在 KeyVault 中检测不存在的密钥的正确方法是什么
What is the correct way to detect non-existent key in KeyVault
我正在使用 2.3.2 Microsoft.Azure.KeyVault NuGet 中的 KeyVaultClient。使用 GetSecretAsync(,),我注意到如果我尝试访问不存在的秘密,则会引发 KeyVaultErrorException。
不幸的是,当访问 keyvault 被拒绝或找不到 keyvault 端点时,也会引发同样的错误。
目前我看到的唯一区别是消息 属性。那么检测未找到秘密的正确方法是什么?为什么这会引发异常而不是返回 null 或其他一些 'empty' 对象?
询问不存在的秘密:
System.AggregateException occurred
HResult=0x80131500
Message=One or more errors occurred.
Source=mscorlib
Inner Exception 1:
KeyVaultErrorException: Secret not found: secret22222
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Code = "SecretNotFound"
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Message = "Secret not found: secret22222"
无权限阅读密文:
System.AggregateException occurred
HResult=0x80131500
Message=One or more errors occurred.
Source=mscorlib
Inner Exception 1:
KeyVaultErrorException: Access denied
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Code = "Forbidden"
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Message = "Access denied"
正在尝试读取已禁用的机密:
System.AggregateException occurred
HResult=0x80131500
Message=One or more errors occurred.
Source=mscorlib
Inner Exception 1:
KeyVaultErrorException: Operation get is not allowed on a disabled secret.
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Code = "Forbidden"
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Message = "Operation get is not allowed on a disabled secret."
无效的保管库端点:
System.AggregateException occurred
HResult=0x80131500
Message=One or more errors occurred.
Source=mscorlib
Inner Exception 1:
HttpRequestException: An error occurred while sending the request.
Inner Exception 2:
WebException: The remote name could not be resolved: 'alicezzzzzz.vault.azure.net'
我觉得还不错。如果您期待严重的错误输入,我认为这不会发生,因为 SDK 只是轻型 REST 包装器,可能(部分?)由 AutoRest 生成 - 没有明显提到,但仍然提到 :) NuGet 项目描述(项目站点)。
我正在使用 2.3.2 Microsoft.Azure.KeyVault NuGet 中的 KeyVaultClient。使用 GetSecretAsync(,),我注意到如果我尝试访问不存在的秘密,则会引发 KeyVaultErrorException。
不幸的是,当访问 keyvault 被拒绝或找不到 keyvault 端点时,也会引发同样的错误。
目前我看到的唯一区别是消息 属性。那么检测未找到秘密的正确方法是什么?为什么这会引发异常而不是返回 null 或其他一些 'empty' 对象?
询问不存在的秘密:
System.AggregateException occurred
HResult=0x80131500
Message=One or more errors occurred.
Source=mscorlib
Inner Exception 1:
KeyVaultErrorException: Secret not found: secret22222
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Code = "SecretNotFound"
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Message = "Secret not found: secret22222"
无权限阅读密文:
System.AggregateException occurred
HResult=0x80131500
Message=One or more errors occurred.
Source=mscorlib
Inner Exception 1:
KeyVaultErrorException: Access denied
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Code = "Forbidden"
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Message = "Access denied"
正在尝试读取已禁用的机密:
System.AggregateException occurred
HResult=0x80131500
Message=One or more errors occurred.
Source=mscorlib
Inner Exception 1:
KeyVaultErrorException: Operation get is not allowed on a disabled secret.
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Code = "Forbidden"
((Microsoft.Azure.KeyVault.Models.KeyVaultErrorException)($exception).InnerException)
.Body.Error.Message = "Operation get is not allowed on a disabled secret."
无效的保管库端点:
System.AggregateException occurred
HResult=0x80131500
Message=One or more errors occurred.
Source=mscorlib
Inner Exception 1:
HttpRequestException: An error occurred while sending the request.
Inner Exception 2:
WebException: The remote name could not be resolved: 'alicezzzzzz.vault.azure.net'
我觉得还不错。如果您期待严重的错误输入,我认为这不会发生,因为 SDK 只是轻型 REST 包装器,可能(部分?)由 AutoRest 生成 - 没有明显提到,但仍然提到 :) NuGet 项目描述(项目站点)。