This repository has been archived by the owner on Jan 5, 2025. It is now read-only.

feat: support app service certificate store pds integration #9

Merged

liammoat merged 20 commits into main from feat/x509-certificate-for-pds

Apr 18, 2024

Contributor

liammoat commented Apr 16, 2024 •

edited

Loading

This PR introduces the ability to store PDS certificates as "certificates" in Azure Key Vault. This enables us to load those certificates into the Azure App Service certificate store. From here, they are loaded into the application and read as X509 certs.

Confirmation from development this auth flow works successfully:

NOTE: We are tracking a bug on the downstream project. ClientId and Kid are not currently being set in the configuration. These needs picking up separately.

liammoat added 5 commits

April 16, 2024 10:37


          docs: guide for pfx certificate preperation

1a1799b


          feat: update JwtHandler to support private key store

6c63ad8


          fix: update to use client_id

ed1c675


          fix: update typo in file name

ba07374


          Merge remote-tracking branch 'upstream/main' into feat/x509-certifica…

e378a0d

…te-for-pds

gaurarpit self-requested a review

April 17, 2024 09:09

liammoat self-assigned this

gaurarpit reviewed

View reviewed changes

docs/national-services/certificate-preparation.md Outdated Show resolved Hide resolved

gaurarpit reviewed

View reviewed changes

docs/national-services/certificate-preparation.md Outdated Show resolved Hide resolved

gaurarpit reviewed

View reviewed changes

src/Infrastructure/Common/Authentication/JwtHandler.cs Outdated Show resolved Hide resolved


          Update certificate-preparation.md

fd53832

Co-authored-by: Arpit Gaur <[email protected]>

gaurarpit reviewed

View reviewed changes

src/Infrastructure/Common/Authentication/JwtHandler.cs Outdated Show resolved Hide resolved

gaurarpit reviewed

View reviewed changes

Contributor

gaurarpit left a comment

some comments.

liammoat and others added 12 commits

April 17, 2024 14:03


          Update docs/national-services/certificate-preparation.md

97ddcec

Co-authored-by: Arpit Gaur <[email protected]>


          Update src/Infrastructure/Common/Authentication/JwtHandler.cs

a7dbe53

Co-authored-by: Arpit Gaur <[email protected]>


          Update src/Infrastructure/Common/Authentication/JwtHandler.cs

e43ed60

Co-authored-by: Arpit Gaur <[email protected]>


          refactor: remove whitespace

84b6d33


          Merge remote-tracking branch 'upstream/main' into feat/x509-certifica…

cbc2146

…te-for-pds


          fix: var name

aa1e077


          fix: remove duplicate access policy

cbd21e7


          docs: convert cert to x509 format

f348273


          fix: use backing secret to load certificate from shared key vault

26bef22


          cd: add package versions to data init step

28a7127


          fix: load certs

9fc1970


          refactor: remove comma

cec5632

gaurarpit reviewed

View reviewed changes

src/Infrastructure/Common/Handlers/HttpClientAuthenticationHandler.cs Show resolved Hide resolved

gaurarpit approved these changes

View reviewed changes

Contributor

gaurarpit commented Apr 18, 2024

approved. let's wait for final testing from your in ADO.


          fix: update path for private cert

dc1c605

liammoat changed the title ~~[DRAFT] feat: support app service certificate store pds integration~~ feat: support app service certificate store pds integration

johncollinson2001 reviewed

View reviewed changes

src/Api/appsettings.json Outdated Show resolved Hide resolved


          fix: add placeholder for CertificateThumbprint

bd6a66e

liammoat requested a review from johncollinson2001

April 18, 2024 14:20

liammoat merged commit 7ec7e97 into main

liammoat deleted the feat/x509-certificate-for-pds branch

April 18, 2024 14:36

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet