Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Raja Nadar
    @rajanadar
    Yes. I am working on that next. Enhance the next NuGet package with multi platform outputs.
    kiranvengala
    @DotNetGeek2017_gitlab
    Where do we find the vault client api spec??
    i was going through the https://www.vaultproject.io/ i do not see any
    Raja Nadar
    @rajanadar
    @andrewhart098 thanks for the offer. Right now, I redesigned VaultSharp for modularity & did the 0.10.x release. I expect the design to be stable now and keep adding new features on this design. Need to get a .net 1.x, .net 4.5 support going. After that, feel free to add bit by bit to the lib.
    @DotNetGeek2017_gitlab I am working on the support for .net core 1.x, .net 4.5 support etc.
    Raja Nadar
    @rajanadar
    also, the vault api spec is here: https://www.vaultproject.io/api/index.html
    the vaultsharp docs is here (more to be added) https://github.com/rajanadar/VaultSharp/blob/master/README.md
    --
    Raja Nadar
    @rajanadar
    @/all VaultSharp 0.10.4002 is now available. On par with Vault 0.10.4

    Platforms supported: .Net Core 1.0 above, .NET Framework 4.5 and above, Mono 4.6 above, Xamarin (mac, ios, android), UWP 10.0 and above etc.

    Feature highlights: Supports all Auth methods, all Secret engines, several system apis, first class support for Consul, kv v1 and v2, enterprise vault apis, abundant intellisense, custom hooks to set web-proxy etc.

    --
    @DotNetGeek2017_gitlab The latest release supports .Net Core 1.0.
    Rodrigo Vidal
    @rodrigovidal
    @rajanadar Hi I'm trying to use VaultSharp with AWS IAM Auth. Do you have an example on how to use IAMAWSAuthMethodInfo?
    do I have to sign the request by myself?
    leowmjw
    @leowmjw
    @rajanadar Hope you can provide some pointers; could not figure it out. Once i get a VaultClient after doing Github authentication; I did not see how to get the Vault Client token so that for the next calls (until the token expire) it will not need to relogin. Did not see an example, what am I missing?
    Raja Nadar
    @rajanadar
    @rodrigovidal yes, you need to sign the request yourself. Let me know details, and if it is something generic, i'll bake it in in the coming days.
    @leowmjw Every instance of IAuthMethodInfo has a property called ReturnedLoginAuthInfo
    Once you do even 1 authenticated vault api call using the library, the vault token will be available in this ReturnedLoginAuthInfo object.
    So hold onto the reference of IAuthMethodInfo you use to create the Vault Client.
    And by the way, the library is a little smart.. It doesn't "relogin" on every api call. I use a Lazy evaluator to get the Token only once. That token is reused for all successive calls. (till the app domain recylces or you reinitialize the vault client)
    So please take that into account before you go and implement a "token caching"/"relogin mechanism" etc.
    Raja Nadar
    @rajanadar
    In short,
    1. When you initialize the Vault Client, nothing really happens. No login is performed.
    1. When the first Vault API call is requested, the login call happens and the token is stored in the library.
    1. For further API calls, NO relogin happens. The previous token is used.
    This Auth Info is available in the IAuthMethodInfo object after step 2.

    leowmjw
    @leowmjw
    Thanks for the clarification @rajanadar ! I'll do a PR documenting this case and as an example.
    simonthum
    @simonthum
    Hi @rajanadar ,
    I am evalauting this library and wonder if the login / token storage you describe above would work well for me. I want to renew certificates every month or so, and I would prefer not to keep the auth token live for so long. Does it relogin when the token expired?
    copperorange
    @copperorange
    Hi @rajanadar thank you for your good work. A quick question and an update request.
    Question: Why in KeyValueSecretsEngineV2Provider.cs line 23/57 is /data/ injected between path? --- "/data/" + path.Trim('/') --- What if it was set outside of the api to a different path?
    Update Request: I think I have fallen into issue 61 and can see other interest also. Is that on the priority list?
    copperorange
    @copperorange

    Hi @rajanadar thank you for your good work. A quick question and an update request.
    Question: Why in KeyValueSecretsEngineV2Provider.cs line 23/57 is /data/ injected between path? --- "/data/" + path.Trim('/') --- What if it was set outside of the api to a different path?
    Update Request: I think I have fallen into issue 61 and can see other interest also. Is that on the priority list?

