/// <summary>
/// Changes the Vault context
/// </summary>
/// <param name="vault">vault object</param>
/// <returns>credential object</returns>
public ASRVaultCreds ChangeVaultContext(ARSVault vault)
{
string resourceProviderNamespace = string.Empty;
string resourceType = string.Empty;
Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType);
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceGroupName = vault.ResourceGroupName,
ResourceName = vault.Name,
ResourceNamespace = resourceProviderNamespace,
ARMResourceType = resourceType
});
// Get Channel Integrity key
string getChannelIntegrityKey = this.GetCurrentVaultChannelIntegrityKey();
// Update vault settings along with Channel integrity key
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceGroupName = vault.ResourceGroupName,
ResourceName = vault.Name,
ChannelIntegrityKey = getChannelIntegrityKey,
ResourceNamespace = resourceProviderNamespace,
ARMResourceType = resourceType
});
return(arsVaultCreds);
}
/// <summary>
/// Gets the vault credential object
/// </summary>
/// <param name="managementCert">certificate to be uploaded</param>
/// <param name="vault">vault object</param>
/// <param name="site">site object</param>
/// <param name="authType">authentication type</param>
/// <returns>credential object</returns>
public ASRVaultCreds GenerateVaultCredential(
X509Certificate2 managementCert,
ARSVault vault,
ASRSite site,
string authType)
{
ASRVaultCreds currentVaultContext = PSRecoveryServicesClient.arsVaultCreds;
string resourceProviderNamespace = string.Empty;
string resourceType = string.Empty;
Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType);
Logger.Instance.WriteDebug(string.Format(
"GenerateVaultCredential resourceProviderNamespace = {0}, resourceType = {1}",
resourceProviderNamespace,
resourceType));
// Update vault settings with the working vault to generate file
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceGroupName = vault.ResourceGroupName,
ResourceName = vault.Name,
ResourceNamespace = resourceProviderNamespace,
ARMResourceType = resourceType
});
// Get Channel Integrity key
string channelIntegrityKey;
string getChannelIntegrityKey = this.GetCurrentVaultChannelIntegrityKey();
// Making sure we can generate the file, once the SDK and portal are inter-operable
// upload certificate and fetch of ACIK can be made parallel to improvve the performace.
// Upload certificate
VaultCertificateResponse uploadCertificate = this.UpdateVaultCertificate(
managementCert,
authType);
channelIntegrityKey = getChannelIntegrityKey;
ASRVaultCreds arsVaultCreds = this.GenerateCredentialObject(
managementCert,
uploadCertificate,
channelIntegrityKey,
vault,
site);
// Update back the original vault settings
Utilities.UpdateCurrentVaultContext(currentVaultContext);
return(arsVaultCreds);
}
/// <summary>
/// Gets the vault credential object
/// </summary>
/// <param name="managementCert">certificate to be uploaded</param>
/// <param name="vault">vault object</param>
/// <returns>credential object</returns>
public ASRVaultCreds GenerateVaultCredential(X509Certificate2 managementCert, ARSVault vault, ASRSite site)
{
ASRVaultCreds currentVaultContext = PSRecoveryServicesClient.asrVaultCreds;
string resourceProviderNamespace = string.Empty;
string resourceType = string.Empty;
Utilities.GetResourceProviderNamespaceAndType(vault.ID, out resourceProviderNamespace, out resourceType);
// Update vault settings with the working vault to generate file
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceGroupName = vault.ResouceGroupName,
ResourceName = vault.Name,
ResourceNamespace = resourceProviderNamespace,
ARMResourceType = resourceType
});
// Get Channel Integrity key
string channelIntegrityKey;
Task <string> getChannelIntegrityKey = this.GetChannelIntegrityKey();
// Making sure we can generate the file, once the SDK and portal are inter-operable
// upload certificate and fetch of ACIK can be made parallel to improvve the performace.
