| | 1 | | // Copyright (c) Microsoft Corporation. All rights reserved. |
| | 2 | | // Licensed under the MIT License. See License.txt in the project root for |
| | 3 | | // license information. |
| | 4 | |
|
| | 5 | | using System; |
| | 6 | | using System.Globalization; |
| | 7 | |
|
| | 8 | | namespace Microsoft.Azure.KeyVault |
| | 9 | | { |
| | 10 | | /// <summary> |
| | 11 | | /// The Key Vault object identifier. |
| | 12 | | /// </summary> |
| | 13 | | public class ObjectIdentifier |
| | 14 | | { |
| | 15 | | /// <summary> |
| | 16 | | /// Verifies whether the identifier belongs to a key vault object. |
| | 17 | | /// </summary> |
| | 18 | | /// <param name="collection">The object collection e.g. 'keys', 'secrets' and 'certificates'.</param> |
| | 19 | | /// <param name="identifier">The key vault object identifier.</param> |
| | 20 | | /// <returns>True if the identifier belongs to a key vault object. False otherwise.</returns> |
| | 21 | | protected static bool IsObjectIdentifier(string collection, string identifier) |
| | 22 | | { |
| | 23 | | if (string.IsNullOrEmpty(collection)) |
| | 24 | | throw new ArgumentNullException("collection"); |
| | 25 | |
|
| | 26 | | if (string.IsNullOrEmpty(identifier)) |
| | 27 | | return false; |
| | 28 | |
|
| | 29 | | try |
| | 30 | | { |
| | 31 | | Uri baseUri = new Uri(identifier, UriKind.Absolute); |
| | 32 | |
|
| | 33 | | // We expect an identifier with either 3 or 4 segments: host + collection + name [+ version] |
| | 34 | | if (baseUri.Segments.Length != 3 && baseUri.Segments.Length != 4) |
| | 35 | | return false; |
| | 36 | |
|
| | 37 | | if (!string.Equals(baseUri.Segments[1], collection + "/", StringComparison.OrdinalIgnoreCase)) |
| | 38 | | return false; |
| | 39 | |
|
| | 40 | | return true; |
| | 41 | | } |
| | 42 | | catch (Exception) |
| | 43 | | { |
| | 44 | | } |
| | 45 | |
|
| | 46 | | return false; |
| | 47 | | } |
| | 48 | |
|
| | 49 | | private string _vault; |
| | 50 | | private string _vaultWithoutScheme; |
| | 51 | | private string _name; |
| | 52 | | private string _version; |
| | 53 | |
|
| | 54 | | private string _baseIdentifier; |
| | 55 | | private string _identifier; |
| | 56 | |
|
| | 57 | | /// <summary> |
| | 58 | | /// Constructor. |
| | 59 | | /// </summary> |
| | 60 | | protected ObjectIdentifier() |
| | 61 | | { |
| | 62 | | } |
| | 63 | |
|
| | 64 | | /// <summary> |
| | 65 | | /// Constructor. |
| | 66 | | /// </summary> |
| | 67 | | /// <param name="vaultBaseUrl"> The vault base URL</param> |
| | 68 | | /// <param name="collection">The object collection e.g. 'keys', 'secrets' and 'certificates'.</param> |
| | 69 | | /// <param name="name">The object name.</param> |
| | 70 | | /// <param name="version"> the version of the object.</param> |
| | 71 | | protected ObjectIdentifier(string vaultBaseUrl, string collection, string name, string version = "") |
| | 72 | | { |
| | 73 | | if (string.IsNullOrEmpty(vaultBaseUrl)) |
| | 74 | | throw new ArgumentNullException("vaultBaseUrl"); |
| | 75 | |
|
| | 76 | | if (string.IsNullOrEmpty(collection)) |
| | 77 | | throw new ArgumentNullException("collection"); |
| | 78 | |
|
| | 79 | | if (string.IsNullOrEmpty(name)) |
| | 80 | | throw new ArgumentNullException("keyName"); |
| | 81 | |
|
| | 82 | | var baseUri = new Uri(vaultBaseUrl, UriKind.Absolute); |
| | 83 | |
|
| | 84 | | _name = name; |
| | 85 | | _version = version; |
| | 86 | | _vault = string.Format(CultureInfo.InvariantCulture, "{0}://{1}", baseUri.Scheme, baseUri.FullAuthority()); |
| | 87 | | _vaultWithoutScheme = baseUri.Authority; |
| | 88 | | _baseIdentifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}", _vault, collection, _name); |
| | 89 | | _identifier = string.IsNullOrEmpty(_version) ? _name : string.Format(CultureInfo.InvariantCulture, "{0}/{1}" |
