Custom Refresh Logic

Credentials are all registered on startup and are usually given an expiration date. This allows for any process later in the application to ask the manager to retrieve a credential. The below example shows how to register SuperCredential, and two possible return values:

CredentialStore.RegisterRefresh("SuperCredential", (o) => {

        //Call third party API
        //Reach out to database
        //Request keys from AWS
        //Do anything you need to get authorization details

        //Then return either a good credential:
        return new CredentialStoreItem() { 
            Expiration = DateTimeOffset.Now.AddMinutes(60),
            Authorization = "ABCDEFG",
            Scope = "offline.access",
            StoreA = "Custom ValueStore"
        };

        //Or a faulted one:
        return new FaultedCredentialStoreItem("External ERROR", new Exception("Exception thrown while trying to get credential!!!"), retry: true);
    });

When the application loads up or a new credential is created, the local drive is checked and all previously non expired credentials are restored immediately. This allows for applications to be safely shut down and restarted without interrupting or over-retrieving from an external API.

During the retrieval process, the CredentialStore checks for existence of the credential, it's expiration and then checks if the expiration is within N number of minutes(user defined) before returning to the caller.

//Use default settings
CredentialStore.GetCredential("SuperCredential"); 

//Set all settings on retrieval 
CredentialStore.GetCredential("SuperCredential", maxRetries: 3, retryMS: 1000, expireTimeBufferSeconds: 600);

In Summary: the CredentialStore does several important things:

It automatically caches the authorization details to disk and retrieves them again on application reload.
When supplying expiration dates to a credential, it's able to renew itself when it's required before sending back the old authorization parameters.
The retrieval call is automatically retried to prevent a blip in connectivity from stopping a process.
It will automatically renew the token a defined number of minutes before expiration, allowing long running processes not to fail while in the middle of execution.
It integrates seamlessly with RestSharp, allowing all HTTP(S) traffic to automatically and internally pull credentials

PreviousConnection Strings NextRestSharp Authenticator

Last updated 1 year ago