public IEnumerable <ConfigurationEntry> GetConfiguration()
{
return(new List <ConfigurationEntry>
{
new ConfigurationValue(ConfigurationValueType.String)
{
Key = "DevOpsVaultUrl",
DisplayName = DevOpsVaultResource.GetResource("DevOpsVaultUrl"),
IsMandatory = true,
},
new ConfigurationValue(ConfigurationValueType.String)
{
Key = "ClientId",
DisplayName = DevOpsVaultResource.GetResource("ClientId"),
IsMandatory = true,
},
new ConfigurationValue(ConfigurationValueType.String)
{
Key = "ClientSecret",
DisplayName = DevOpsVaultResource.GetResource("ClientSecret"),
IsMandatory = true,
},
new ConfigurationValue(ConfigurationValueType.String)
{
Key = "BasePathPrefix",
DisplayName = DevOpsVaultResource.GetResource("BasePathPrefix"),
DefaultValue = "uipath",
},
});
}
public async Task <IDevOpsVaultClient> GetClient(DevOpsVaultContext context)
{
bool needsRefresh = true;
var config = new Configuration
{
BasePath = BuildTenantUri(context.DevOpsVaultUrl.AbsoluteUri), Timeout = 2000
};
GlobalConfiguration.Instance = Configuration.MergeConfigurations(GlobalConfiguration.Instance, config);
if (TokenCache.ContainsKey(context.ClientId))
{
var timeToRefresh = TokenCache[context.ClientId].ExpirationTime.AddMinutes(-10);
if (timeToRefresh > DateTime.UtcNow)
{
needsRefresh = false;
}
}
if (needsRefresh)
{
var tokensApi = _apiClientFactory.GetTokensApi();
var response = await tokensApi.TokenAsync("client_credentials", clientId : context.ClientId,
clientSecret : context.ClientSecret);
if (response == null || string.IsNullOrEmpty(response.AccessToken))
{
throw new SecureStoreException(SecureStoreException.Type.InvalidConfiguration,
DevOpsVaultResource.GetResource("UnableToAuthenticate"));
}
TokenCache[context.ClientId] = new AccessTokenInfo
{
AccessToken = response.AccessToken,
ExpirationTime = DateTime.UtcNow.AddSeconds(response.ExpiresIn)
};
}
config.AccessToken = TokenCache[context.ClientId].AccessToken;
GlobalConfiguration.Instance = Configuration.MergeConfigurations(GlobalConfiguration.Instance, config);
var secretsApi = _apiClientFactory.GetSecretsApi();
return(new DevOpsVaultClient(secretsApi, context));
}
private SecureStoreException ConvertException(ApiException apiEx)
{
switch (apiEx.ErrorCode)
{
case (int)System.Net.HttpStatusCode.Forbidden:
return(new SecureStoreException(SecureStoreException.Type.UnauthorizedOperation,
DevOpsVaultResource.GetResource("AccessDenied"),
apiEx));
case (int)System.Net.HttpStatusCode.NotFound:
return(new SecureStoreException(SecureStoreException.Type.SecretNotFound,
DevOpsVaultResource.GetResource("SecretNotFound"),
apiEx));
default:
return(new SecureStoreException(DevOpsVaultResource.GetResource("GenericError"), apiEx));
}
}