| | 90 | | _identifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}", _vault, collection, _identifier); |
| | 91 | | } |
| | 92 | |
|
| | 93 | | /// <summary> |
| | 94 | | /// Constructor. |
| | 95 | | /// </summary> |
| | 96 | | /// <param name="collection">The object collection e.g. 'keys', 'secrets' and 'certificates'.</param> |
| | 97 | | /// <param name="identifier">The key vault object identifier.</param> |
| | 98 | | protected ObjectIdentifier(string collection, string identifier) |
| | 99 | | { |
| | 100 | | if (string.IsNullOrEmpty(collection)) |
| | 101 | | throw new ArgumentNullException("collection"); |
| | 102 | |
|
| | 103 | | if (string.IsNullOrEmpty(identifier)) |
| | 104 | | throw new ArgumentNullException("identifier"); |
| | 105 | |
|
| | 106 | | Uri baseUri = new Uri(identifier, UriKind.Absolute); |
| | 107 | |
|
| | 108 | | // We expect an identifier with either 3 or 4 segments: host + collection + name [+ version] |
| | 109 | | if (baseUri.Segments.Length != 3 && baseUri.Segments.Length != 4) |
| | 110 | | throw new ArgumentException(String.Format(CultureInfo.InvariantCulture, "Invalid ObjectIdentifier: {0}. |
| | 111 | |
|
| | 112 | | if (!string.Equals(baseUri.Segments[1], collection + "/", StringComparison.OrdinalIgnoreCase)) |
| | 113 | | throw new ArgumentException(String.Format(CultureInfo.InvariantCulture, "Invalid ObjectIdentifier: {0}. |
| | 114 | |
|
| | 115 | | _name = baseUri.Segments[2].Substring(0, baseUri.Segments[2].Length).TrimEnd('/'); |
| | 116 | |
|
| | 117 | | if (baseUri.Segments.Length == 4) |
| | 118 | | _version = baseUri.Segments[3].Substring(0, baseUri.Segments[3].Length).TrimEnd('/'); |
| | 119 | | else _version = string.Empty; |
| | 120 | |
|
| | 121 | | _vault = string.Format(CultureInfo.InvariantCulture, "{0}://{1}", baseUri.Scheme, baseUri.FullAuthority()); |
| | 122 | | _vaultWithoutScheme = baseUri.Authority; |
| | 123 | | _baseIdentifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}", _vault, collection, _name); |
| | 124 | | _identifier = string.IsNullOrEmpty(_version) ? _name : string.Format(CultureInfo.InvariantCulture, "{0}/{1}" |
| | 125 | | _identifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}", _vault, collection, _identifier); |
| | 126 | | } |
| | 127 | |
|
| | 128 | | /// <summary> |
| | 129 | | /// The base identifier for an object, does not include the object version. |
| | 130 | | /// </summary> |
| | 131 | | public string BaseIdentifier |
| | 132 | | { |
| | 133 | | get { return _baseIdentifier; } |
| | 134 | | protected set { _baseIdentifier = value; } |
| | 135 | | } |
| | 136 | |
|
| | 137 | | /// <summary> |
| | 138 | | /// The identifier for an object, includes the objects version. |
| | 139 | | /// </summary> |
| | 140 | | public string Identifier |
| | 141 | | { |
| | 142 | | get { return _identifier; } |
| | 143 | | protected set { _identifier = value; } |
| | 144 | | } |
| | 145 | |
|
| | 146 | | /// <summary> |
| | 147 | | /// The name of the object. |
| | 148 | | /// </summary> |
| | 149 | | public string Name |
| | 150 | | { |
| | 151 | | get { return _name; } |
| | 152 | | protected set { _name = value; } |
| | 153 | | } |
| | 154 | |
|
| | 155 | | /// <summary> |
| | 156 | | /// The vault containing the object |
| | 157 | | /// </summary> |
| | 158 | | public string Vault |
| | 159 | | { |
| | 160 | | get { return _vault; } |
| | 161 | | protected set { _vault = value; } |
| | 162 | | } |
| | 163 | |
|
| | 164 | | /// <summary> |
| | 165 | | /// The scheme-less vault URL |
| | 166 | | /// </summary> |
| | 167 | | public string VaultWithoutScheme |
| | 168 | | { |
| | 169 | | get { return _vaultWithoutScheme; } |
| | 170 | | protected set { _vaultWithoutScheme = value; } |
| | 171 | | } |
| | 172 | |
|
| | 173 | | /// <summary> |
| | 174 | | /// The version of the object. |
| | 175 | | /// </summary> |
