Skip to content

Commit

Permalink
Expose VaultSharp's PostProcessHttpClientHandlerAction hook (#52)
Browse files Browse the repository at this point in the history
Expose PostProcessHttpClientHandlerAction via the VaultSharp configuration
provider settings.  This allows arbitrary customizations to the underlying
HTTP client, such as customizing HTTP proxy settings.
  • Loading branch information
deberhar authored Feb 6, 2024
1 parent ec06b46 commit 7037831
Show file tree
Hide file tree
Showing 3 changed files with 66 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,8 @@ public override void Load()
{
clientHandler.ServerCertificateCustomValidationCallback = this.ConfigurationSource.Options.ServerCertificateCustomValidationCallback;
}

this.ConfigurationSource.Options.PostProcessHttpClientHandlerAction?.Invoke(clientHandler);
}
}
};
Expand Down
12 changes: 12 additions & 0 deletions Source/VaultSharp.Extensions.Configuration/VaultOptions.cs
Original file line number Diff line number Diff line change
Expand Up @@ -163,5 +163,17 @@ public VaultOptions(
/// An optional action to post-process the HttpClientHandler. Used to manually validate the server certificate. Ignored if AcceptInsecureConnection is true.
/// </summary>
public Func<HttpRequestMessage, X509Certificate2?, X509Chain?, SslPolicyErrors, bool>? ServerCertificateCustomValidationCallback { get; set;}

/// <summary>
/// An optional hook to allow custom configuration of the HttpClientHandler.
/// This is useful if you need to customize the HTTP client's proxy settings, for example.
/// </summary>
/// <remarks>
/// The action will be invoked after the VaultSharp provider applies the AcceptInsecureConnection and ServerCertificateCustomValidationCallback
/// customizations, if you enabled them. Be aware that if you overwrite the HttpMessageHandler's ServerCertificateCustomValidationCallback
/// in your action-handler method, you will cancel out the effect of enabling the AcceptInsecureConnection and/or
/// ServerCertificateCustomValidationCallback options.
/// </remarks>
public Action<HttpMessageHandler>? PostProcessHttpClientHandlerAction { get; set; }
}
}
52 changes: 52 additions & 0 deletions Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests.cs
Original file line number Diff line number Diff line change
Expand Up @@ -616,6 +616,58 @@ public async Task Failure_PermissionDenied()
It.Is<Func<It.IsAnyType, Exception?, string>>((v, t) => true)), Times.Once);

}

[Fact]
public async Task Success_Proxy_Verify_Custom_Hook_Invoked()
{
// arrange
using CancellationTokenSource cts = new CancellationTokenSource();
var values =
new Dictionary<string, IEnumerable<KeyValuePair<string, object>>>
{
{
"myservice-config", new[]
{
new KeyValuePair<string, object>("option1", "value1"),
new KeyValuePair<string, object>("subsection", new {option2 = "value2"}),
}
},
};

var container = this.PrepareVaultContainer();
try
{
await container.StartAsync(cts.Token).ConfigureAwait(false);
await this.LoadDataAsync("http://localhost:8200", values).ConfigureAwait(false);

// Moq mock of PostProcessHttpClientHandlerAction implementation:
var mockConfigureProxyAction = new Mock<Action<HttpMessageHandler>>();

// act
ConfigurationBuilder builder = new ConfigurationBuilder();
builder.AddVaultConfiguration(
() => new VaultOptions("http://localhost:8200", new TokenAuthMethodInfo("root"), reloadOnChange: true, reloadCheckIntervalSeconds: 10, omitVaultKeyName: true)
{
PostProcessHttpClientHandlerAction = mockConfigureProxyAction.Object
},
"myservice-config",
"secret",
this.logger);
var configurationRoot = builder.Build();

// assert secrets were loaded successfully:
configurationRoot.GetValue<string>("option1").Should().Be("value1");
configurationRoot.GetSection("subsection").GetValue<string>("option2").Should().Be("value2");

// assert that PostProcessHttpClientHandlerAction was actually invoked, and a HttpMessageHandler was passed:
mockConfigureProxyAction.Verify(x => x(It.IsAny<HttpMessageHandler>()), Times.Once);
}
finally
{
cts.Cancel();

Check warning on line 667 in Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests.cs

View workflow job for this annotation

GitHub Actions / Build

Cancel synchronously blocks. Await CancelAsync instead. (https://github.com/Microsoft/vs-threading/blob/main/doc/analyzers/VSTHRD103.md)

Check warning on line 667 in Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests.cs

View workflow job for this annotation

GitHub Actions / Build

Cancel synchronously blocks. Await CancelAsync instead. (https://github.com/Microsoft/vs-threading/blob/main/doc/analyzers/VSTHRD103.md)

Check warning on line 667 in Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests.cs

View workflow job for this annotation

GitHub Actions / Release

Cancel synchronously blocks. Await CancelAsync instead. (https://github.com/Microsoft/vs-threading/blob/main/doc/analyzers/VSTHRD103.md)

Check warning on line 667 in Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests.cs

View workflow job for this annotation

GitHub Actions / Release

Cancel synchronously blocks. Await CancelAsync instead. (https://github.com/Microsoft/vs-threading/blob/main/doc/analyzers/VSTHRD103.md)
await container.DisposeAsync().ConfigureAwait(false);
}
}
}

public class TestConfigObject
Expand Down

0 comments on commit 7037831

Please sign in to comment.