From 081d8d3284a5303428f9e9e854e430ba89851938 Mon Sep 17 00:00:00 2001
From: damienbod <damien_bod@hotmail.com>
Date: Sun, 27 Aug 2023 07:19:57 +0200
Subject: [PATCH] switch credential

---
 .../CallApi/ConfidentialClientApiService.cs                | 7 ++++++-
 .../ServiceApi/HostingExtensions.cs                        | 2 --
 .../ServiceApi/Program.cs                                  | 2 +-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/CallApi/ConfidentialClientApiService.cs b/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/CallApi/ConfidentialClientApiService.cs
index 0660bae..6491e35 100644
--- a/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/CallApi/ConfidentialClientApiService.cs
+++ b/ConfidentialClientCredentialsCertificate/MyServerRenderedPortal/CallApi/ConfidentialClientApiService.cs
@@ -68,7 +68,12 @@ private async Task<X509Certificate2> GetCertificateAsync(string? identitifier)
         var vaultBaseUrl = _configuration["CallApi:ClientCertificates:0:KeyVaultUrl"];
         vaultBaseUrl ??= "https://damienbod.vault.azure.net";
 
-        var secretClient = new SecretClient(vaultUri: new Uri(vaultBaseUrl), credential: new DefaultAzureCredential());
+        var tenantId = _configuration["CallApi:TenantId"];
+        var clientId = _configuration["CallApi:ClientId"];
+        var clientSecretKeyVaultAccess = _configuration["ClientSecretKeyVaultAccess"];
+
+        var secretClient = new SecretClient(vaultUri: new Uri(vaultBaseUrl),
+            credential: new ClientSecretCredential(tenantId, clientId, clientSecretKeyVaultAccess));
 
         // Create a new secret using the secret client.
         var secretName = identitifier;
diff --git a/ConfidentialClientCredentialsCertificate/ServiceApi/HostingExtensions.cs b/ConfidentialClientCredentialsCertificate/ServiceApi/HostingExtensions.cs
index e22cc65..f6d7a30 100644
--- a/ConfidentialClientCredentialsCertificate/ServiceApi/HostingExtensions.cs
+++ b/ConfidentialClientCredentialsCertificate/ServiceApi/HostingExtensions.cs
@@ -19,8 +19,6 @@ public static WebApplication ConfigureServices(this WebApplicationBuilder builde
 
         services.AddControllers();
 
-        services.AddSingleton<IAuthorizationHandler, HasServiceApiRoleHandler>();
-
         services.AddAuthorization(options =>
         {
             options.AddPolicy("ValidateAccessTokenPolicy", validateAccessTokenPolicy =>
diff --git a/ConfidentialClientCredentialsCertificate/ServiceApi/Program.cs b/ConfidentialClientCredentialsCertificate/ServiceApi/Program.cs
index 6531f82..6235bc4 100644
--- a/ConfidentialClientCredentialsCertificate/ServiceApi/Program.cs
+++ b/ConfidentialClientCredentialsCertificate/ServiceApi/Program.cs
@@ -32,7 +32,7 @@
             else
             {
                 // Add Secrets from UserSecrets for local development
-                configurationBuilder.AddUserSecrets("9f17b08c-435a-4f50-ba7a-802e68ca8d80");
+                configurationBuilder.AddUserSecrets("196b270c-b0c0-4b90-8f04-d3108e701d51");
             }
         });