我在一个天蓝色的密钥库中有两个秘密,分别是 Secret-1 和 Secret-2 。使用Clinet ID,客户机密,基本URL,我可以访问Secret-1,但是无法访问Secret-2,因为后者在同一个Azure密钥保管库中。它抛出“ Microsoft.Azure.KeyVault:操作返回了无效的状态码'NotFound'”错误。有人可以建议我们可能会丢失的地方,并且无法访问“ Secret-2 ”。
主要功能代码
main function()
{
kvc = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetToken));
SecretBundle secret = Task.Run(() => kvc.GetSecretAsync(baseSecretURI + @"secrets/" +
secretName)).ConfigureAwait(false).GetAwaiter().GetResult();
}
public static async Task<string> GetToken(string authority, string resource, string scope)
{
var authContext = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext(authority);
ClientCredential clientCred = new ClientCredential(clientID, clientSecret);
AuthenticationResult result = await authContext.AcquireTokenAsync(resource, clientCred);
if (result == null)
throw new System.InvalidOperationException("Failed to obtain the JWT token");
return result.AccessToken; // error thrown at this line when trying to access Secret-2
}
答案 0 :(得分:0)
NotFound错误通常表明在Azure Key Vault实例中没有与您所请求的内容匹配的秘密。您是否可以确认在Azure Key Vault实例中存在一个您所请求名称的秘密?
解决方法:Remove the secret from the key vault and generate a new one,然后重试。
我用您提供的代码中的以下代码进行测试。
var kvc = new KeyVaultClient(async (authority, resource, scope) =>
{
var adCredential = new ClientCredential(clientId,clientSecret);
var authenticationContext = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext(authority, null);
var authenticationResult = await authenticationContext.AcquireTokenAsync(resource, adCredential);
return authenticationResult.AccessToken;
});
SecretBundle secret = Task.Run(() => kvc.GetSecretAsync(baseSecretURI + @"secrets/" + secretName)).ConfigureAwait(false).GetAwaiter().GetResult();