| | 176 | | public string Version |
| | 177 | | { |
| | 178 | | get { return _version; } |
| | 179 | | protected set { _version = value; } |
| | 180 | | } |
| | 181 | |
|
| | 182 | | public override string ToString() |
| | 183 | | { |
| | 184 | | return _identifier; |
| | 185 | | } |
| | 186 | | } |
| | 187 | |
|
| | 188 | | /// <summary> |
| | 189 | | /// The Key Vault key identifier. |
| | 190 | | /// </summary> |
| | 191 | | public sealed class KeyIdentifier : ObjectIdentifier |
| | 192 | | { |
| | 193 | | /// <summary> |
| | 194 | | /// Verifies whether the identifier belongs to a key vault key. |
| | 195 | | /// </summary> |
| | 196 | | /// <param name="identifier">The key vault key identifier.</param> |
| | 197 | | /// <returns>True if the identifier belongs to a key vault key. False otherwise.</returns> |
| | 198 | | public static bool IsKeyIdentifier(string identifier) |
| | 199 | | { |
| | 200 | | return ObjectIdentifier.IsObjectIdentifier("keys", identifier); |
| | 201 | | } |
| | 202 | |
|
| | 203 | | /// <summary> |
| | 204 | | /// Constructor. |
| | 205 | | /// </summary> |
| | 206 | | /// <param name="vaultBaseUrl"> The vault base URL</param> |
| | 207 | | /// <param name="name"> the name of the key. </param> |
| | 208 | | /// <param name="version"> the version of the key.</param> |
| | 209 | | public KeyIdentifier(string vaultBaseUrl, string name, string version = "") |
| | 210 | | : base(vaultBaseUrl, "keys", name, version) |
| | 211 | | { |
| | 212 | | } |
| | 213 | |
|
| | 214 | | /// <summary> |
| | 215 | | /// Constructor. |
| | 216 | | /// </summary> |
| | 217 | | /// <param name="identifier">The identifier for key object</param> |
| | 218 | | public KeyIdentifier(string identifier) |
| | 219 | | : base("keys", identifier) |
| | 220 | | { |
| | 221 | | } |
| | 222 | | } |
| | 223 | |
|
| | 224 | | /// <summary> |
| | 225 | | /// The Key Vault secret identifier. |
| | 226 | | /// </summary> |
| | 227 | | public sealed class SecretIdentifier : ObjectIdentifier |
| | 228 | | { |
| | 229 | | /// <summary> |
| | 230 | | /// Verifies whether the identifier belongs to a key vault secret. |
| | 231 | | /// </summary> |
| | 232 | | /// <param name="identifier">The key vault secret identifier.</param> |
| | 233 | | /// <returns>True if the identifier belongs to a key vault secret. False otherwise.</returns> |
| | 234 | | public static bool IsSecretIdentifier(string identifier) |
| | 235 | | { |
| | 236 | | return ObjectIdentifier.IsObjectIdentifier("secrets", identifier); |
| | 237 | | } |
| | 238 | |
|
| | 239 | | /// <summary> |
| | 240 | | /// Constructor. |
| | 241 | | /// </summary> |
| | 242 | | /// <param name="vaultBaseUrl"> the vault base URL</param> |
| | 243 | | /// <param name="name">the name of the secret </param> |
| | 244 | | /// <param name="version">the version of the secret.</param> |
| | 245 | | public SecretIdentifier(string vaultBaseUrl, string name, string version = "") |
| | 246 | | : base(vaultBaseUrl, "secrets", name, version) |
| | 247 | | { |
| | 248 | | } |
| | 249 | |
|
| | 250 | | /// <summary> |
| | 251 | | /// Constructor. |
| | 252 | | /// </summary> |
| | 253 | | /// <param name="identifier">The identifier for secret.</param> |
| | 254 | | public SecretIdentifier(string identifier) |
| | 255 | | : base("secrets", identifier) |
| | 256 | | { |
| | 257 | | } |
| | 258 | | } |
| | 259 | |
|
| | 260 | | /// <summary> |
| | 261 | | /// The Key Vault deleted key identifier. Aka the recoveryId. |
| | 262 | | /// </summary> |
| | 263 | | public sealed class DeletedKeyIdentifier : ObjectIdentifier |
| | 264 | | { |
| | 265 | | /// <summary> |
| | 266 | | /// Verifies whether the identifier belongs to a key vault deleted key. |
| | 267 | | /// </summary> |
| | 268 | | /// <param name="identifier">The key vault deleted key identifier.</param> |
