C
C
Azure Key Vault - List Matching Secrets
See more Secrets Examples
List secrets in the Azure Key Vault matching one or more wildcarded names for app, service, domain, and username.Note: This example requires Chilkat v10.1.0 or later.
Chilkat C Downloads
#include <C_CkSecrets.h>
#include <C_CkJsonObject.h>
void ChilkatSample(void)
{
BOOL success;
HCkSecrets bootstrap;
HCkJsonObject bsId;
HCkSecrets secrets;
HCkJsonObject jsonMatch;
HCkJsonObject results;
const char *appName;
const char *service;
const char *domain;
const char *username;
const char *azure_id;
int i;
int numSecrets;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// The bootstrap secret will contain the following information:
// Azure Tenant ID
// Azure Client ID
// Azure Client Secret
// See following examples for setting up a bootstrap secret in memory,
// or in the local manager (Windows Credentials Manager or Apple Keychain)
// Setup Bootstrap Secret in Local Manager
// Setup Bootstrap Secret in Memory
bootstrap = CkSecrets_Create();
// Set the location of the bootstrap secret.
// Can be "local_manager" or "memory", depending on how you setup the bootstrap secret.
// ---------------------------------------------------------------------------------------------
// If your operating system is NOT Windows or MacOS/iOS, then change "local_manager" to "memory"
// You can also, if desired, use "memory" on Windows and MacOS/iOS if your bootstrap secret was previously setup in memory.
// ---------------------------------------------------------------------------------------------
CkSecrets_putLocation(bootstrap,"local_manager");
// Specify the bootstrap secret to be used.
bsId = CkJsonObject_Create();
CkJsonObject_UpdateString(bsId,"appName","azure_bs");
CkJsonObject_UpdateString(bsId,"service","Example");
CkJsonObject_UpdateString(bsId,"username","Joe");
// ----------------------------------------------------
secrets = CkSecrets_Create();
// Setup for the Azure Key Vault
CkSecrets_putLocation(secrets,"azure_key_vault");
success = CkSecrets_SetBootstrapSecret(secrets,bsId,bootstrap);
if (success == FALSE) {
printf("%s\n",CkSecrets_lastErrorText(secrets));
CkSecrets_Dispose(bootstrap);
CkJsonObject_Dispose(bsId);
CkSecrets_Dispose(secrets);
return;
}
// Set wildcarded or exact values for appName, service, domain, and username.
// Omit any members where anything is allowed to match, or alternatively specify "*" to match anything.
jsonMatch = CkJsonObject_Create();
CkJsonObject_UpdateString(jsonMatch,"appName","Test*");
// The following lines can be omitted. Not specifying anything for service, domain, or username is the same as "*".
CkJsonObject_UpdateString(jsonMatch,"service","*");
CkJsonObject_UpdateString(jsonMatch,"domain","*");
CkJsonObject_UpdateString(jsonMatch,"username","*");
// For Azure Key Vault, we also need to specify the name of the vault containing the secrets to be listed.
// Replace "kvChilkat" with the name of your key vault.
CkJsonObject_UpdateString(jsonMatch,"vaultName","kvChilkat");
results = CkJsonObject_Create();
CkJsonObject_putEmitCompact(results,FALSE);
success = CkSecrets_ListSecrets(secrets,jsonMatch,results);
if (success == FALSE) {
printf("%s\n",CkSecrets_lastErrorText(secrets));
CkSecrets_Dispose(bootstrap);
CkJsonObject_Dispose(bsId);
CkSecrets_Dispose(secrets);
CkJsonObject_Dispose(jsonMatch);
CkJsonObject_Dispose(results);
return;
}
printf("%s\n",CkJsonObject_emit(results));
// Sample output:
// {
// "secrets": [
// {
// "appName": "Test",
// "service": "Something",
// "domain": "Xyz",
// "username": "Abc",
// "azure_id": "https://kvchilkat.vault.azure.net/secrets/Test-Something-Xyz-Abc"
// },
// {
// "appName": "Test2",
// "service": "Custom",
// "domain": "Ocean",
// "username": "Starfish",
// "azure_id": "https://kvchilkat.vault.azure.net/secrets/Test2-Custom-Ocean-Starfish"
// }
// ]
// }
// ---------------------------------------------------------------------------------------
// Here's sample code for parsing the JSON list of secrets.
i = 0;
numSecrets = CkJsonObject_SizeOfArray(results,"secrets");
while (i < numSecrets) {
CkJsonObject_putI(results,i);
// Note: appName and domain are optional and may not exist in any given secret.
appName = CkJsonObject_stringOf(results,"secrets[i].appName");
service = CkJsonObject_stringOf(results,"secrets[i].service");
domain = CkJsonObject_stringOf(results,"secrets[i].domain");
username = CkJsonObject_stringOf(results,"secrets[i].username");
// Informational field for the raw Azure secret name.
azure_id = CkJsonObject_stringOf(results,"secrets[i].azure_id");
i = i + 1;
}
CkSecrets_Dispose(bootstrap);
CkJsonObject_Dispose(bsId);
CkSecrets_Dispose(secrets);
CkJsonObject_Dispose(jsonMatch);
CkJsonObject_Dispose(results);
}