为什么 Azure KeyVault getSecret 返回 Promise<pending> ?</pending>
[英]Why is Azure KeyVault getSecret returning Promise <pending>?
问题描述
I followed the Microsoft tutorial on this link: https://docs.microsoft.com/en-us/azure/key-vault/secrets/quick-create-node but I want to have them as separate functions instead of putting them into one main function.
我按照此链接上的 Microsoft 教程进行操作: https://docs.microsoft.com/en-us/azure/key-vault/secrets/quick-create-node但我希望将它们作为单独的函数而不是将它们放入一个主要的 function。
This is what I have, setSecret works fine but getSecret is returning Promise?这就是我所拥有的,setSecret 工作正常但 getSecret 返回 Promise?
2 个解决方案
解决方案1
1 2021-04-19 14:55:46
Both getSecret and setSecret return a Promise because they are asynchronous methods that need to make an HTTP request to the Key Vault service. getSecret和setSecret都返回Promise ,因为它们是异步方法,需要向 Key Vault 服务发出 HTTP 请求。
If you were to try the following:如果您要尝试以下操作:
const secretPromise = client.setSecret(secretName, secretValue);
You'll notice that secretPromise is a Promise<KeyVaultSecret> as per the API documentation根据API 文档,您会注意到secretPromise是一个Promise<KeyVaultSecret>
This allows you to wait for the secret to be set and get back the newly set secret:这使您可以等待设置秘密并取回新设置的秘密:
const secret = await client.setSecret(secretName, secretValue);
Be mindful that by not waiting for the setSecret call to succeed you will be unable to:请注意,如果不等待setSecret调用成功,您将无法:
- Get the newly created secret (unless you get lucky with timing)获取新创建的秘密(除非你运气好)
- Be notified and handle any errors if
setSecretfails (you can verify this by creating the secret client with an invalid Key Vault URL and running both functions -azureSetSecretwill claim success butazureGetSecretwill throw an error)如果setSecret失败,将收到通知并处理任何错误(您可以通过使用无效的 Key Vault URL 创建秘密客户端并运行这两个函数来验证这一点 -azureSetSecret将声称成功,但azureGetSecret将引发错误)
解决方案2
-1 2021-04-19 07:35:17
I'm not sure if you are trying to find a way which allows you to obtain key vault secrets in nodejs.我不确定您是否正在尝试找到一种允许您在 nodejs 中获取密钥库机密的方法。 As the quick start sample you mentioned above, microsoft provides a async method await client.getSecret(secretName) for nodejs.作为您上面提到的快速入门示例,microsoft 为 nodejs 提供了一个异步方法await client.getSecret(secretName) 。
Here I'd like to recommend you using rest api to access key vault secret.在这里,我想推荐您使用 rest api来访问密钥保管库机密。 When calling the api, you need to generate an access token as the request header, you can refer to this sample or take a look at my test project below.在调用 api 时,需要生成一个访问令牌作为请求 header,您可以参考这个示例或者看看我下面的测试项目。
calling api:调用 api:
const axios = require('axios');
const auth = require('./credenticalflow');
let vaultName = 'key vault name';
let keyName = 'key name';
let accesstoken = '';
let secret = '';
init();
async function init(){
const authResponse = await auth.getToken(auth.tokenRequest);
accesstoken = authResponse.accessToken;
getsecret(vaultName,keyName,accesstoken);
console.log("22222222:"+secret);
}
function getsecret(vaultName,keyName,token){
console.log('the token is :'+ token);
axios.get('https://'+vaultName+'.vault.azure.net/secrets/'+keyName+'/7d4b682f5c9a41578602aa5b86611aa7?api-version=7.1',{
headers: {
'Authorization': 'Bearer '+token
}
})
.then(function (response) {
// handle success
secret = response.data.value;
console.log("1111111:"+secret);
})
.catch(function (error) {
// handle error
console.log('error');
});
}
generate access token:生成访问令牌:
const msal = require('@azure/msal-node');
const msalConfig = {
auth: {
clientId: 'azure ad app cilent id',
authority: 'https://login.microsoftonline.com/<your tenant name such as xx.onmicrosoft.com>',
clientSecret: 'client secret for the azure ad app',
}
};
const tokenRequest = {
scopes: ['https://vault.azure.net/.default'],
};
const cca = new msal.ConfidentialClientApplication(msalConfig);
async function getToken(tokenRequest) {
return await cca.acquireTokenByClientCredential(tokenRequest);
}
module.exports = {
tokenRequest: tokenRequest,
getToken: getToken
};
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.