| | 269 | | /// <returns>True if the identifier belongs to a key vault deleted key. False otherwise.</returns> |
| | 270 | | public static bool IsDeletedKeyIdentifier(string identifier) |
| | 271 | | { |
| | 272 | | return ObjectIdentifier.IsObjectIdentifier("deletedkeys", identifier); |
| | 273 | | } |
| | 274 | |
|
| | 275 | | /// <summary> |
| | 276 | | /// Constructor. |
| | 277 | | /// </summary> |
| | 278 | | /// <param name="vaultBaseUrl"> the vault base URL</param> |
| | 279 | | /// <param name="name">the name of the deleted key </param> |
| | 280 | | public DeletedKeyIdentifier(string vaultBaseUrl, string name) |
| | 281 | | : base(vaultBaseUrl, "deletedkeys", name, string.Empty) |
| | 282 | | { |
| | 283 | | Identifier = BaseIdentifier; // Deleted entities are unversioned. |
| | 284 | | } |
| | 285 | |
|
| | 286 | | /// <summary> |
| | 287 | | /// Constructor. |
| | 288 | | /// </summary> |
| | 289 | | /// <param name="identifier">The identifier for the deleted key. Aka the recoveryId return from deletion.</param |
| | 290 | | public DeletedKeyIdentifier(string identifier) |
| | 291 | | : base("deletedkeys", identifier) |
| | 292 | | { |
| | 293 | | Version = string.Empty; |
| | 294 | | Identifier = BaseIdentifier; // Deleted entities are unversioned. |
| | 295 | | } |
| | 296 | | } |
| | 297 | |
|
| | 298 | | /// <summary> |
| | 299 | | /// The Key Vault deleted secret identifier. Aka the recoveryId. |
| | 300 | | /// </summary> |
| | 301 | | public sealed class DeletedSecretIdentifier : ObjectIdentifier |
| | 302 | | { |
| | 303 | | /// <summary> |
| | 304 | | /// Verifies whether the identifier belongs to a key vault deleted secret. |
| | 305 | | /// </summary> |
| | 306 | | /// <param name="identifier">The key vault secret identifier.</param> |
| | 307 | | /// <returns>True if the identifier belongs to a key vault deleted secret. False otherwise.</returns> |
| | 308 | | public static bool IsDeletedSecretIdentifier(string identifier) |
| | 309 | | { |
| | 310 | | return ObjectIdentifier.IsObjectIdentifier("deletedsecrets", identifier); |
| | 311 | | } |
| | 312 | |
|
| | 313 | | /// <summary> |
| | 314 | | /// Constructor. |
| | 315 | | /// </summary> |
| | 316 | | /// <param name="vaultBaseUrl"> the vault base URL</param> |
| | 317 | | /// <param name="name">the name of the deleted secret </param> |
| | 318 | | public DeletedSecretIdentifier(string vaultBaseUrl, string name) |
| | 319 | | : base(vaultBaseUrl, "deletedsecrets", name, string.Empty) |
| | 320 | | { |
| | 321 | | Identifier = BaseIdentifier; // Deleted entities are unversioned. |
| | 322 | | } |
| | 323 | |
|
| | 324 | | /// <summary> |
| | 325 | | /// Constructor. |
| | 326 | | /// </summary> |
| | 327 | | /// <param name="identifier">The identifier for the deleted secret. Aka the recoveryId return from deletion.</pa |
| | 328 | | public DeletedSecretIdentifier(string identifier) |
| | 329 | | : base("deletedsecrets", identifier) |
| | 330 | | { |
| | 331 | | Version = string.Empty; |
| | 332 | | Identifier = BaseIdentifier; // Deleted entities are unversioned. |
| | 333 | | } |
| | 334 | | } |
| | 335 | |
|
| | 336 | | /// <summary> |
| | 337 | | /// The Key Vault certificate identifier. |
| | 338 | | /// </summary> |
| | 339 | | public sealed class CertificateIdentifier : ObjectIdentifier |
| | 340 | | { |
| | 341 | | /// <summary> |
| | 342 | | /// Verifies whether the identifier belongs to a key vault certificate. |
| | 343 | | /// </summary> |
| | 344 | | /// <param name="identifier">The key vault certificate identifier.</param> |
| | 345 | | /// <returns>True if the identifier belongs to a key vault certificate. False otherwise.</returns> |
| | 346 | | public static bool IsCertificateIdentifier(string identifier) |
| | 347 | | { |
| | 348 | | return ObjectIdentifier.IsObjectIdentifier("certificates", identifier); |
