Enhance Connection String

Author: rstropek

MicroservicesWorkshop/RentalManagement/RentalManagement.Test/GetConnectionStringTests.cs

@@ -0,0 +1,73 @@
+using Microsoft.Extensions.Options;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Moq;
+using RentalManagement.Services;
+using System;
+using System.Threading.Tasks;
+
+namespace RentalManagement.Test
+{
+    [TestClass]
+    public class GetConnectionStringTests
+    {
+        [TestMethod]
+        public async Task TestConnectionStringWithoutKeyVaultAndProtocol()
+        {
+            var keyVaultReaderMock = new Mock<IKeyVaultReader>();
+            keyVaultReaderMock.Setup(framework => framework.IsAvailable).Returns(false);
+
+            var dbServerOptions = new DbServerOptions
+            {
+                Server = "s",
+                Database = "d",
+                DbPassword = "p"
+            };
+            var optionsMock = new Mock<IOptions<DbServerOptions>>();
+            optionsMock.Setup(framework => framework.Value).Returns(dbServerOptions);
+
+            var da = new DataAccess(keyVaultReaderMock.Object, optionsMock.Object);
+            Assert.AreEqual("Data Source=s;Initial Catalog=d;User ID=demo;Password=p", await da.GetConnectionString());
+        }
+
+        [TestMethod]
+        public async Task TestConnectionStringWithoutKeyVaultAndWithProtocol()
+        {
+            var keyVaultReaderMock = new Mock<IKeyVaultReader>();
+            keyVaultReaderMock.Setup(framework => framework.IsAvailable).Returns(false);
+
+            var dbServerOptions = new DbServerOptions
+            {
+                Server = "s",
+                Database = "d",
+                DbPassword = "p",
+                Protocol = "tcp",
+                TcpPort = 1433
+            };
+            var optionsMock = new Mock<IOptions<DbServerOptions>>();
+            optionsMock.Setup(framework => framework.Value).Returns(dbServerOptions);
+
+            var da = new DataAccess(keyVaultReaderMock.Object, optionsMock.Object);
+            Assert.AreEqual("Data Source=tcp:s,1433;Initial Catalog=d;User ID=demo;Password=p", await da.GetConnectionString());
+        }
+
+        [TestMethod]
+        public async Task TestConnectionStringWithKeyVaultAndProtocol()
+        {
+            var keyVaultReaderMock = new Mock<IKeyVaultReader>();
+            keyVaultReaderMock.Setup(framework => framework.IsAvailable).Returns(true);
+            keyVaultReaderMock.Setup(framework => framework.GetSecretAsync(It.IsAny<string>())).Returns(Task.FromResult("p"));
+
+            var dbServerOptions = new DbServerOptions
+            {
+                Server = "s",
+                Database = "d",
+                Protocol = "tcp"
+            };
+            var optionsMock = new Mock<IOptions<DbServerOptions>>();
+            optionsMock.Setup(framework => framework.Value).Returns(dbServerOptions);
+
+            var da = new DataAccess(keyVaultReaderMock.Object, optionsMock.Object);
+            Assert.AreEqual("Data Source=tcp:s,1433;Initial Catalog=d;User ID=demo;Password=p", await da.GetConnectionString());
+        }
+    }
+}

MicroservicesWorkshop/RentalManagement/RentalManagement/Services/DataAccess.cs

@@ -1,12 +1,6 @@
-using Microsoft.Azure.KeyVault;
-using Microsoft.Extensions.Options;
-using Microsoft.IdentityModel.Clients.ActiveDirectory;
-using System;
-using System.Collections.Generic;
+using Microsoft.Extensions.Options;
 using System.Data.SqlClient;
-using System.Diagnostics;
-using System.Linq;
-using System.Threading;
+using System.Text;
 using System.Threading.Tasks;
 
 namespace RentalManagement.Services
@@ -39,10 +33,42 @@ public async Task<string> GetDbNameAsync()
             }
         }
 
-        private async Task<string> GetConnectionString()
+        public async Task<string> GetConnectionString()
         {
-            var dbPassword = await keyVaultReader.GetSecretAsync("DbPassword");
-            return $"Server=tcp:{dbServerOptions.Server},1433;Initial Catalog={dbServerOptions.Database};User ID=demo;Password={dbPassword}";
+            var builder = new SqlConnectionStringBuilder();
+
+            #region Build data source
+            var dataSouceBuilder = new StringBuilder(dbServerOptions.Server.Length + 10);
+            if (dbServerOptions.Protocol != null)
+            {
+                // Add protocol if configured
+                dataSouceBuilder.Append(dbServerOptions.Protocol);
+                dataSouceBuilder.Append(':');
+            }
+
+            dataSouceBuilder.Append(dbServerOptions.Server);
+            if (dbServerOptions?.Protocol == "tcp")
+            {
+                // Add port if configured
+                dataSouceBuilder.Append(',');
+                dataSouceBuilder.Append(dbServerOptions.TcpPort ?? 1433);
+            }
+            builder.DataSource = dataSouceBuilder.ToString();
+
+            builder.InitialCatalog = dbServerOptions.Database;
+            builder.UserID = dbServerOptions?.DbUser ?? "demo";
+            #endregion
+
+            if (keyVaultReader != null && keyVaultReader.IsAvailable)
+            {
+                builder.Password = await keyVaultReader.GetSecretAsync("DbPassword");
+            }
+            else
+            {
+                builder.Password = dbServerOptions.DbPassword;
+            }
+
+            return builder.ToString();
         }
     }
 }

