diff --git a/src/ShareGate.Extensions.Configuration.Secrets/ISecretClientProvider.cs b/src/ShareGate.Extensions.Configuration.Secrets/ISecretClientProvider.cs index 78660e0..576e384 100644 --- a/src/ShareGate.Extensions.Configuration.Secrets/ISecretClientProvider.cs +++ b/src/ShareGate.Extensions.Configuration.Secrets/ISecretClientProvider.cs @@ -5,9 +5,9 @@ namespace ShareGate.Extensions.Configuration.Secrets; public interface ISecretClientProvider { - SecretClient GetSecretClient(KeyVaultKind keyVaultKind); + SecretClient GetSecretClient(KeyVaultKind keyVaultKind, SecretClientOptions? options = null); - SecretClient GetSecretClient(Uri keyVaultUri); + SecretClient GetSecretClient(Uri keyVaultUri, SecretClientOptions? options = null); - SecretClient GetSecretClient(string configurationKey); + SecretClient GetSecretClient(string configurationKey, SecretClientOptions? options = null); } \ No newline at end of file diff --git a/src/ShareGate.Extensions.Configuration.Secrets/SecretClientProvider.cs b/src/ShareGate.Extensions.Configuration.Secrets/SecretClientProvider.cs index 7f8d7fb..a907493 100644 --- a/src/ShareGate.Extensions.Configuration.Secrets/SecretClientProvider.cs +++ b/src/ShareGate.Extensions.Configuration.Secrets/SecretClientProvider.cs @@ -28,13 +28,13 @@ public SecretClientProvider(IConfigurationBuilder configurationBuilder, IHostEnv { } - public SecretClient GetSecretClient(KeyVaultKind keyVaultKind) + public SecretClient GetSecretClient(KeyVaultKind keyVaultKind, SecretClientOptions? options = null) { var keyVaultUri = this.GetKeyVaultUri(keyVaultKind); - return this.GetSecretClient(keyVaultUri); + return this.GetSecretClient(keyVaultUri, options); } - public SecretClient GetSecretClient(Uri keyVaultUri) + public SecretClient GetSecretClient(Uri keyVaultUri, SecretClientOptions? options = null) { if (keyVaultUri == null) { @@ -44,10 +44,10 @@ public SecretClient GetSecretClient(Uri keyVaultUri) var azureCredential = this._tokenCredentialProvider.GetTokenCredential(); // SecretClient already has a default retry policy (max 3 retries) - return new SecretClient(keyVaultUri, azureCredential); + return new SecretClient(keyVaultUri, azureCredential, options); } - public SecretClient GetSecretClient(string configurationKey) + public SecretClient GetSecretClient(string configurationKey, SecretClientOptions? options = null) { if (configurationKey == null) { @@ -55,7 +55,7 @@ public SecretClient GetSecretClient(string configurationKey) } var keyVaultUri = this.GetKeyVaultUri(configurationKey); - return this.GetSecretClient(keyVaultUri); + return this.GetSecretClient(keyVaultUri, options); } private Uri GetKeyVaultUri(KeyVaultKind keyVaultKind) diff --git a/src/ShareGate.Extensions.Configuration.Secrets/TokenCredentialProvider.cs b/src/ShareGate.Extensions.Configuration.Secrets/TokenCredentialProvider.cs index 3f5c9d6..6ec2b65 100644 --- a/src/ShareGate.Extensions.Configuration.Secrets/TokenCredentialProvider.cs +++ b/src/ShareGate.Extensions.Configuration.Secrets/TokenCredentialProvider.cs @@ -28,16 +28,16 @@ public TokenCredential GetTokenCredential() return GetAzureCliCompatibleTokenCredential(); } - // We prefer to only use Azure Managed Identity over DefaultAzureCredential which allows multiple ways to authenticate against Azure // See https://docs.microsoft.com/en-us/dotnet/api/azure.identity.defaultazurecredential?view=azure-dotnet - return new ManagedIdentityCredential(); + return new DefaultAzureCredential(); } private static TokenCredential GetAzureCliCompatibleTokenCredential() { // Azure CLI does not work when Fiddler is active so we need to use an interactive authentication method instead + // When Fiddler is not active, we try to use AzureCliCredential because it's way faster than DefaultAzureCredential on startup return FiddlerProxyDetector.IsFiddlerActive() ? new CachedInteractiveBrowserCredential() - : new ChainedTokenCredential(new AzureCliCredential(), new ManagedIdentityCredential()); + : new ChainedTokenCredential(new AzureCliCredential(), new DefaultAzureCredential()); } } \ No newline at end of file