| | 349 | | } |
| | 350 | |
|
| | 351 | | /// <summary> |
| | 352 | | /// Constructor. |
| | 353 | | /// </summary> |
| | 354 | | /// <param name="vaultBaseUrl"> the vault base URL</param> |
| | 355 | | /// <param name="name">the name of the certificate.</param> |
| | 356 | | /// <param name="version">the version of the certificate.</param> |
| | 357 | | public CertificateIdentifier(string vaultBaseUrl, string name, string version = "") |
| | 358 | | : base(vaultBaseUrl, "certificates", name, version) |
| | 359 | | { |
| | 360 | | } |
| | 361 | |
|
| | 362 | | /// <summary> |
| | 363 | | /// Constructor. |
| | 364 | | /// </summary> |
| | 365 | | /// <param name="identifier">The identifier for certificate.</param> |
| | 366 | | public CertificateIdentifier(string identifier) |
| | 367 | | : base("certificates", identifier) |
| | 368 | | { |
| | 369 | | } |
| | 370 | | } |
| | 371 | |
|
| | 372 | | /// <summary> |
| | 373 | | /// The Key Vault deleted certificate identifier. Aka the recoveryId. |
| | 374 | | /// </summary> |
| | 375 | | public sealed class DeletedCertificateIdentifier : ObjectIdentifier |
| | 376 | | { |
| | 377 | | /// <summary> |
| | 378 | | /// Verifies whether the identifier is a valid KeyVault deleted certificate identifier. |
| | 379 | | /// </summary> |
| | 380 | | /// <param name="identifier">The key vault certificate identifier.</param> |
| | 381 | | /// <returns>True if the identifier is a valid KeyVault deleted certificate. False otherwise.</returns> |
| | 382 | | public static bool IsDeletedCertificateIdentifier( string identifier ) |
| | 383 | | { |
| 0 | 384 | | return ObjectIdentifier.IsObjectIdentifier( "deletedcertificates", identifier ); |
| | 385 | | } |
| | 386 | |
|
| | 387 | | /// <summary> |
| | 388 | | /// Constructor. |
| | 389 | | /// </summary> |
| | 390 | | /// <param name="vaultBaseUrl"> the vault base URL</param> |
| | 391 | | /// <param name="name">the name of the deleted certificate</param> |
| | 392 | | public DeletedCertificateIdentifier( string vaultBaseUrl, string name ) |
| 0 | 393 | | : base( vaultBaseUrl, "deletedcertificates", name, string.Empty ) |
| | 394 | | { |
| 0 | 395 | | Identifier = BaseIdentifier; // Deleted entities are unversioned. |
| 0 | 396 | | } |
| | 397 | |
|
| | 398 | | /// <summary> |
| | 399 | | /// Constructor. |
| | 400 | | /// </summary> |
| | 401 | | /// <param name="identifier">The identifier for the deleted certificate. Aka the recoveryId return from deletion |
| | 402 | | public DeletedCertificateIdentifier( string identifier ) |
| 12 | 403 | | : base( "deletedcertificates", identifier ) |
| | 404 | | { |
| 12 | 405 | | Version = string.Empty; |
| 12 | 406 | | Identifier = BaseIdentifier; // Deleted entities are unversioned. |
| 12 | 407 | | } |
| | 408 | | } |
| | 409 | |
|
| | 410 | |
|
| | 411 | | /// <summary> |
| | 412 | | /// The Key Vault certificate operation identifier. |
| | 413 | | /// </summary> |
| | 414 | | public sealed class CertificateOperationIdentifier : ObjectIdentifier |
| | 415 | | { |
| | 416 | | /// <summary> |
| | 417 | | /// Verifies whether the identifier belongs to a key vault certificate operation. |
| | 418 | | /// </summary> |
| | 419 | | /// <param name="identifier">The key vault certificate operation identifier.</param> |
| | 420 | | /// <returns>True if the identifier belongs to a key vault certificate operation. False otherwise.</returns> |
| | 421 | | public static bool IsCertificateOperationIdentifier(string identifier) |
| | 422 | | { |
| | 423 | | var isValid = ObjectIdentifier.IsObjectIdentifier("certificates", identifier); |
| | 424 | |
|
| | 425 | | Uri baseUri = new Uri(identifier, UriKind.Absolute); |
| | 426 | |
|
| | 427 | | // 4 segments: host + "certificates" + name + "pending" |
| | 428 | | if (baseUri.Segments.Length != 4) |
| | 429 | | isValid = false; |
