private void StartListener(MonitoredPassword monitored)
{
Log.Information("Startling listener for {MonitoredPassword}", monitored);
var listener = _a2AContext.GetPersistentA2AEventListener(monitored.ApiKey, PasswordChangeHandler);
listener.Start();
_listeners.Add(listener);
}
private void StartMonitoring()
{
if (_eventListener != null)
{
throw new DevOpsException("Listener is already running.");
}
var sppAddress = _configDb.SafeguardAddress;
var userCertificate = _configDb.UserCertificateBase64Data;
var passPhrase = _configDb.UserCertificatePassphrase?.ToSecureString();
var apiVersion = _configDb.ApiVersion;
var ignoreSsl = _configDb.IgnoreSsl;
if (sppAddress == null || userCertificate == null || !apiVersion.HasValue || !ignoreSsl.HasValue)
{
_logger.Error("No safeguardConnection was found. Safeguard Secrets Broker for DevOps must be configured first");
return;
}
if (ignoreSsl.Value)
{
throw new DevOpsException("Monitoring cannot be enabled until a secure connection has been established. Trusted certificates may be missing.");
}
// This call will fail if the monitor is being started as part of the service start up.
// The reason why is because at service startup, the user has not logged into Secrets Broker yet
// so Secrets Broker does not have the SPP credentials that are required to query the current vault account credentials.
// However, the monitor can still be started using the existing vault credentials. If syncing doesn't appear to be working
// the monitor can be stopped and restarted which will cause a refresh of the vault credentials.
_pluginManager.RefreshPluginCredentials();
// connect to Safeguard
_a2AContext = Safeguard.A2A.GetContext(sppAddress, Convert.FromBase64String(userCertificate), passPhrase, CertificateValidationCallback, apiVersion.Value);
// figure out what API keys to monitor
_retrievableAccounts = _configDb.GetAccountMappings().ToList();
if (_retrievableAccounts.Count == 0)
{
var msg = "No accounts have been mapped to plugins. Nothing to do.";
_logger.Error(msg);
throw new DevOpsException(msg);
}
var apiKeys = new List <SecureString>();
foreach (var account in _retrievableAccounts)
{
apiKeys.Add(account.ApiKey.ToSecureString());
}
_eventListener = _a2AContext.GetPersistentA2AEventListener(apiKeys, PasswordChangeHandler);
_eventListener.Start();
InitialPasswordPull();
_logger.Information("Password change monitoring has been started.");
}
private void StartMonitoring()
{
if (_eventListener != null)
{
throw new DevOpsException("Listener is already running.");
}
var sppAddress = _configDb.SafeguardAddress;
var userCertificate = _configDb.UserCertificateBase64Data;
var passPhrase = _configDb.UserCertificatePassphrase?.ToSecureString();
var apiVersion = _configDb.ApiVersion;
var ignoreSsl = _configDb.IgnoreSsl;
if (sppAddress == null || userCertificate == null || !apiVersion.HasValue || !ignoreSsl.HasValue)
{
_logger.Error("No safeguardConnection was found. Safeguard Secrets Broker for DevOps must be configured first");
return;
}
_pluginManager.RefreshPluginCredentials();
// connect to Safeguard
_a2AContext = (ignoreSsl == true) ? Safeguard.A2A.GetContext(sppAddress, Convert.FromBase64String(userCertificate), passPhrase, apiVersion.Value, true) :
Safeguard.A2A.GetContext(sppAddress, Convert.FromBase64String(userCertificate), passPhrase, CertificateValidationCallback, apiVersion.Value);
// figure out what API keys to monitor
_retrievableAccounts = _configDb.GetAccountMappings().ToList();
if (_retrievableAccounts.Count == 0)
{
var msg = "No accounts have been mapped to plugins. Nothing to do.";
_logger.Error(msg);
throw new DevOpsException(msg);
}
var apiKeys = new List <SecureString>();
foreach (var account in _retrievableAccounts)
{
apiKeys.Add(account.ApiKey.ToSecureString());
}
_eventListener = _a2AContext.GetPersistentA2AEventListener(apiKeys, PasswordChangeHandler);
_eventListener.Start();
_logger.Information("Password change monitoring has been started.");
}
private void StartMonitoring()
{
if (_eventListener != null)
{
throw new Exception("Listener is already running.");
}
var configuration = _configurationRepository.GetConfiguration();
if (configuration == null)
{
_logger.Error("No configuration was found. DevOps service must be configured first");
return;
}
// connect to Safeguard
_a2aContext = Safeguard.A2A.GetContext(configuration.SppAddress, configuration.CertificateUserThumbPrint,
_safeguardApiVersion, _safeguardIgnoreSsl);
// figure out what API keys to monitor
_retrievableAccounts = GetRetrievableAccounts().ToList();
if (_retrievableAccounts.Count == 0)
{
_logger.Error("No API keys found in A2A registrations. Nothing to do.");
throw new Exception("No API keys found in A2A registrations. Nothing to do.");
}
var apiKeys = new List <SecureString>();
foreach (var account in _retrievableAccounts)
{
apiKeys.Add(account.ApiKey.ToSecureString());
}
_eventListener = _a2aContext.GetPersistentA2AEventListener(apiKeys, PasswordChangeHandler);
_eventListener.Start();
_logger.Information("Password change monitoring has been started.");
}
