/// <summary> /// Gets the authenticated Key Vault client. /// </summary> protected async Task <IKeyVaultClient> GetClientAsync() { if (_isUsingAzureSdk) { throw new InvalidOperationException( $"Azure Key Vault secret provider is configured using the new Azure.Security.KeyVault.Secrets package, please call the '{nameof(GetSecretClient)}' instead to have access to the low-level Key Vault client"); } Logger.LogTrace("Authenticating with the Azure Key Vault {VaultUri}...", VaultUri); await LockCreateKeyVaultClient.WaitAsync(); try { if (_keyVaultClient is null) { _keyVaultClient = await _authentication.AuthenticateAsync(); } Logger.LogTrace("Authenticated with the Azure Key Vault {VaultUri}", VaultUri); return(_keyVaultClient); } catch (Exception exception) { Logger.LogError(exception, "Failure during authenticating with the Azure Key Vault {VaultUri}", VaultUri); throw; } finally { LockCreateKeyVaultClient.Release(); } }
/// <summary> /// Gets the authenticated Key Vault client. /// </summary> /// <returns></returns> protected async Task <IKeyVaultClient> GetClientAsync() { await LockCreateKeyVaultClient.WaitAsync(); try { if (_keyVaultClient == null) { _keyVaultClient = await _authentication.AuthenticateAsync(); } return(_keyVaultClient); } finally { LockCreateKeyVaultClient.Release(); } }
/// <summary> /// Rotates the Azure Service Bus connection string key, stored inside Azure Key Vault with the specified <paramref name="secretName"/>. /// </summary> /// <param name="secretName">The name of the secret where the Azure Service Bus connection string is stored.</param> /// <exception cref="ArgumentException">Thrown when the <paramref name="secretName"/> is blank.</exception> public async Task RotateServiceBusSecretAsync(string secretName) { Guard.NotNullOrWhitespace(secretName, nameof(secretName), "Requires a non-blank secret name that points to a secret in the Azure Key Vault resource to set the new rotated Azure Service Bus connection strings keys to"); Interlocked.Increment(ref _index); using IKeyVaultClient keyVaultClient = await _authentication.AuthenticateAsync(); if (_index % 2 != 0) { string secondaryConnectionString = await _serviceBusClient.RotateConnectionStringKeyAsync(KeyType.SecondaryKey); await SetConnectionStringSecretAsync(keyVaultClient, secretName, secondaryConnectionString, KeyType.SecondaryKey); await _serviceBusClient.RotateConnectionStringKeyAsync(KeyType.PrimaryKey); } else { string primaryConnectionString = await _serviceBusClient.RotateConnectionStringKeyAsync(KeyType.PrimaryKey); await SetConnectionStringSecretAsync(keyVaultClient, secretName, primaryConnectionString, KeyType.PrimaryKey); await _serviceBusClient.RotateConnectionStringKeyAsync(KeyType.SecondaryKey); } }