| | 430 | |
|
| | 431 | | if (!string.Equals(baseUri.Segments[3], "pending")) |
| | 432 | | isValid = false; |
| | 433 | |
|
| | 434 | | return isValid; |
| | 435 | | } |
| | 436 | |
|
| | 437 | | /// <summary> |
| | 438 | | /// Constructor. |
| | 439 | | /// </summary> |
| | 440 | | /// <param name="vaultBaseUrl"> the vault base url. </param> |
| | 441 | | /// <param name="name">the name of the certificate.</param> |
| | 442 | | public CertificateOperationIdentifier(string vaultBaseUrl, string name) |
| | 443 | | : base(vaultBaseUrl, "certificates", name, "pending") |
| | 444 | | { |
| | 445 | | BaseIdentifier = Identifier; |
| | 446 | | Version = string.Empty; |
| | 447 | | } |
| | 448 | |
|
| | 449 | | /// <summary> |
| | 450 | | /// Constructor. |
| | 451 | | /// </summary> |
| | 452 | | /// <param name="identifier">The identifier for certificate operation identifier. </param> |
| | 453 | | public CertificateOperationIdentifier(string identifier) |
| | 454 | | : base("certificates", identifier) |
| | 455 | | { |
| | 456 | | BaseIdentifier = Identifier; |
| | 457 | | Version = string.Empty; |
| | 458 | | } |
| | 459 | | } |
| | 460 | |
|
| | 461 | | /// <summary> |
| | 462 | | /// The Key Vault issuer identifier. |
| | 463 | | /// </summary> |
| | 464 | | public sealed class CertificateIssuerIdentifier : ObjectIdentifier |
| | 465 | | { |
| | 466 | | /// <summary> |
| | 467 | | /// Verifies whether the identifier belongs to a key vault issuer. |
| | 468 | | /// </summary> |
| | 469 | | /// <param name="identifier">The key vault issuer identifier.</param> |
| | 470 | | /// <returns>True if the identifier belongs to a key vault issuer. False otherwise.</returns> |
| | 471 | | public static bool IsIssuerIdentifier(string identifier) |
| | 472 | | { |
| | 473 | | if (string.IsNullOrEmpty(identifier)) |
| | 474 | | return false; |
| | 475 | |
|
| | 476 | | Uri baseUri = new Uri(identifier, UriKind.Absolute); |
| | 477 | |
|
| | 478 | | if (baseUri.Segments.Length != 4 || !string.Equals(baseUri.Segments[1], "certificates/") || !string.Equals(b |
| | 479 | | return false; |
| | 480 | |
|
| | 481 | | return true; |
| | 482 | | } |
| | 483 | |
|
| | 484 | | /// <summary> |
| | 485 | | /// Constructor. |
| | 486 | | /// </summary> |
| | 487 | | /// <param name="vaultBaseUrl">The vault base URL.</param> |
| | 488 | | /// <param name="name">The name of the issuer.</param> |
| | 489 | | public CertificateIssuerIdentifier(string vaultBaseUrl, string name) |
| | 490 | | { |
| | 491 | | if (string.IsNullOrEmpty(vaultBaseUrl)) |
| | 492 | | throw new ArgumentNullException("vaultBaseUrl"); |
| | 493 | |
|
| | 494 | | if (string.IsNullOrEmpty(name)) |
| | 495 | | throw new ArgumentNullException("name"); |
| | 496 | |
|
| | 497 | | var baseUri = new Uri(vaultBaseUrl, UriKind.Absolute); |
| | 498 | |
|
| | 499 | | Name = name; |
| | 500 | | Version = string.Empty; |
| | 501 | | Vault = string.Format(CultureInfo.InvariantCulture, "{0}://{1}", baseUri.Scheme, baseUri.FullAuthority()); |
| | 502 | | VaultWithoutScheme = baseUri.Authority; |
| | 503 | | BaseIdentifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}", Vault, "certificates/issuers", N |
| | 504 | | Identifier = string.IsNullOrEmpty(Version) ? Name : string.Format(CultureInfo.InvariantCulture, "{0}/{1}", N |
| | 505 | | Identifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}", Vault, "certificates/issuers", Ident |
| | 506 | | } |
| | 507 | |
|
| | 508 | | /// <summary> |
| | 509 | | /// Constructor. |
| | 510 | | /// </summary> |
| | 511 | | /// <param name="identifier">The key vault issuer identifier.</param> |
| | 512 | | public CertificateIssuerIdentifier(string identifier) |
| | 513 | | { |
| | 514 | | if (string.IsNullOrEmpty(identifier)) |
| | 515 | | throw new ArgumentNullException("identifier"); |
| | 516 | |
|
