From 8975318a2f1e6d2286566e371972cd62b5d2f555 Mon Sep 17 00:00:00 2001 From: jtkech Date: Sat, 21 Oct 2023 08:41:38 +0200 Subject: [PATCH 1/2] Add KeyVault without building a config --- .../AzureKeyVaultConfigurationExtension.cs | 152 ++++++++++++++++++ .../AzureKeyVaultWebHostBuilderExtension.cs | 71 -------- 2 files changed, 152 insertions(+), 71 deletions(-) create mode 100644 src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultConfigurationExtension.cs delete mode 100644 src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultWebHostBuilderExtension.cs diff --git a/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultConfigurationExtension.cs b/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultConfigurationExtension.cs new file mode 100644 index 00000000000..e160265b15d --- /dev/null +++ b/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultConfigurationExtension.cs @@ -0,0 +1,152 @@ +using System; +using Azure.Core; +using Azure.Extensions.AspNetCore.Configuration.Secrets; +using Azure.Identity; +using Microsoft.AspNetCore.Hosting; +using Microsoft.Extensions.Configuration; +using Microsoft.Extensions.Hosting; +using OrchardCore.Configuration.KeyVault.Services; + +namespace OrchardCore.Configuration.KeyVault.Extensions +{ + public static class AzureKeyVaultConfigurationExtension + { + /// + /// Adds Azure Key Vault as a Configuration Source. + /// + /// The host builder to configure. + /// The host builder. + public static IHostBuilder AddOrchardCoreAzureKeyVault(this IHostBuilder builder) + { + if (builder == null) + { + throw new ArgumentNullException(nameof(builder)); + } + + return builder.AddOrchardCoreAzureKeyVault(new DefaultAzureCredential(includeInteractiveCredentials: true)); + } + + /// + /// Adds Azure Key Vault as a Configuration Source. + /// + /// The host builder to configure. + /// The token credential to use for authentication. + /// The host builder. + public static IHostBuilder AddOrchardCoreAzureKeyVault(this IHostBuilder builder, TokenCredential tokenCredential) + { + if (builder == null) + { + throw new ArgumentNullException(nameof(builder)); + } + + builder.ConfigureAppConfiguration((context, builder) => + { + // Here 'configuration' is a manager being a builder, and also an 'IConfigurationRoot' + // if get from the 'context', allowing to get values from the providers already added + // without having to build a configuration on the fly that would need to be disposed. + AddOrchardCoreAzureKeyVault(builder, context.Configuration, tokenCredential); + }); + + return builder; + } + /// + /// Adds Azure Key Vault as a Configuration Source. + /// + /// The web host builder to configure. + /// The web host builder. + public static IWebHostBuilder AddOrchardCoreAzureKeyVault(this IWebHostBuilder builder) + { + if (builder == null) + { + throw new ArgumentNullException(nameof(builder)); + } + + return builder.AddOrchardCoreAzureKeyVault(new DefaultAzureCredential(includeInteractiveCredentials: true)); + } + + /// + /// Adds Azure Key Vault as a Configuration Source. + /// + /// The web host builder to configure. + /// The token credential to use for authentication. + /// The web host builder. + public static IWebHostBuilder AddOrchardCoreAzureKeyVault(this IWebHostBuilder builder, TokenCredential tokenCredential) + { + if (builder == null) + { + throw new ArgumentNullException(nameof(builder)); + } + + builder.ConfigureAppConfiguration((context, builder) => + { + // Here 'configuration' is a manager being a builder, and also an 'IConfigurationRoot' + // if get from the 'context', allowing to get values from the providers already added + // without having to build a configuration on the fly that would need to be disposed. + AddOrchardCoreAzureKeyVault(builder, context.Configuration, tokenCredential); + }); + + return builder; + } + + /// + /// Adds Azure Key Vault as a Configuration Source. + /// + /// The configuration manager. + /// The configuration manager. + public static ConfigurationManager AddOrchardCoreAzureKeyVault(this ConfigurationManager configurationManager) + { + if (configurationManager is null) + { + throw new ArgumentNullException(nameof(configurationManager)); + } + + return configurationManager.AddOrchardCoreAzureKeyVault(new DefaultAzureCredential(includeInteractiveCredentials: true)); + } + + /// + /// Adds Azure Key Vault as a Configuration Source. + /// + /// The configuration manager. + /// The token credential to use for authentication. + /// The configuration manager. + public static ConfigurationManager AddOrchardCoreAzureKeyVault( + this ConfigurationManager configurationManager, TokenCredential tokenCredential) + { + if (configurationManager == null) + { + throw new ArgumentNullException(nameof(configurationManager)); + } + + // The 