getChannelIntegrityKey.Wait();
// Upload certificate
UploadCertificateResponse acsDetails;
Task <UploadCertificateResponse> uploadCertificate = this.UpdateVaultCertificate(managementCert);
uploadCertificate.Wait();
acsDetails = uploadCertificate.Result;
channelIntegrityKey = getChannelIntegrityKey.Result;
ASRVaultCreds asrVaultCreds = this.GenerateCredentialObject(
managementCert,
acsDetails,
channelIntegrityKey,
vault,
site);
// Update back the original vault settings
Utilities.UpdateCurrentVaultContext(currentVaultContext);
return(asrVaultCreds);
}
/// <summary>
/// Initializes a new instance of the <see cref="PSRecoveryServicesClient" /> class with
/// required current subscription.
/// </summary>
/// <param name="azureSubscription">Azure Subscription</param>
public PSRecoveryServicesClient(IAzureContext defaultContext)
{
string resourceType = string.Empty;
// Get Resource provider namespace from config if needed to communicate with internal deployments
if (string.IsNullOrEmpty(arsVaultCreds.ResourceNamespace))
{
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceNamespace = ProductionRpNamespace,
ARMResourceType = resourceType
});
}
this.recoveryServicesClient =
AzureSession.ClientFactory.CreateArmClient <RecoveryServicesClient>(
defaultContext, AzureEnvironment.Endpoint.ResourceManager);
resourceManagementClient = AzureSession.ClientFactory.CreateArmClient <ResourceManagementClient>(defaultContext, AzureEnvironment.Endpoint.ResourceManager);
}
/// <summary>
/// Initializes a new instance of the <see cref="PSRecoveryServicesClient" /> class with
/// required current subscription.
/// </summary>
/// <param name="azureSubscription">Azure Subscription</param>
public PSRecoveryServicesClient(IAzureProfile azureProfile)
{
System.Configuration.Configuration recoveryServicesConfig = ConfigurationManager.OpenExeConfiguration(System.Reflection.Assembly.GetExecutingAssembly().Location);
System.Configuration.AppSettingsSection appSettings = (System.Configuration.AppSettingsSection)recoveryServicesConfig.GetSection("appSettings");
string resourceNamespace = string.Empty;
string resourceType = string.Empty;
// Get Resource provider namespace from config if needed to communicate with internal deployments
if (string.IsNullOrEmpty(arsVaultCreds.ResourceNamespace))
{
if (appSettings.Settings.Count == 0)
{
resourceNamespace = "Microsoft.RecoveryServices";
}
else
{
resourceNamespace =
null == appSettings.Settings["ProviderNamespace"]
? "Microsoft.RecoveryServices"
: appSettings.Settings["ProviderNamespace"].Value;
}
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceNamespace = resourceNamespace,
ARMResourceType = resourceType
});
}
this.recoveryServicesClient =
AzureSession.ClientFactory.CreateCustomClient <RecoveryServicesManagementClient>(
arsVaultCreds.ResourceNamespace,
AzureSession.AuthenticationFactory.GetSubscriptionCloudCredentials(azureProfile.Context),
azureProfile.Context.Environment.GetEndpointAsUri(AzureEnvironment.Endpoint.ResourceManager));
}
/// <summary>
/// Initializes a new instance of the <see cref="PSRecoveryServicesClient" /> class with
/// required current subscription.
/// </summary>
/// <param name="azureSubscription">Azure Subscription</param>
public PSRecoveryServicesClient(IAzureContext defaultContext)
{
System.Configuration.Configuration recoveryServicesConfig = ConfigurationManager.OpenExeConfiguration(System.Reflection.Assembly.GetExecutingAssembly().Location);
System.Configuration.AppSettingsSection appSettings = (System.Configuration.AppSettingsSection)recoveryServicesConfig.GetSection("appSettings");
string resourceType = string.Empty;
// Get Resource provider namespace from config if needed to communicate with internal deployments
if (string.IsNullOrEmpty(arsVaultCreds.ResourceNamespace))
{
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceNamespace = ProductionRpNamespace,
ARMResourceType = resourceType
});
}
this.recoveryServicesClient =
AzureSession.Instance.ClientFactory.CreateArmClient <RecoveryServicesClient>(
defaultContext, AzureEnvironment.Endpoint.ResourceManager);
resourceManagementClient = AzureSession.Instance.ClientFactory.CreateArmClient <ResourceManagementClient>(defaultContext, AzureEnvironment.Endpoint.ResourceManager);
}
/// <summary>
/// Generates vault creds file content for Site Recovery Vault
/// </summary>
/// <param name="cert">management certificate</param>
/// <param name="subscriptionId">subscription Id</param>
/// <param name="vaultCertificateResponse">vaultCertificate Response</param>
/// <param name="asrSite">asrSite Info</param>
/// <returns>xml file in string format</returns>
private string GenerateVaultCredsForSiteRecovery(X509Certificate2 cert, string subscriptionId,
VaultCertificateResponse vaultCertificateResponse, ASRSite asrSite)
{
using (var output = new MemoryStream())
{
using (var writer = XmlWriter.Create(output, GetXmlWriterSettings()))
{
ResourceCertificateAndAadDetails aadDetails = vaultCertificateResponse.Properties as ResourceCertificateAndAadDetails;
string resourceProviderNamespace = string.Empty;
string resourceType = string.Empty;
Utilities.GetResourceProviderNamespaceAndType(this.Vault.ID, out resourceProviderNamespace, out resourceType);
Logger.Instance.WriteDebug(string.Format(
"GenerateVaultCredential resourceProviderNamespace = {0}, resourceType = {1}",
resourceProviderNamespace,
resourceType));
// Update vault settings with the working vault to generate file
Utilities.UpdateCurrentVaultContext(new ASRVaultCreds()
{
ResourceGroupName = this.Vault.ResourceGroupName,
ResourceName = this.Vault.Name,
ResourceNamespace = resourceProviderNamespace,
ARMResourceType = resourceType
});
//Code taken from Ibiza code
string aadAudience = string.Format(CultureInfo.InvariantCulture,
@"https://RecoveryServiceVault/{0}/{1}/{2}",
Vault.Location,
Vault.Name,
aadDetails.ResourceId);
RSVaultAsrCreds vaultCreds = new RSVaultAsrCreds()
{
VaultDetails = new ASRVaultDetails
{
SubscriptionId = subscriptionId,
ResourceGroup = this.Vault.ResourceGroupName,
ResourceName = this.Vault.Name,
ResourceId = aadDetails.ResourceId.Value,
Location = Vault.Location,
ResourceType = RecoveryServicesVaultType,
ProviderNamespace = PSRecoveryServicesClient.ProductionRpNamespace
},
ManagementCert = CertUtils.SerializeCert(cert, X509ContentType.Pfx),
Version = VaultCredentialVersionAad,
AadDetails = new ASRVaultAadDetails
{
AadAuthority = aadDetails.AadAuthority,
AadTenantId = aadDetails.AadTenantId,
ServicePrincipalClientId = aadDetails.ServicePrincipalClientId,
AadVaultAudience = aadAudience,
ArmManagementEndpoint = aadDetails.AzureManagementEndpointAudience
},
ChannelIntegrityKey = this.RecoveryServicesClient.GetCurrentVaultChannelIntegrityKey(),
SiteId = asrSite.ID == null ? String.Empty : asrSite.ID,
SiteName = asrSite.Name == null ? String.Empty : asrSite.Name
};
DataContractSerializer serializer = new DataContractSerializer(typeof(RSVaultAsrCreds));
serializer.WriteObject(writer, vaultCreds);
}
return(Encoding.UTF8.GetString(output.ToArray()));
}
}
