Can't Access Azure Key Vault from desktop console app

前端 未结 4 1019
情话喂你
情话喂你 2020-12-30 06:55

I am having trouble accessing a secret from an Azure key vault. I suspect the problem is that I don\'t adequately understand the terminology, so the arguments I\'m supplying

相关标签:
4条回答
  • Here are the docs and samples for how to do this using the latest version of the Azure SDK (Azure.Security.KeyVault.Secrets).

    Just in case, here are the same docs for some of the other supported languages:

    Java

    JavaScript

    Python

    0 讨论(0)
  • 2020-12-30 07:18

    Help, or a reference to a really good example accessing key vaults from a console desktop app would be appreciated.

    After we registry the Azure Directory App then we need to assign role to application. if we want to operate Azure Key Vault, we also need to give permission to operate Key Vault. The resource for key vault is https://vault.azure.net. You also could get more detail info from another SO thread.

    Demo code:

     static string appId = "application Id";
     static string tenantId = "tenant id";
     static string uri = "http://localhost:13526"; //redirect uri
     static void Main(string[] args)
     {
        var kv = new KeyVaultClient(GetAccessToken);
        var scret = kv.GetSecretAsync("https://xxxx.vault.azure.net", "xxxx").GetAwaiter().GetResult();
     }
    
     public static async Task<string> GetAccessToken(string azureTenantId,string clientId,string redirectUri)
     {
           var context = new AuthenticationContext("https://login.windows.net/" + tenantId);
           var tokenResult = await context.AcquireTokenAsync("https://vault.azure.net", appId, new Uri(uri), new PlatformParameters(PromptBehavior.SelectAccount));
           return tokenResult.AccessToken;
      }
    
    0 讨论(0)
  • 2020-12-30 07:33

    In addition to what Tom provided, after I finally figured out how to get things to work I documented what I learned over at https://jumpforjoysoftware.com/2017/12/azure-key-vaults/. Hopefully this will all save people some serious frustration.

    0 讨论(0)
  • 2020-12-30 07:35

    Mark's blog was extremely helpful, from that blog I learnt how to do it and below are the steps and code as of 6-Nov-2018.

    Summary of the steps:

    1. Register App
    2. Create Key inside this newly registered App
    3. Create Key Vault and Assign permission to the app
    4. Create Secret inside the vault

    Access them thru code

    using Microsoft.Azure.KeyVault;
    using Microsoft.IdentityModel.Clients.ActiveDirectory;
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Net.Http;
    using System.Text;
    using System.Threading.Tasks;
    
    namespace Experiments.AzureKeyValut
    {
        internal class AzureKeyValueDemo
        {
            private static async Task Main(string[] args)
            {
                await GetSecretAsync("https://YOURVAULTNAME.vault.azure.net/", "YourSecretKey");
            }
    
            private static async Task<string> GetSecretAsync(string vaultUrl, string vaultKey)
            {
                var client = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetAccessTokenAsync), new HttpClient());
                var secret = await client.GetSecretAsync(vaultUrl, vaultKey);
    
                return secret.Value;
            }
    
            private static async Task<string> GetAccessTokenAsync(string authority, string resource, string scope)
            {
                //DEMO ONLY
                //Storing ApplicationId and Key in code is bad idea :)
                var appCredentials = new ClientCredential("YourApplicationId", "YourApplicationKey");
                var context = new AuthenticationContext(authority, TokenCache.DefaultShared);
    
                var result = await context.AcquireTokenAsync(resource, appCredentials);
    
                return result.AccessToken;
            }
        }
    }
    

    How to register your app:

    How to create Azure App's password and get your App's Id

    How to create Azure Key Vault and Assign Permissions

    How to create Azure secrets

    How to access it thru code

    0 讨论(0)
提交回复
热议问题