0
Je sauvegarde des documents d'identité via mon application Web MVC/Durandal pour le stockage blob Azure. Je suis l'exemple this pour crypter les blobs dans le stockage Azure en utilisant Azure Key Vault pour stocker le secret de cryptage.Azure rsaKey de KeyVaultKeyResolver est toujours null
Voici mon code:
public async Task UploadIdentityDocumentForClient(string fileName, ParsedClientModel parsedClientModel)
{
BlobRequestOptions options = await GetBlobRequestOptions();
await
_storageRepository.CreateEncryptedBlobFromByteArray(_storageManager, _containerName, fileName, parsedClientModel.IdentityDocumentFile, parsedClientModel.IdentityDocumentContentType, options);
return fileName;
}
private static async Task GetBlobRequestOptions()
{
string secretUri = WebConfigurationManager.AppSettings["SecretUri"];
string secretName = WebConfigurationManager.AppSettings["SecretEncryptionName"];
*1 KeyVaultKeyResolver keyVaultKeyResolver = new KeyVaultKeyResolver(GetAccessToken);
*2 IKey rsaKey = keyVaultKeyResolver.ResolveKeyAsync($"{secretUri}/secrets/{secretName}", CancellationToken.None).GetAwaiter().GetResult();
BlobEncryptionPolicy policy = new BlobEncryptionPolicy(rsaKey, null);
BlobRequestOptions options = new BlobRequestOptions
{
EncryptionPolicy = policy
};
return options;
}
public static async Task GetAccessToken(string authority, string resource, string scope)
{
string clientId = WebConfigurationManager.AppSettings["ClientId"];
string clientSecret = WebConfigurationManager.AppSettings["ClientSecret"];
ClientCredential clientCredential = new ClientCredential(clientId, clientSecret);
AuthenticationContext authenticationContext = new AuthenticationContext(authority, TokenCache.DefaultShared);
AuthenticationResult result = await authenticationContext.AcquireTokenAsync(resource, clientCredential);
if (result == null)
{
throw new InvalidOperationException(
"GetAccessToken - Failed to obtain the Active Directory token for application.");
}
*3 return result.AccessToken;
}
public async Task CreateEncryptedBlobFromByteArray(IStorageManager storageManager, string containerName, string fileName,
byte[] byteArray, string contentType, BlobRequestOptions options)
{
CloudBlobContainer container = await CreateStorageContainerIfNotExists(storageManager, containerName);
CloudBlockBlob blob = container.GetBlockBlobReference(fileName);
blob.Properties.ContentType = contentType;
await blob.UploadFromByteArrayAsync(byteArray, 0, byteArray.Length, AccessCondition.GenerateEmptyCondition(), options, new OperationContext());
}
Cette ligne ...
IKey rsaKey = keyVaultKeyResolver.ResolveKeyAsync($"{secretUri}/secrets/{secretName}", CancellationToken.None).GetAwaiter().GetResult();
retourne toujours null.
J'ai ajouté des points d'arrêt (* 1 à * 3) dans le code ci-dessus et j'ai remarqué que * 2 est toujours touché avant * 3. Cela signifie que l'appel KeyVaultKeyResolver (GetAccessToken) n'attend pas l'appel GetAccessToken à renvoyer avec la valeur.
Des idées sur ce que je fais mal?
