExpiredKeys(application); }