Fatal编程技术网
  • csharp/
  • C# 通过代理使用KeyVault客户端

C# 通过代理使用KeyVault客户端

c# azure asp.net-core

C# 通过代理使用KeyVault客户端,c#,azure,asp.net-core,azure-keyvault,C#,Azure,Asp.net Core,Azure Keyvault,目前,我在启动期间使用Azure KeyVault加载一些配置,如下所示: configBuilder .AddAzureKeyVault(keyVaultConfigSection.Vault, GetKeyVaultClient(clientConfigSection, keyVaultConfigSection), new DefaultKeyVaultSecretManager()) .AddEnvironmentVariables(); private static

目前,我在启动期间使用Azure KeyVault加载一些配置,如下所示:

configBuilder
    .AddAzureKeyVault(keyVaultConfigSection.Vault, GetKeyVaultClient(clientConfigSection, keyVaultConfigSection), new DefaultKeyVaultSecretManager())
    .AddEnvironmentVariables();

private static KeyVaultClient GetKeyVaultClient(ClientConfigSection clientConfigSection, KeyVaultConfigSection keyVaultConfigSection)
{
    HttpClient httpClient = null;

    //proxy
    if (!CustomEnvironment.NotProductionEnvironment())
    {
        var handler = new HttpClientHandler()
        {
            Proxy = new WebProxy(keyVaultConfigSection.Proxy),
            UseProxy = true
        };
        httpClient = new HttpClient(handler);
    }

    return new KeyVaultClient(async (authority, resource, scope) =>
        {
            var authContext = new AuthenticationContext(authority);
            var clientCred = new ClientCredential(clientConfigSection.ClientId, clientConfigSection.ClientSecret);
            var result = await authContext.AcquireTokenAsync(resource, clientCred);
            if (result == null)
                throw new InvalidOperationException("Failed to retrieve access token for Key Vault");
            return result.AccessToken;
        }, httpClient ?? new HttpClient()
    );
}
当我不在生产环境中时,这很好用。 但在我们的生产环境中,keyvault被阻止,因此我们必须通过代理

但在运行代码时,我收到以下错误:
Microsoft.Azure.KeyVault.Models.KeyVaultErrorException:“操作返回了无效的状态代码“BadRequest”

以前有没有人这样做过,可以为我指出正确的方向?

这似乎还没有解决,下面是答案

1.引用
System.Net.Http.WinHttpHandler
Nuget包以访问.Net核心中的WinHttpHandler

2.创建了一个新的MyKeyVaultCredential,该凭证继承自KeyVaultCredential并覆盖
ProcessHttpRequestAsync
方法

public override async Task ProcessHttpRequestAsync(HttpRequestMessage request, CancellationToken cancellationToken)
 {
     if (request == null)
     {
         throw new ArgumentNullException("request");
     }

     var accessToken = await PreAuthenticate(request.RequestUri).ConfigureAwait(false);
     if (!string.IsNullOrEmpty(accessToken))
         request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
     else
     {
         var httpClientHandler = new WinHttpHandler()
         {
             WindowsProxyUsePolicy = WindowsProxyUsePolicy.UseCustomProxy,
             Proxy = new MyWebProxy(configuration),
             SendTimeout = TimeSpan.FromSeconds(120),
             ReceiveDataTimeout = TimeSpan.FromSeconds(120),
             ReceiveHeadersTimeout = TimeSpan.FromSeconds(120),
         };
3.当我实例化KeyVault服务时,我必须向WinHttpHandler提供我的代理和新的key vault凭据实例

var httpClientHandler = new WinHttpHandler()
     {
         WindowsProxyUsePolicy = WindowsProxyUsePolicy.UseCustomProxy,
         Proxy = new MyWebProxy(configuration),
         SendTimeout = TimeSpan.FromSeconds(120),
         ReceiveDataTimeout = TimeSpan.FromSeconds(120),
         ReceiveHeadersTimeout= TimeSpan.FromSeconds(120),
     };

     var httpClient = new HttpClient(httpClientHandler);

     client = new KeyVaultClient(new  MyKeyVaultCredential(configuration, GetToken), httpClient)
希望这能有所帮助。

它似乎还没有被修复,下面是答案

1.引用
System.Net.Http.WinHttpHandler
Nuget包以访问.Net核心中的WinHttpHandler

2.创建了一个新的MyKeyVaultCredential,该凭证继承自KeyVaultCredential并覆盖
ProcessHttpRequestAsync
方法

public override async Task ProcessHttpRequestAsync(HttpRequestMessage request, CancellationToken cancellationToken)
 {
     if (request == null)
     {
         throw new ArgumentNullException("request");
     }

     var accessToken = await PreAuthenticate(request.RequestUri).ConfigureAwait(false);
     if (!string.IsNullOrEmpty(accessToken))
         request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
     else
     {
         var httpClientHandler = new WinHttpHandler()
         {
             WindowsProxyUsePolicy = WindowsProxyUsePolicy.UseCustomProxy,
             Proxy = new MyWebProxy(configuration),
             SendTimeout = TimeSpan.FromSeconds(120),
             ReceiveDataTimeout = TimeSpan.FromSeconds(120),
             ReceiveHeadersTimeout = TimeSpan.FromSeconds(120),
         };
3.当我实例化KeyVault服务时,我必须向WinHttpHandler提供我的代理和新的key vault凭据实例

var httpClientHandler = new WinHttpHandler()
     {
         WindowsProxyUsePolicy = WindowsProxyUsePolicy.UseCustomProxy,
         Proxy = new MyWebProxy(configuration),
         SendTimeout = TimeSpan.FromSeconds(120),
         ReceiveDataTimeout = TimeSpan.FromSeconds(120),
         ReceiveHeadersTimeout= TimeSpan.FromSeconds(120),
     };

     var httpClient = new HttpClient(httpClientHandler);

     client = new KeyVaultClient(new  MyKeyVaultCredential(configuration, GetToken), httpClient)
希望这有帮助