Skip to content

Commit

Permalink
Feature/secretsmanager vs localsecrets (#97)
Browse files Browse the repository at this point in the history
  • Loading branch information
@DanRJ
DanRJ authored Jun 17, 2022
1 parent e0e067a commit 7a7cf9d
Showing 1 changed file with 36 additions and 27 deletions.
63 changes: 36 additions & 27 deletions src/Altinn.App.PlatformServices/Implementation/SecretsLocalAppSI.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,10 @@
using System.IO;
using System.Text.Json;
using System.Threading.Tasks;

using Altinn.App.Services.Interface;

using Microsoft.Azure.KeyVault;
using Microsoft.Azure.KeyVault.WebKey;

using Microsoft.Extensions.Configuration;
using Newtonsoft.Json.Linq;

namespace Altinn.App.PlatformServices.Implementation
Expand All @@ -17,21 +15,25 @@ namespace Altinn.App.PlatformServices.Implementation
/// </summary>
public class SecretsLocalAppSI : ISecrets
{
private readonly IConfiguration _configuration;

/// <summary>
/// Initializes a new instance of the <see cref="SecretsLocalAppSI"/> class.
/// </summary>
/// <param name="configuration">IConfiguration</param>
public SecretsLocalAppSI(IConfiguration configuration)
{
_configuration = configuration;
}

/// <inheritdoc />
public async Task<byte[]> GetCertificateAsync(string certificateId)
{
string path = Path.Combine(Directory.GetCurrentDirectory(), @"secrets.json");
if (File.Exists(path))
string token = GetTokenFromSecrets(certificateId);
if (!string.IsNullOrEmpty(token))
{
string jsonString = File.ReadAllText(path);
JObject keyVault = JObject.Parse(jsonString);
keyVault.TryGetValue(certificateId, out JToken token);

if (token != null)
{
byte[] localCertBytes = Convert.FromBase64String(token.ToString());
return await Task.FromResult(localCertBytes);
}
byte[] localCertBytes = Convert.FromBase64String(token);
return await Task.FromResult(localCertBytes);
}

return null;
Expand All @@ -40,22 +42,16 @@ public async Task<byte[]> GetCertificateAsync(string certificateId)
/// <inheritdoc />
public async Task<JsonWebKey> GetKeyAsync(string keyId)
{
string path = Path.Combine(Directory.GetCurrentDirectory(), @"secrets.json");
if (File.Exists(path))
string token = GetTokenFromSecrets(keyId);
if (!string.IsNullOrEmpty(token))
{
JObject keyVault = JObject.Parse(File.ReadAllText(path));
keyVault.TryGetValue(keyId, out JToken token);

if (token != null)
{
JsonWebKey key = JsonSerializer.Deserialize<JsonWebKey>(token.ToString());
return await Task.FromResult(key);
}
JsonWebKey key = JsonSerializer.Deserialize<JsonWebKey>(token);
return await Task.FromResult(key);
}

return null;
}

/// <inheritdoc />
public KeyVaultClient GetKeyVaultClient()
{
Expand All @@ -64,17 +60,30 @@ public KeyVaultClient GetKeyVaultClient()

/// <inheritdoc />
public async Task<string> GetSecretAsync(string secretId)
{
string token = GetTokenFromSecrets(secretId);
return await Task.FromResult(token);
}

private string GetTokenFromSecrets(string tokenId)
=> GetTokenFromConfiguration(tokenId) ??
GetTokenFromLocalSecrets(tokenId);

private string GetTokenFromConfiguration(string tokenId)
=> _configuration[tokenId];

private static string GetTokenFromLocalSecrets(string tokenId)
{
string path = Path.Combine(Directory.GetCurrentDirectory(), @"secrets.json");
if (File.Exists(path))
{
string jsonString = File.ReadAllText(path);
JObject keyVault = JObject.Parse(jsonString);
keyVault.TryGetValue(secretId, out JToken token);
keyVault.TryGetValue(tokenId, out JToken token);
return token != null ? token.ToString() : string.Empty;
}

return await Task.FromResult(string.Empty);
return string.Empty;
}
}
}

0 comments on commit 7a7cf9d

Please sign in to comment.