我有一个密钥库,该密钥库使用秘密密钥检索javascript中的凭据。但是我的客户不想使用“ VaultSettings.KeyVaultSettings.azureKeyVaultAccessKey”,这是在密钥库门户中注册的应用程序的秘密值。 以下是用于访问凭据的代码。
C#AzureServiceTokenProvider()中提供了一种方法,该方法提供可用于访问keyVault中的凭据的令牌。我们在node.js中有类似的东西吗?
const AuthenticationContext = require('adal-node').AuthenticationContext;
let VaultSettings = require('./KeyVaultSettings');
class KeyVaultUtils {
constructor(secretNameIdentifier, secretVersionIdentifier) {
this.secretName = secretNameIdentifier;
this.secretVersion = secretVersionIdentifier;
}
authenticator(challenge, callback) {
var context = new AuthenticationContext(challenge.authorization);
return context.acquireTokenWithClientCredentials(challenge.resource,
VaultSettings.KeyVaultSettings.clientAppId,
VaultSettings.KeyVaultSettings.azureKeyVaultAccessKey,
function (err, tokenResponse) {
if (err) throw err;
var authorizationValue = tokenResponse.tokenType + ' ' + tokenResponse.accessToken;
return callback(null, authorizationValue);
});
}
getKeyVaultValue(callback) {
var credentials = new KeyVault.KeyVaultCredentials(this.authenticator);
var client = new KeyVault.KeyVaultClient(credentials);
client.getSecret(VaultSettings.KeyVaultSettings.vaultUri, VaultSettings.KeyVaultSettings.azureAccount, VaultSettings.KeyVaultSettings.azureAccountKey)
.then(function (result) {
callback(result);
});
};
}
module.exports = { KeyVaultUtils };```