MicroservicesWorkshop/RentalManagement/RentalManagement/Services/DbServerOptions.cs

@@ -4,5 +4,9 @@ public class DbServerOptions
     {
         public string Server { get; set; }
         public string Database { get; set; }
+        public string DbPassword { get; set; }
+        public string DbUser { get; set; }
+        public string Protocol { get; set; }
+        public int? TcpPort { get; set; }
     }
 }

MicroservicesWorkshop/RentalManagement/RentalManagement/Services/IDataAccess.cs

@@ -5,5 +5,6 @@ namespace RentalManagement.Services
     public interface IDataAccess
     {
         Task<string> GetDbNameAsync();
+        Task<string> GetConnectionString();
     }
 }

MicroservicesWorkshop/RentalManagement/RentalManagement/Services/IKeyVaultReader.cs

@@ -4,6 +4,7 @@ namespace RentalManagement.Services
 {
     public interface IKeyVaultReader
     {
+        bool IsAvailable { get; }
         Task<string> GetSecretAsync(string key);
     }
 }

MicroservicesWorkshop/RentalManagement/RentalManagement/Services/KeyVaultReader.cs

@@ -1,13 +1,20 @@
 using Microsoft.Azure.KeyVault;
 using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.Clients.ActiveDirectory;
+using System;
+using System.Collections.Generic;
+using System.Security;
 using System.Threading.Tasks;
 
 namespace RentalManagement.Services
 {
     public class KeyVaultReader : IKeyVaultReader
     {
         private KeyVaultOptions keyVaultOptions;
+        private Dictionary<string, DateTime> lastRefreshTimestamps = new Dictionary<string, DateTime>();
+        private Dictionary<string, string> secrets = new Dictionary<string, string>();
+
+        public bool IsAvailable => keyVaultOptions?.VaultName != null;
 
         public KeyVaultReader(IOptions<KeyVaultOptions> keyVaultOptions)
         {
@@ -17,16 +24,28 @@ public KeyVaultReader(IOptions<KeyVaultOptions> keyVaultOptions)
         private async Task<string> GetTokenAsync(string authority, string resource, string scope)
         {
             var authContext = new AuthenticationContext(authority);
-            var clientCred = new ClientCredential(this.keyVaultOptions.ClientID, this.keyVaultOptions.ClientSecret);
+            var clientCred = new ClientCredential(keyVaultOptions.ClientID, keyVaultOptions.ClientSecret);
             var result = await authContext.AcquireTokenAsync(resource, clientCred);
             return result.AccessToken;
         }
 
         public async Task<string> GetSecretAsync(string key)
         {
-            var kv = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetTokenAsync));
-            var sec = await kv.GetSecretAsync($"https://{this.keyVaultOptions.VaultName}.vault.azure.net/secrets/{key}");
-            return sec.Value;
+            var now = DateTime.UtcNow;
+            if (lastRefreshTimestamps.ContainsKey(key) && lastRefreshTimestamps[key] > now.AddHours(-1))
+            {
+                return secrets[key];
+            }
+            else
+            {
+                var kv = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetTokenAsync));
+                var sec = await kv.GetSecretAsync($"https://{keyVaultOptions.VaultName}.vault.azure.net/secrets/{key}");
+
+                lastRefreshTimestamps[key] = now;
+                secrets[key] = sec.Value;
+
+                return sec.Value;
+            }
         }
     }
 }

MicroservicesWorkshop/RentalManagement/RentalManagement/appsettings.json

@@ -15,9 +15,15 @@
   "ApplicationInsights": {
     "InstrumentationKey": "6d06bf9d-6953-4d2e-b9aa-e3c27ec5f5b4"
   },
+  "DB2": {
+    "Server": "(localdb)\\dev",
+    "Database": "msws",
+    "DbPassword": "P@ssw0rd!123"
+  },
   "DB": {
     "Server": "msws-sql-tlkbaeerqaffc.database.windows.net",
-    "Database": "msws-db-test"
+    "Database": "msws-db-test",
+    "Protocol": "tcp"
   },
   "KeyVault": {
     "VaultName": "secretstestvehqmnkannhhx",