94 lines
4.5 KiB
C#
94 lines
4.5 KiB
C#
using Azure;
|
|
using Azure.Security.KeyVault.Secrets;
|
|
|
|
namespace Core.Blueprint.KeyVault
|
|
{
|
|
/// <summary>
|
|
/// Provides operations for managing secrets in Azure Key Vault.
|
|
/// </summary>
|
|
public sealed class KeyVaultProvider(SecretClient keyVaultProvider): IKeyVaultProvider
|
|
{
|
|
/// <summary>
|
|
/// Creates a new secret in Azure Key Vault.
|
|
/// </summary>
|
|
/// <param name="keyVaultRequest">The request containing the name and value of the secret.</param>
|
|
/// <param name="cancellationToken">The cancellation token to cancel the operation.</param>
|
|
/// <returns>A <see cref="KeyVaultResponse"/> containing the details of the created secret.</returns>
|
|
public async ValueTask<KeyVaultResponse> CreateSecretAsync(KeyVaultRequest keyVaultRequest, CancellationToken cancellationToken)
|
|
{
|
|
KeyVaultResponse _response = new();
|
|
KeyVaultSecret azureResponse = await keyVaultProvider.SetSecretAsync(new KeyVaultSecret(keyVaultRequest.Name, keyVaultRequest.Value), cancellationToken);
|
|
|
|
_response.Value = azureResponse.Value;
|
|
_response.Name = azureResponse.Name;
|
|
|
|
return _response;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Deletes a secret from Azure Key Vault if it exists.
|
|
/// </summary>
|
|
/// <param name="secretName">The name of the secret to delete.</param>
|
|
/// <param name="cancellationToken">The cancellation token to cancel the operation.</param>
|
|
/// <returns>
|
|
/// A <see cref="Tuple"/> containing a status message and a boolean indicating whether the secret was successfully deleted.
|
|
/// </returns>
|
|
public async ValueTask<Tuple<string, bool>> DeleteSecretAsync(string secretName, CancellationToken cancellationToken)
|
|
{
|
|
var existingSecret = await this.GetSecretAsync(secretName, cancellationToken);
|
|
if (existingSecret != null)
|
|
{
|
|
await keyVaultProvider.StartDeleteSecretAsync(secretName, cancellationToken);
|
|
return new("Key Deleted", true);
|
|
}
|
|
|
|
return new("Key Not Found", false);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Retrieves a secret from Azure Key Vault.
|
|
/// </summary>
|
|
/// <param name="secretName">The name of the secret to retrieve.</param>
|
|
/// <param name="cancellationToken">The cancellation token to cancel the operation.</param>
|
|
/// <returns>
|
|
/// A <see cref="Tuple"/> containing the <see cref="KeyVaultResponse"/> with secret details
|
|
/// and an optional error message if the secret was not found.
|
|
/// </returns>
|
|
public async ValueTask<Tuple<KeyVaultResponse, string?>> GetSecretAsync(string secretName, CancellationToken cancellationToken)
|
|
{
|
|
KeyVaultSecret azureResponse = await keyVaultProvider.GetSecretAsync(secretName, cancellationToken: cancellationToken);
|
|
|
|
if (azureResponse == null)
|
|
{
|
|
return new(new KeyVaultResponse(), "Key Not Found");
|
|
}
|
|
|
|
return new(new KeyVaultResponse { Name = secretName, Value = azureResponse.Value }, string.Empty);
|
|
}
|
|
|
|
/// <summary>
|
|
/// Updates an existing secret in Azure Key Vault. If the secret does not exist, an error is returned.
|
|
/// </summary>
|
|
/// <param name="newSecret">The updated secret information.</param>
|
|
/// <param name="cancellationToken">The cancellation token to cancel the operation.</param>
|
|
/// <returns>
|
|
/// A <see cref="Tuple"/> containing the updated <see cref="KeyVaultResponse"/> and an optional error message if the secret was not found.
|
|
/// </returns>
|
|
public async ValueTask<Tuple<KeyVaultResponse, string>> UpdateSecretAsync(KeyVaultRequest newSecret, CancellationToken cancellationToken)
|
|
{
|
|
KeyVaultResponse _response = new();
|
|
var existingSecret = await this.GetSecretAsync(newSecret.Name, cancellationToken);
|
|
if (existingSecret == null)
|
|
{
|
|
return new(new KeyVaultResponse(), "Key Not Found");
|
|
}
|
|
KeyVaultSecret azureResponse = await keyVaultProvider.SetSecretAsync(new KeyVaultSecret(newSecret.Name, newSecret.Value), cancellationToken);
|
|
|
|
_response.Value = azureResponse.Value;
|
|
_response.Name = azureResponse.Name;
|
|
|
|
return new(new KeyVaultResponse { Name = newSecret.Name, Value = azureResponse.Value }, string.Empty);
|
|
}
|
|
}
|
|
}
|