private void RemovePrivateKeys(JsonWebKeyType jsonWebKeyType)
{
foreach (var securityKeyWithPrivate in _store.Get(jsonWebKeyType, _options.Value.AlgorithmsToKeep))
{
_store.Revoke(securityKeyWithPrivate);
}
}
public IReadOnlyCollection <SecurityKeyWithPrivate> Get(JsonWebKeyType jsonWebKeyType, int quantity = 5)
{
return
(_store
.Where(w => w.JwkType == jsonWebKeyType)
.OrderByDescending(s => s.CreationDate)
.Take(quantity).ToList().AsReadOnly());
}
public SecurityKeyWithPrivate GetCurrentKey(JsonWebKeyType jwkType)
{
if (jwkType == JsonWebKeyType.Jws)
{
return(_currentJws);
}
return(_currentJwe);
}
public bool NeedsUpdate(JsonWebKeyType jsonWebKeyType)
{
if (jsonWebKeyType == JsonWebKeyType.Jws)
{
return(CheckJwsNeedsUpdate());
}
return(CheckJweNeedsUpdate());
}
///GENMHASH:7224D401F0FF578F9440423240845D61:41A3C41764F15BC0C463D26AC61868CA
public KeyImpl WithKeyTypeToCreate(JsonWebKeyType keyType)
{
createKeyRequest = new CreateKeyRequest
{
VaultBaseUrl = vault.VaultUri,
KeyName = Name,
KeyType = keyType
};
return(this);
}
public bool NeedsUpdate(JsonWebKeyType jsonWebKeyType)
{
var current = GetCurrentKey(jsonWebKeyType);
if (current == null)
{
return(true);
}
return(current.CreationDate.AddDays(_options.Value.DaysUntilExpire) < DateTime.UtcNow.Date);
}
public IReadOnlyCollection <JsonWebKey> GetLastKeysCredentials(JsonWebKeyType jsonWebKeyType, int qty)
{
// sometimes current force update
var store = _store.Get(jsonWebKeyType, qty);
if (!store.Any())
{
GetCurrentSigningCredentials();
return(_store.Get(jsonWebKeyType, qty).OrderByDescending(o => o.CreationDate).Select(s => s.GetSecurityKey()).ToList().AsReadOnly());
}
var keys = store.Where(w => w.JwkType == jsonWebKeyType).OrderByDescending(o => o.CreationDate);
return(keys.Select(s => s.GetSecurityKey()).ToList().AsReadOnly());
}
public SecurityKeyWithPrivate GetCurrentKey(JsonWebKeyType jwkType)
{
if (!_memoryCache.TryGetValue(JwkContants.CurrentJwkCache(jwkType), out SecurityKeyWithPrivate credentials))
{
credentials = GetKey(GetCurrentFile(jwkType));
// Set cache options.
var cacheEntryOptions = new MemoryCacheEntryOptions()
// Keep in cache for this time, reset time if accessed.
.SetSlidingExpiration(_options.Value.CacheTime);
if (credentials != null)
{
_memoryCache.Set(JwkContants.CurrentJwkCache(jwkType), credentials, cacheEntryOptions);
}
}
return(credentials);
}
public IReadOnlyCollection <SecurityKeyWithPrivate> Get(JsonWebKeyType jwkType, int quantity = 5)
{
if (!_memoryCache.TryGetValue(JwkContants.JwksCache, out IReadOnlyCollection <SecurityKeyWithPrivate> keys))
{
keys = _context.SecurityKeys.OrderByDescending(d => d.CreationDate).Take(quantity).AsNoTracking().ToList().AsReadOnly();
// Set cache options.
var cacheEntryOptions = new MemoryCacheEntryOptions()
// Keep in cache for this time, reset time if accessed.
.SetSlidingExpiration(_options.Value.CacheTime);
if (keys.Any())
{
_memoryCache.Set(JwkContants.JwksCache, keys, cacheEntryOptions);
}
}
return(_context.SecurityKeys.Where(w => w.JwkType == jwkType).OrderByDescending(d => d.CreationDate).Take(quantity).AsNoTracking().ToList().AsReadOnly());
}
public SecurityKeyWithPrivate GetCurrentKey(JsonWebKeyType jwkType)
{
if (!_memoryCache.TryGetValue(JwkContants.CurrentJwkCache(jwkType), out SecurityKeyWithPrivate credentials))
{
credentials = _context.SecurityKeys.OrderByDescending(d => d.CreationDate).AsNoTracking().FirstOrDefault(f => f.JwkType == jwkType);
// Set cache options.
var cacheEntryOptions = new MemoryCacheEntryOptions()
// Keep in cache for this time, reset time if accessed.
.SetSlidingExpiration(_options.Value.CacheTime);
if (credentials != null)
{
_memoryCache.Set(JwkContants.CurrentJwkCache(jwkType), credentials, cacheEntryOptions);
}
}
// Put logger in a local such that `this` isn't captured.
return(_context.SecurityKeys.OrderByDescending(d => d.CreationDate).AsNoTracking().FirstOrDefault(f => f.JwkType == jwkType));
}
public IReadOnlyCollection <SecurityKeyWithPrivate> Get(JsonWebKeyType jsonWebKeyType, int quantity = 5)
{
if (!_memoryCache.TryGetValue(JwkContants.JwksCache, out IReadOnlyCollection <SecurityKeyWithPrivate> keys))
{
keys = KeysPath.GetFiles("*.key")
.Take(quantity)
.Select(s => s.FullName)
.Select(GetKey).ToList().AsReadOnly();
// Set cache options.
var cacheEntryOptions = new MemoryCacheEntryOptions()
// Keep in cache for this time, reset time if accessed.
