Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
reading secrets from KeyVault with Microsoft.Azure.Services.AppAuthentication
See original GitHub issueHi,
I’ve just did a console app to read a secret from key vault and it took 24 seconds to retrieve the value. Is it normal? Here’s the code:
static void Main(string[] args)
{
Console.WriteLine(DateTime.Now);
Console.WriteLine(GetValue().Result);
Console.WriteLine(DateTime.Now);
Console.Read();
}
static async Task<string> GetValue()
{
AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider();
var keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
var secret = await keyVaultClient.GetSecretAsync("https://{mykeyvault}.vault.azure.net/secrets/apiKey")
.ConfigureAwait(false);
return secret.Value;
}
and here’s the packages.config
<packages>
<package id="Microsoft.Azure.KeyVault" version="3.0.0" targetFramework="net462" />
<package id="Microsoft.Azure.KeyVault.WebKey" version="3.0.0" targetFramework="net462" />
<package id="Microsoft.Azure.Services.AppAuthentication" version="1.0.3" targetFramework="net462" />
<package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="3.14.2" targetFramework="net462" />
<package id="Microsoft.Rest.ClientRuntime" version="2.3.11" targetFramework="net462" />
<package id="Microsoft.Rest.ClientRuntime.Azure" version="3.3.12" targetFramework="net462" />
<package id="Newtonsoft.Json" version="6.0.8" targetFramework="net462" />
</packages>
Issue Analytics
- State:
- Created 5 years ago
- Comments:32 (9 by maintainers)
Top Results From Across the Web
Quickstart - Azure Key Vault secrets client library for .NET
Learn how to create, retrieve, and delete secrets from an Azure key vault using the .NET client library.
Read more >Use Key Vault from App Service with Azure Managed Identity
Go to the Azure Portal and log in using your Azure account · Search for your Key Vault in Search Resources dialog box...
Read more >App Authentication client library for .NET - version 1.6.0
The Microsoft.Azure.Services.AppAuthentication library manages authentication automatically, which in turn lets you focus on your solution, ...
Read more >AppAuthentication to Azure.Identity Migration Guidance
When the Microsoft.Azure.Services.AppAuthentication library was ... as client credential (using Key Vault certificate secret identifier).
Read more >Authenticate to Azure Key Vault
Learn how to use Key Vault to safeguard and manage cryptographic keys, certificates and secrets used by cloud applications and services.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@navzam yeah you can speed it up without setting a connection string, just add a local environment variable to windows called “AzureServicesAuthConnectionString” with a value of “RunAs=Developer; DeveloperTool=VisualStudio”
I’m also seeing calls to
GetAccessTokenAsync()take ~24 seconds when running locally and not specifying a connection string. As above, when I run Fiddler, I can see a request to169.254.169.254/metadata/identity/oauth2/tokenwhich hangs for ~22 seconds before it times out with a 502.If I set the connection string to one of the local development options, then that request isn’t made and the whole call takes ~3 seconds.
Is the solution for me to detect whether I’m running locally and always set a connection string based on that? Or is there a way to speed up the local behavior when the connection string isn’t specified?