| public static UseKeyVaultApplicationConfiguration ( this dependencyResolver, string clientId, string clientSecret, string vaultUri, bool useKeyVaultExclusively = false, bool checkIfKeyVaultKeyExistsBeforeGet = false ) : IDependencyResolver | ||
| dependencyResolver | this | The dependency resolver |
| clientId | string | Client ID of the Azure AD application associated with the key vault (must be granted read access to secrets) |
| clientSecret | string | Client secret of the Azure AD application associated with the key vault (must be granted read access to secrets) |
| vaultUri | string | The URI of the key vault e.g. https://mykeyvault.vault.azure.net |
| useKeyVaultExclusively | bool | Defaults to false in which case only application keys not found in the local configuration (app settings, cscfg etc.) will be looked up in the vault. True if everything should be looked up in the vault. |
| checkIfKeyVaultKeyExistsBeforeGet | bool | If true then this checks if the key exists in the vault before attempting a get. This is expensive but currently helps with Powershell sync context / message pump issues. |
| return | IDependencyResolver | |
public static IDependencyResolver UseKeyVaultApplicationConfiguration(this IDependencyResolver dependencyResolver,
string clientId,
string clientSecret,
string vaultUri,
bool useKeyVaultExclusively=false,
bool checkIfKeyVaultKeyExistsBeforeGet=false)
{
IConfiguration existingConfiguration = null;
if (!useKeyVaultExclusively)
{
existingConfiguration = dependencyResolver.Resolve<IConfiguration>();
}
IConfiguration keyVaultConfiguration = new KeyVaultConfiguration(
new KeyVault.Implementation.KeyVault(clientId, clientSecret, vaultUri, checkIfKeyVaultKeyExistsBeforeGet),
dependencyResolver.Resolve<IKeyVaultConfigurationKeyEncoder>(),
existingConfiguration);
dependencyResolver.Register(() => keyVaultConfiguration);
return dependencyResolver;
}