private void StartListener(MonitoredPassword monitored) { Log.Information("Startling listener for {MonitoredPassword}", monitored); var listener = _a2AContext.GetPersistentA2AEventListener(monitored.ApiKey, PasswordChangeHandler); listener.Start(); _listeners.Add(listener); }
private void StartMonitoring() { if (_eventListener != null) { throw new DevOpsException("Listener is already running."); } var sppAddress = _configDb.SafeguardAddress; var userCertificate = _configDb.UserCertificateBase64Data; var passPhrase = _configDb.UserCertificatePassphrase?.ToSecureString(); var apiVersion = _configDb.ApiVersion; var ignoreSsl = _configDb.IgnoreSsl; if (sppAddress == null || userCertificate == null || !apiVersion.HasValue || !ignoreSsl.HasValue) { _logger.Error("No safeguardConnection was found. Safeguard Secrets Broker for DevOps must be configured first"); return; } if (ignoreSsl.Value) { throw new DevOpsException("Monitoring cannot be enabled until a secure connection has been established. Trusted certificates may be missing."); } // This call will fail if the monitor is being started as part of the service start up. // The reason why is because at service startup, the user has not logged into Secrets Broker yet // so Secrets Broker does not have the SPP credentials that are required to query the current vault account credentials. // However, the monitor can still be started using the existing vault credentials. If syncing doesn't appear to be working // the monitor can be stopped and restarted which will cause a refresh of the vault credentials. _pluginManager.RefreshPluginCredentials(); // connect to Safeguard _a2AContext = Safeguard.A2A.GetContext(sppAddress, Convert.FromBase64String(userCertificate), passPhrase, CertificateValidationCallback, apiVersion.Value); // figure out what API keys to monitor _retrievableAccounts = _configDb.GetAccountMappings().ToList(); if (_retrievableAccounts.Count == 0) { var msg = "No accounts have been mapped to plugins. Nothing to do."; _logger.Error(msg); throw new DevOpsException(msg); } var apiKeys = new List <SecureString>(); foreach (var account in _retrievableAccounts) { apiKeys.Add(account.ApiKey.ToSecureString()); } _eventListener = _a2AContext.GetPersistentA2AEventListener(apiKeys, PasswordChangeHandler); _eventListener.Start(); InitialPasswordPull(); _logger.Information("Password change monitoring has been started."); }
private void StartMonitoring() { if (_eventListener != null) { throw new DevOpsException("Listener is already running."); } var sppAddress = _configDb.SafeguardAddress; var userCertificate = _configDb.UserCertificateBase64Data; var passPhrase = _configDb.UserCertificatePassphrase?.ToSecureString(); var apiVersion = _configDb.ApiVersion; var ignoreSsl = _configDb.IgnoreSsl; if (sppAddress == null || userCertificate == null || !apiVersion.HasValue || !ignoreSsl.HasValue) { _logger.Error("No safeguardConnection was found. Safeguard Secrets Broker for DevOps must be configured first"); return; } _pluginManager.RefreshPluginCredentials(); // connect to Safeguard _a2AContext = (ignoreSsl == true) ? Safeguard.A2A.GetContext(sppAddress, Convert.FromBase64String(userCertificate), passPhrase, apiVersion.Value, true) : Safeguard.A2A.GetContext(sppAddress, Convert.FromBase64String(userCertificate), passPhrase, CertificateValidationCallback, apiVersion.Value); // figure out what API keys to monitor _retrievableAccounts = _configDb.GetAccountMappings().ToList(); if (_retrievableAccounts.Count == 0) { var msg = "No accounts have been mapped to plugins. Nothing to do."; _logger.Error(msg); throw new DevOpsException(msg); } var apiKeys = new List <SecureString>(); foreach (var account in _retrievableAccounts) { apiKeys.Add(account.ApiKey.ToSecureString()); } _eventListener = _a2AContext.GetPersistentA2AEventListener(apiKeys, PasswordChangeHandler); _eventListener.Start(); _logger.Information("Password change monitoring has been started."); }
private void StartMonitoring() { if (_eventListener != null) { throw new Exception("Listener is already running."); } var configuration = _configurationRepository.GetConfiguration(); if (configuration == null) { _logger.Error("No configuration was found. DevOps service must be configured first"); return; } // connect to Safeguard _a2aContext = Safeguard.A2A.GetContext(configuration.SppAddress, configuration.CertificateUserThumbPrint, _safeguardApiVersion, _safeguardIgnoreSsl); // figure out what API keys to monitor _retrievableAccounts = GetRetrievableAccounts().ToList(); if (_retrievableAccounts.Count == 0) { _logger.Error("No API keys found in A2A registrations. Nothing to do."); throw new Exception("No API keys found in A2A registrations. Nothing to do."); } var apiKeys = new List <SecureString>(); foreach (var account in _retrievableAccounts) { apiKeys.Add(account.ApiKey.ToSecureString()); } _eventListener = _a2aContext.GetPersistentA2AEventListener(apiKeys, PasswordChangeHandler); _eventListener.Start(); _logger.Information("Password change monitoring has been started."); }