| | 517 | | Uri baseUri = new Uri(identifier, UriKind.Absolute); |
| | 518 | |
|
| | 519 | | // We expect an identifier with 4 segments: host + "certificates" + "issuers" + name |
| | 520 | | if (baseUri.Segments.Length != 4) |
| | 521 | | throw new ArgumentException(String.Format(CultureInfo.InvariantCulture, "Invalid ObjectIdentifier: {0}. |
| | 522 | |
|
| | 523 | | if (!string.Equals(baseUri.Segments[1], "certificates/")) |
| | 524 | | throw new ArgumentException(String.Format(CultureInfo.InvariantCulture, "Invalid ObjectIdentifier: {0}. |
| | 525 | |
|
| | 526 | | if (!string.Equals(baseUri.Segments[2], "issuers/")) |
| | 527 | | throw new ArgumentException(String.Format(CultureInfo.InvariantCulture, "Invalid ObjectIdentifier: {0}. |
| | 528 | |
|
| | 529 | | Name = baseUri.Segments[3].Substring(0, baseUri.Segments[3].Length).TrimEnd('/'); |
| | 530 | | Version = string.Empty; |
| | 531 | | Vault = string.Format(CultureInfo.InvariantCulture, "{0}://{1}", baseUri.Scheme, baseUri.FullAuthority()); |
| | 532 | | VaultWithoutScheme = baseUri.Authority; |
| | 533 | | BaseIdentifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}", Vault, "certificates/issuers", N |
| | 534 | | Identifier = string.IsNullOrEmpty(Version) ? Name : string.Format(CultureInfo.InvariantCulture, "{0}/{1}", N |
| | 535 | | Identifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}", Vault, "certificates/issuers", Ident |
| | 536 | | } |
| | 537 | | } |
| | 538 | |
|
| | 539 | | /// <summary> |
| | 540 | | /// The Key Vault storage account identifier. |
| | 541 | | /// </summary> |
| | 542 | | public sealed class StorageAccountIdentifier : ObjectIdentifier |
| | 543 | | { |
| | 544 | | /// <summary> |
| | 545 | | /// Verifies whether the identifier belongs to a key vault storage account. |
| | 546 | | /// </summary> |
| | 547 | | /// <param name="identifier">The key vault storage account identifier.</param> |
| | 548 | | /// <returns>True if the identifier belongs to a key vault storage account. False otherwise.</returns> |
| | 549 | | public static bool IsStorageAccountIdentifier(string identifier) |
| | 550 | | { |
| | 551 | | return ObjectIdentifier.IsObjectIdentifier("storage", identifier); |
| | 552 | | } |
| | 553 | |
|
| | 554 | | /// <summary> |
| | 555 | | /// Constructor. |
| | 556 | | /// </summary> |
| | 557 | | /// <param name="vaultBaseUrl">The vault base URL.</param> |
| | 558 | | /// <param name="name">The name of the storage account.</param> |
| | 559 | | public StorageAccountIdentifier(string vaultBaseUrl, string name) |
| | 560 | | : base(vaultBaseUrl, "storage", name) |
| | 561 | | { |
| | 562 | | } |
| | 563 | |
|
| | 564 | | /// <summary> |
| | 565 | | /// Constructor. |
| | 566 | | /// </summary> |
| | 567 | | /// <param name="identifier">The Key Vault storage account identifier.</param> |
| | 568 | | public StorageAccountIdentifier(string identifier) |
| | 569 | | : base("storage", identifier) |
| | 570 | | { |
| | 571 | | } |
| | 572 | | } |
| | 573 | |
|
| | 574 | | /// <summary> |
| | 575 | | /// The Key Vault storage SAS definition identifier. |
| | 576 | | /// </summary> |
| | 577 | | public sealed class SasDefinitionIdentifier : ObjectIdentifier |
| | 578 | | { |
| | 579 | | public string StorageAccount { get; set; } |
| | 580 | |
|
| | 581 | | /// <summary> |
| | 582 | | /// Verifies whether the identifier belongs to a key vault storage SAS definition. |
| | 583 | | /// </summary> |
| | 584 | | /// <param name="identifier">The key vault storage SAS definition identifier.</param> |
| | 585 | | /// <returns>True if the identifier belongs to a key vault storage SAS definition. False otherwise.</returns> |
| | 586 | | public static bool IsSasDefinitionIdentifier(string identifier) |
| | 587 | | { |
| | 588 | | if (string.IsNullOrEmpty(identifier)) |
| | 589 | | return false; |