.SetSlidingExpiration(_options.Value.CacheTime);
if (keys.Any())
{
_memoryCache.Set(JwkContants.JwksCache, keys, cacheEntryOptions);
}
}
return(keys.Where(w => w.JwkType == jsonWebKeyType).ToList().AsReadOnly());
}
public static string CurrentJwkCache(JsonWebKeyType jwkType) => $"NETDEVPACK-CURRENT-{jwkType}-SECURITY-KEY";
public bool NeedsUpdate(JsonWebKeyType jsonWebKeyType)
{
return(!File.Exists(GetCurrentFile(jsonWebKeyType)) || File.GetCreationTimeUtc(GetCurrentFile(jsonWebKeyType)).AddDays(_options.Value.DaysUntilExpire) < DateTime.UtcNow.Date);
}
private string GetCurrentFile(JsonWebKeyType jsonWebKeyType)
{
return(Path.Combine(KeysPath.FullName, $"{_options.Value.KeyPrefix}current-{jsonWebKeyType}.key"));
}
internal static KeyData DeserializeKeyData(JsonElement element)
{
Optional <string> location = default;
Optional <IReadOnlyDictionary <string, string> > tags = default;
ResourceIdentifier id = default;
string name = default;
ResourceType type = default;
SystemData systemData = default;
Optional <KeyAttributes> attributes = default;
Optional <JsonWebKeyType> kty = default;
Optional <IList <JsonWebKeyOperation> > keyOps = default;
Optional <int> keySize = default;
Optional <JsonWebKeyCurveName> curveName = default;
Optional <Uri> keyUri = default;
Optional <string> keyUriWithVersion = default;
foreach (var property in element.EnumerateObject())
{
if (property.NameEquals("location"))
{
location = property.Value.GetString();
continue;
}
if (property.NameEquals("tags"))
{
if (property.Value.ValueKind == JsonValueKind.Null)
{
property.ThrowNonNullablePropertyIsNull();
continue;
}
Dictionary <string, string> dictionary = new Dictionary <string, string>();
foreach (var property0 in property.Value.EnumerateObject())
{
dictionary.Add(property0.Name, property0.Value.GetString());
}
tags = dictionary;
continue;
}
if (property.NameEquals("id"))
{
id = new ResourceIdentifier(property.Value.GetString());
continue;
}
if (property.NameEquals("name"))
{
name = property.Value.GetString();
continue;
}
if (property.NameEquals("type"))
{
type = property.Value.GetString();
continue;
}
if (property.NameEquals("systemData"))
{
systemData = JsonSerializer.Deserialize <SystemData>(property.Value.ToString());
continue;
}
if (property.NameEquals("properties"))
{
if (property.Value.ValueKind == JsonValueKind.Null)
{
property.ThrowNonNullablePropertyIsNull();
continue;
}
foreach (var property0 in property.Value.EnumerateObject())
{
if (property0.NameEquals("attributes"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
attributes = KeyAttributes.DeserializeKeyAttributes(property0.Value);
continue;
}
if (property0.NameEquals("kty"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
kty = new JsonWebKeyType(property0.Value.GetString());
continue;
}
if (property0.NameEquals("keyOps"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
List <JsonWebKeyOperation> array = new List <JsonWebKeyOperation>();
foreach (var item in property0.Value.EnumerateArray())
{
array.Add(new JsonWebKeyOperation(item.GetString()));
}
keyOps = array;
continue;
}
if (property0.NameEquals("keySize"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
keySize = property0.Value.GetInt32();
continue;
}
if (property0.NameEquals("curveName"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
property0.ThrowNonNullablePropertyIsNull();
continue;
}
curveName = new JsonWebKeyCurveName(property0.Value.GetString());
continue;
}
if (property0.NameEquals("keyUri"))
{
if (property0.Value.ValueKind == JsonValueKind.Null)
{
keyUri = null;
continue;
}
keyUri = new Uri(property0.Value.GetString());
continue;
}
if (property0.NameEquals("keyUriWithVersion"))
{
keyUriWithVersion = property0.Value.GetString();
continue;
}
}
continue;
}
}
return(new KeyData(id, name, type, systemData, location.Value, Optional.ToDictionary(tags), attributes.Value, Optional.ToNullable(kty), Optional.ToList(keyOps), Optional.ToNullable(keySize), Optional.ToNullable(curveName), keyUri.Value, keyUriWithVersion.Value));
}
/// <summary>
/// Specifies a key type to create a new key.
/// </summary>
/// <param name="keyType">The JWK type to create.</param>
/// <return>The next stage of the definition.</return>
Microsoft.Azure.Management.KeyVault.Fluent.Key.Definition.IWithCreate Microsoft.Azure.Management.KeyVault.Fluent.Key.Definition.IWithKey.WithKeyTypeToCreate(JsonWebKeyType keyType)
{
return(this.WithKeyTypeToCreate(keyType) as Microsoft.Azure.Management.KeyVault.Fluent.Key.Definition.IWithCreate);
}
/// <summary> /// Converts the <see cref="sourceValue" /> parameter to the <see cref="destinationType" /> parameter using <see cref="formatProvider" /// /> and <see cref="ignoreCase" /> /// </summary> /// <param name="sourceValue">the <see cref="System.Object"/> to convert from</param> /// <param name="destinationType">the <see cref="System.Type" /> to convert to</param> /// <param name="formatProvider">not used by this TypeConverter.</param> /// <param name="ignoreCase">when set to <c>true</c>, will ignore the case when converting.</param> /// <returns> /// an instance of <see cref="JsonWebKeyType" />, or <c>null</c> if there is no suitable conversion. /// </returns> public override object ConvertFrom(object sourceValue, global::System.Type destinationType, global::System.IFormatProvider formatProvider, bool ignoreCase) => JsonWebKeyType.CreateFrom(sourceValue);
