public async Task Rotate(IActiveDirectoryApplication application, string keyName = null, int keyDurationInMinutes = 0)
{
_keyVaultService.Log = Log;
_applicationService.Log = Log;
if (string.IsNullOrWhiteSpace(keyName))
{
keyName = Environment.GetEnvironmentVariable("DefaultKeyName", EnvironmentVariableTarget.Process);
Log.LogDebug($"No custom keyname so use default keyname '{keyName}'");
}
var allSecrets = await _keyVaultService.GetAllSecretsFromKeyVault();
var secret = GetSecretByApplicationObjectId(allSecrets, application.Id);
if (secret == null)
{
Log.LogWarning($"No secret found in the KeyVault that belongs by the application with ObjectId '{application.Id}'. Key rotation for this application will be skipped. Add a secret to the KeyVault for this application to start key rotation.");
}
else
{
string key = SecretHelper.GenerateSecretKey();
await _applicationService.AddSecretToActiveDirectoryApplication(application, keyName, key, keyDurationInMinutes);
await _keyVaultService.SetSecret(secret, key, secret.Tags);
}
await _applicationService.RemoveExpiredKeys(application);
}