| | 590 | |
|
| | 591 | | var baseUri = new Uri(identifier, UriKind.Absolute); |
| | 592 | |
|
| | 593 | | return baseUri.Segments.Length == 5 && |
| | 594 | | string.Equals(baseUri.Segments[1], "storage/") && |
| | 595 | | string.Equals(baseUri.Segments[3], "sas/"); |
| | 596 | | } |
| | 597 | |
|
| | 598 | | /// <summary> |
| | 599 | | /// Constructor. |
| | 600 | | /// </summary> |
| | 601 | | /// <param name="vaultBaseUrl">The vault base URL.</param> |
| | 602 | | /// <param name="storageAccountName">The name of the storage account.</param> |
| | 603 | | /// <param name="sasDefinitionName">The name of the storage SAS definition.</param> |
| | 604 | | public SasDefinitionIdentifier(string vaultBaseUrl, string storageAccountName, string sasDefinitionName) |
| | 605 | | { |
| | 606 | | if (string.IsNullOrEmpty(vaultBaseUrl)) |
| | 607 | | throw new ArgumentNullException(nameof(vaultBaseUrl)); |
| | 608 | |
|
| | 609 | | if (string.IsNullOrEmpty(storageAccountName)) |
| | 610 | | throw new ArgumentNullException(nameof(storageAccountName)); |
| | 611 | |
|
| | 612 | | if (string.IsNullOrEmpty(sasDefinitionName)) |
| | 613 | | throw new ArgumentNullException(nameof(sasDefinitionName)); |
| | 614 | |
|
| | 615 | | var baseUri = new Uri(vaultBaseUrl, UriKind.Absolute); |
| | 616 | |
|
| | 617 | | StorageAccount = storageAccountName; |
| | 618 | | Name = sasDefinitionName; |
| | 619 | | Version = string.Empty; |
| | 620 | | Vault = string.Format(CultureInfo.InvariantCulture, "{0}://{1}", baseUri.Scheme, baseUri.FullAuthority()); |
| | 621 | | VaultWithoutScheme = baseUri.Authority; |
| | 622 | | BaseIdentifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}/{3}/{4}", Vault, "storage", Storag |
| | 623 | | Identifier = BaseIdentifier; |
| | 624 | | } |
| | 625 | |
|
| | 626 | | /// <summary> |
| | 627 | | /// Constructor. |
| | 628 | | /// </summary> |
| | 629 | | /// <param name="identifier">The key vault storage SAS definition identifier.</param> |
| | 630 | | public SasDefinitionIdentifier(string identifier) |
| | 631 | | { |
| | 632 | | if (string.IsNullOrEmpty(identifier)) |
| | 633 | | throw new ArgumentNullException(nameof(identifier)); |
| | 634 | |
|
| | 635 | | var baseUri = new Uri(identifier, UriKind.Absolute); |
| | 636 | |
|
| | 637 | | // We expect an identifier with 5 segments: host + "storage" + storageName + "sas" + name |
| | 638 | | if (baseUri.Segments.Length != 5) |
| | 639 | | throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, |
| | 640 | | "Invalid ObjectIdentifier: {0}. Bad number of segments: {1}", identifier, baseUri.Segments.Length)); |
| | 641 | |
|
| | 642 | | if (!string.Equals(baseUri.Segments[1], "storage/")) |
| | 643 | | throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, |
| | 644 | | "Invalid ObjectIdentifier: {0}. segment [1] should be '{1}', found '{2}'", identifier, |
| | 645 | | "storage/", baseUri.Segments[1])); |
| | 646 | |
|
| | 647 | | if (!string.Equals(baseUri.Segments[3], "sas/")) |
| | 648 | | throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, |
| | 649 | | "Invalid ObjectIdentifier: {0}. segment [3] should be '{1}', found '{2}'", identifier, "sas/", |
| | 650 | | baseUri.Segments[3])); |
| | 651 | |
|
| | 652 | | StorageAccount = baseUri.Segments[2].Substring(0, baseUri.Segments[2].Length).TrimEnd('/'); |
| | 653 | | Name = baseUri.Segments[4].Substring(0, baseUri.Segments[4].Length).TrimEnd('/'); |
| | 654 | | Version = string.Empty; |
| | 655 | | Vault = string.Format(CultureInfo.InvariantCulture, "{0}://{1}", baseUri.Scheme, baseUri.FullAuthority()); |
| | 656 | | VaultWithoutScheme = baseUri.Authority; |
| | 657 | | BaseIdentifier = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}/{3}/{4}", Vault, "storage", Storag |
| | 658 | | Identifier = BaseIdentifier; |
| | 659 | | } |
| | 660 | | } |
| | 661 | | } |