    Never-mind the question. I assume that is the V2 difference. V1 is ok. The update is request is still valid

    jegansivathanu
    @jegansivathanu
    hi
    hi,could you please anyone help to use GitHub using vault.i have a requirement that,write and read some secrets using GitHub have already create personal access token in GitHub and i not able to access GitHub repository from .net.thanks in advance
    archanakpsharma
    @archanakpsharma
    Hi there
    I want to establish a connection to Vault system and through the LDAP Auth Method but unable to get authencticated as VaultToken is not getting generated. Can you please help
    Dzmitry Martavoi
    @martavoi

    Hi, im trying to login using AWS IAM, but stuck with an exception:

    {"errors":["didn't supply required authentication values"]}

    code (copied from GitHub's README page):

               var amazonSecurityTokenServiceConfig = new AmazonSecurityTokenServiceConfig();
                var creds = FallbackCredentialsFactory.GetCredentials();
                var iamRequest = GetCallerIdentityRequestMarshaller.Instance.Marshall(new GetCallerIdentityRequest());
                iamRequest.Endpoint = new Uri(amazonSecurityTokenServiceConfig.DetermineServiceURL());
                iamRequest.ResourcePath = "/";
                iamRequest.Headers.Add("User-Agent", "https://github.com/rajanadar/vaultsharp/0.11.1000");
                iamRequest.Headers.Add("X-Amz-Security-Token", creds.GetCredentials().Token);
                iamRequest.Headers.Add("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
                new AWS4Signer().Sign(iamRequest, amazonSecurityTokenServiceConfig, new RequestMetrics(), creds.GetCredentials().AccessKey, 
                     creds.GetCredentials().SecretKey);
                var iamStsRequestHeaders = iamRequest.Headers;
                var base64EncodedIamRequestHeaders = Convert.ToBase64String(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(iamStsRequestHeaders)));
    
                var a1 = new IAMAWSAuthMethodInfo(AuthMethodType.AWS.Type, base64EncodedIamRequestHeaders, Guid.NewGuid().ToString(), "mt-fxrates-honduras");
                var cs = new VaultClientSettings(settings.Vault.Host, a1);
                var c = new VaultClient(cs);
                var secret = c.V1.Secrets.KeyValue.V1.ReadSecretAsync(settings.Vault.Path).Result;

    vault's role record

    vault write auth/aws/role/mt-fxrates-honduras auth_type=iam policies=mt-fxrates-honduras max_ttl=1h bound_iam_principal_arn=arn:aws:iam::312226949769:role/lambda_basic_vpc_execution

    Any help is appreciated. Thanks

    David Hoerster
    @DavidHoerster
    Hi there! I'm trying to use the VaultSharp Azure Auth method to utilize an MSI that I've created for an App Service that I wan to have communicate with my Vault Server (which is running on a VM). When I go to request a secret from Vault, I get an error that is requiring me to put in the vmName when I create my vault client settings. But since this is an App Service, the resource mapping is off -- the VM name maps to /resources/virtualMachines, but my app service is located at a different resource path. Is support for App Service's using MSI going to be supported in VaultSharp?....and, also, is there a way to authenticate today for an App Service's MSI? Thank you!
    Torben Hørup
    @hoerup
    Does anybody know if Raja Nadar is still around - he's been quiet lately ?
    Roman Marusyk
    @Marusyk
    Hi all, what do you think about this https://github.com/VaultSharp
    Raja Nadar
    @rajanadar
    @simonthum the relogin is not automatic. you need to do it explicitly.

    Hi there

    can you provide a code snippet and the exact exception?

    ---- folks, there was a personal emergency that kept me out cold. i'm back now. let me know any open issues ---
    Raja Nadar
    @rajanadar
    Folks, we have some really active community members that have answered questions in the past in GH issues. For the benefit of wider community, the recommendation moving forward is to ask your questions on Stack Overflow, with the vault-sharp tag... Please go ahead and ask questions there. https://stackoverflow.com/questions/tagged/vault-sharp
    Raja Nadar
    @rajanadar

    hello folks, happy to announce the release of VaultSharp 1.4.0 today. It has all the Auth backends and Secret Engines supported by Vault 1.4.0. Cheers!
    Mohammad Azhar Ali
    @azhar144
    @rajanadar I am using VaultSharp NuGet package with .NET frameworks 4.8 and .Net Core 3.1 it's working perfect with .Net Core 3.1 but with .Net Framework 4.8 it's not able to resolve. I am getting this error "Could not load file or assembly VaultSharp, version =1.4.0.5, culture =neutral, PublicKeyToken = cb3d4aad92b0eded"
    Raja Nadar
    @rajanadar
    Thanks Mohammed. Can you please open a github issue? I'll have a look at it this weekend.
    Mohammad Azhar Ali
    @azhar144
    Thanks for the response, It worked fine when I copied two dlls in the bin folder newtonsoftjson.dll and vaultsharp.dll