'ConfigurationManager' is both an 'IConfigurationBuilder' and an 'IConfigurationRoot' + // allowing to get data from the current providers without having to build a configuration. + AddOrchardCoreAzureKeyVault(configurationManager, configurationManager, tokenCredential); + + return configurationManager; + } + + private static void AddOrchardCoreAzureKeyVault( + this IConfigurationBuilder builder, IConfiguration configuration, TokenCredential tokenCredential) + { + var keyVaultName = configuration["OrchardCore:OrchardCore_KeyVault_Azure:KeyVaultName"]; + + TimeSpan? reloadInterval = null; + if (double.TryParse(configuration["OrchardCore:OrchardCore_KeyVault_Azure:ReloadInterval"], out var interval)) + { + reloadInterval = TimeSpan.FromSeconds(interval); + } + + var keyVaultEndpointUri = new Uri("https://" + keyVaultName + ".vault.azure.net"); + var configOptions = new AzureKeyVaultConfigurationOptions() + { + Manager = new AzureKeyVaultSecretManager(), + ReloadInterval = reloadInterval + }; + + builder.AddAzureKeyVault( + keyVaultEndpointUri, + tokenCredential, + configOptions + ); + } + } +} diff --git a/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultWebHostBuilderExtension.cs b/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultWebHostBuilderExtension.cs deleted file mode 100644 index ba732c488d9..00000000000 --- a/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultWebHostBuilderExtension.cs +++ /dev/null @@ -1,71 +0,0 @@ -using System; -using Azure.Core; -using Azure.Extensions.AspNetCore.Configuration.Secrets; -using Azure.Identity; -using Microsoft.Extensions.Configuration; -using Microsoft.Extensions.Hosting; -using OrchardCore.Configuration.KeyVault.Services; - -namespace OrchardCore.Configuration.KeyVault.Extensions -{ - public static class AzureKeyVaultWebHostBuilderExtension - { - /// - /// Adds Azure Key Vault as a Configuration Source. - /// - /// The web host builder to configure. - /// The web host builder. - public static IHostBuilder AddOrchardCoreAzureKeyVault(this IHostBuilder builder) - { - if (builder == null) - { - throw new ArgumentNullException(nameof(builder)); - } - - builder.AddOrchardCoreAzureKeyVault(new DefaultAzureCredential(includeInteractiveCredentials: true)); - - return builder; - } - - /// - /// Adds Azure Key Vault as a Configuration Source. - /// - /// The web host builder to configure. - /// The token credential to use for authentication. - /// The web host builder. - public static IHostBuilder AddOrchardCoreAzureKeyVault(this IHostBuilder builder, TokenCredential tokenCredential) - { - if (builder == null) - { - throw new ArgumentNullException(nameof(builder)); - } - - builder.ConfigureAppConfiguration((context, configuration) => - { - var builtConfig = configuration.Build(); - var keyVaultName = builtConfig["OrchardCore:OrchardCore_KeyVault_Azure:KeyVaultName"]; - - TimeSpan? reloadInterval = null; - if (double.TryParse(builtConfig["OrchardCore:OrchardCore_KeyVault_Azure:ReloadInterval"], out var interval)) - { - reloadInterval = TimeSpan.FromSeconds(interval); - } - - var keyVaultEndpointUri = new Uri("https://" + keyVaultName + ".vault.azure.net"); - var configOptions = new AzureKeyVaultConfigurationOptions() - { - Manager = new AzureKeyVaultSecretManager(), - ReloadInterval = reloadInterval - }; - - configuration.AddAzureKeyVault( - keyVaultEndpointUri, - tokenCredential, - configOptions - ); - }); - - return builder; - } - } -} From 75d4196b8f6872815d9fcbb3422608758e28d069 Mon Sep 17 00:00:00 2001 From: jtkech Date: Sat, 21 Oct 2023 22:29:53 +0200 Subject: [PATCH 2/2] Simplification --- .../AzureKeyVaultConfigurationExtension.cs | 76 ++++--------------- 1 file changed, 14 insertions(+), 62 deletions(-) diff --git a/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultConfigurationExtension.cs b/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultConfigurationExtension.cs index e160265b15d..52eb59e7edf 100644 --- a/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultConfigurationExtension.cs +++ b/src/OrchardCore/OrchardCore.Configuration.KeyVault/Extensions/AzureKeyVaultConfigurationExtension.cs @@ -11,28 +11,13 @@ namespace OrchardCore.Configuration.KeyVault.Extensions { public static class AzureKeyVaultConfigurationExtension { - /// - /// Adds Azure Key Vault as a Configuration Source. - /// - /// The host builder to configure. - /// The host builder. - public static IHostBuilder AddOrchardCoreAzureKeyVault(this IHostBuilder builder) - { - if (builder == null) - { - throw new ArgumentNullException(nameof(builder)); - } - - return builder.AddOrchardCoreAzureKeyVault(new DefaultAzureCredential(includeInteractiveCredentials: true)); - } - /// /// Adds Azure Key Vault as a Configuration