通过 C# 访问 Azure 中的 keyvault 时引发异常
Exception raised while accessing keyvault in Azure through C#
我有以下代码来获取 Azure 中的密钥保管库机密:
var kv = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetToken));
var sec = await kv.GetSecretAsync(ConfigurationManager.AppSettings["SomeURI"]);
secretValue = sec.Value ;
在 App Config 中我有:
<add key="SomeURI" value="https://baseURL/KeyName/b75cabsdf45667nhjhe516c674457" />
因为我在我的应用程序中多次使用它,所以我创建了一个 class 并将其命名为 class。 class 看起来像这样:
public static class KeyVaultFetch
{
public async static Task<string> GetCachedSecret(string secretname)
{
try
{
string BaseUri = ConfigurationManager.AppSettings["keyvaultBaseURI"].ToString();
var kv = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetToken));
var secretbundle = await kv.GetSecretAsync($"{BaseUri}{secretname}").ConfigureAwait(false);
return secretbundle.Value;
}
catch (Exception ex)
{
log.Error("Exception raised in GetCachedSecret.");
log.Error("Exception Details: " + ex.Message);
log.Error("Inner Exception Details: " + ex.InnerException);
throw;
}
}
public static async Task<string> GetToken(string authority, string resource, string scope)
{
try
{
var authContext = new AuthenticationContext(authority);
ClientCredential clientCred = new ClientCredential(clientId, clientSecret);
AuthenticationResult result = await authContext.AcquireTokenAsync(resource, clientCred);
if (result == null)
throw new InvalidOperationException("Failed to obtain the JWT token");
return result.AccessToken;
}
catch (Exception ex)
{
log.Error("Exception raised while Getting token : " + ex.Message);
log.Error("Inner Exception Details: " + ex.InnerException);
throw;
}
}
}
而且我每次都写在下面一行来获取秘密:
secretValue = await KeyVaultFetch.GetCachedSecret(keyName);
但是当我 运行 我的代码时,我遇到了以下异常:
Exception raised in GetCachedSecret.
Exception Details: Invalid ObjectIdentifier: https://baseURL/. Bad number of segments: 2
我做错了什么?
您应该使用带有 2 个参数的 GetSecretAsync:
await kv.GetSecretAsync(BaseUri, secretname);
至少我们的应用程序是这样的:)
我有以下代码来获取 Azure 中的密钥保管库机密:
var kv = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetToken));
var sec = await kv.GetSecretAsync(ConfigurationManager.AppSettings["SomeURI"]);
secretValue = sec.Value ;
在 App Config 中我有:
<add key="SomeURI" value="https://baseURL/KeyName/b75cabsdf45667nhjhe516c674457" />
因为我在我的应用程序中多次使用它,所以我创建了一个 class 并将其命名为 class。 class 看起来像这样:
public static class KeyVaultFetch
{
public async static Task<string> GetCachedSecret(string secretname)
{
try
{
string BaseUri = ConfigurationManager.AppSettings["keyvaultBaseURI"].ToString();
var kv = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetToken));
var secretbundle = await kv.GetSecretAsync($"{BaseUri}{secretname}").ConfigureAwait(false);
return secretbundle.Value;
}
catch (Exception ex)
{
log.Error("Exception raised in GetCachedSecret.");
log.Error("Exception Details: " + ex.Message);
log.Error("Inner Exception Details: " + ex.InnerException);
throw;
}
}
public static async Task<string> GetToken(string authority, string resource, string scope)
{
try
{
var authContext = new AuthenticationContext(authority);
ClientCredential clientCred = new ClientCredential(clientId, clientSecret);
AuthenticationResult result = await authContext.AcquireTokenAsync(resource, clientCred);
if (result == null)
throw new InvalidOperationException("Failed to obtain the JWT token");
return result.AccessToken;
}
catch (Exception ex)
{
log.Error("Exception raised while Getting token : " + ex.Message);
log.Error("Inner Exception Details: " + ex.InnerException);
throw;
}
}
}
而且我每次都写在下面一行来获取秘密:
secretValue = await KeyVaultFetch.GetCachedSecret(keyName);
但是当我 运行 我的代码时,我遇到了以下异常:
Exception raised in GetCachedSecret.
Exception Details: Invalid ObjectIdentifier: https://baseURL/. Bad number of segments: 2
我做错了什么?
您应该使用带有 2 个参数的 GetSecretAsync:
await kv.GetSecretAsync(BaseUri, secretname);
至少我们的应用程序是这样的:)