Source. /// /// The host builder to configure. /// The token credential to use for authentication. /// The host builder. - public static IHostBuilder AddOrchardCoreAzureKeyVault(this IHostBuilder builder, TokenCredential tokenCredential) + public static IHostBuilder AddOrchardCoreAzureKeyVault(this IHostBuilder builder, TokenCredential tokenCredential = null) { if (builder == null) { @@ -41,7 +26,7 @@ public static IHostBuilder AddOrchardCoreAzureKeyVault(this IHostBuilder builder builder.ConfigureAppConfiguration((context, builder) => { - // Here 'configuration' is a manager being a builder, and also an 'IConfigurationRoot' + // Here 'builder' is a config manager being a builder and also an 'IConfigurationRoot' // if get from the 'context', allowing to get values from the providers already added // without having to build a configuration on the fly that would need to be disposed. AddOrchardCoreAzureKeyVault(builder, context.Configuration, tokenCredential); @@ -49,28 +34,11 @@ public static IHostBuilder AddOrchardCoreAzureKeyVault(this IHostBuilder builder return builder; } - /// - /// Adds Azure Key Vault as a Configuration Source. - /// - /// The web host builder to configure. - /// The web host builder. - public static IWebHostBuilder AddOrchardCoreAzureKeyVault(this IWebHostBuilder builder) - { - if (builder == null) - { - throw new ArgumentNullException(nameof(builder)); - } - - return builder.AddOrchardCoreAzureKeyVault(new DefaultAzureCredential(includeInteractiveCredentials: true)); - } /// /// Adds Azure Key Vault as a Configuration Source. /// - /// The web host builder to configure. - /// The token credential to use for authentication. - /// The web host builder. - public static IWebHostBuilder AddOrchardCoreAzureKeyVault(this IWebHostBuilder builder, TokenCredential tokenCredential) + public static IWebHostBuilder AddOrchardCoreAzureKeyVault(this IWebHostBuilder builder, TokenCredential tokenCredential = null) { if (builder == null) { @@ -79,7 +47,7 @@ public static IWebHostBuilder AddOrchardCoreAzureKeyVault(this IWebHostBuilder b builder.ConfigureAppConfiguration((context, builder) => { - // Here 'configuration' is a manager being a builder, and also an 'IConfigurationRoot' + // Here 'builder' is a config manager being a builder and also an 'IConfigurationRoot' // if get from the 'context', allowing to get values from the providers already added // without having to build a configuration on the fly that would need to be disposed. AddOrchardCoreAzureKeyVault(builder, context.Configuration, tokenCredential); @@ -91,37 +59,19 @@ public static IWebHostBuilder AddOrchardCoreAzureKeyVault(this IWebHostBuilder b /// /// Adds Azure Key Vault as a Configuration Source. /// - /// The configuration manager. - /// The configuration manager. - public static ConfigurationManager AddOrchardCoreAzureKeyVault(this ConfigurationManager configurationManager) - { - if (configurationManager is null) - { - throw new ArgumentNullException(nameof(configurationManager)); - } - - return configurationManager.AddOrchardCoreAzureKeyVault(new DefaultAzureCredential(includeInteractiveCredentials: true)); - } - - /// - /// Adds Azure Key Vault as a Configuration Source. - /// - /// The configuration manager. - /// The token credential to use for authentication. - /// The configuration manager. public static ConfigurationManager AddOrchardCoreAzureKeyVault( - this ConfigurationManager configurationManager, TokenCredential tokenCredential) + this ConfigurationManager manager, TokenCredential tokenCredential = null) { - if (configurationManager == null) + if (manager == null) { - throw new ArgumentNullException(nameof(configurationManager)); + throw new ArgumentNullException(nameof(manager)); } - // The 'ConfigurationManager' is both an 'IConfigurationBuilder' and an 'IConfigurationRoot' - // allowing to get data from the current providers without having to build a configuration. - AddOrchardCoreAzureKeyVault(configurationManager, configurationManager, tokenCredential); + // The 'ConfigurationManager' is a builder and also an 'IConfigurationRoot' allowing to + // get values from the providers already added without having to build a configuration. + AddOrchardCoreAzureKeyVault(manager, manager, tokenCredential); - return configurationManager; + return manager; } private static void AddOrchardCoreAzureKeyVault( @@ -139,9 +89,11 @@ private static void AddOrchardCoreAzureKeyVault( var configOptions = new AzureKeyVaultConfigurationOptions() { Manager = new AzureKeyVaultSecretManager(), - ReloadInterval = reloadInterval + ReloadInterval = reloadInterval, }; + tokenCredential ??= new DefaultAzureCredential(includeInteractiveCredentials: true); + builder.AddAzureKeyVault( keyVaultEndpointUri, tokenCredential,