Store and pull tenant creds from Key Vault.

The tenant ID should be hashed and used as the key for the JSON blob of relevant creds for any given tenant. Azure CSP interface methods that need to source creds should call the internal `_source_creds` method, either with a `tenant_id` or no parameters. That method will source the creds. If a tenant ID is provided, it will source them from the Key Vault. If not provided, it will return the default creds for the app registration in the home tenant.
2020-01-27 15:00:20 -05:00
parent a10d733fb7
commit abd03be806
10 changed files with 186 additions and 50 deletions
--- a/atst/models/portfolio_state_machine.py
+++ b/atst/models/portfolio_state_machine.py
@@ -175,7 +175,7 @@ class PortfolioStateMachine(
                tenant_id = new_creds.get("tenant_id")
                secret = self.csp.get_secret(tenant_id, new_creds)
                secret.update(new_creds)
-                self.csp.set_secret(tenant_id, secret)
+                self.csp.update_tenant_creds(tenant_id, secret)
        except PydanticValidationError as exc:
            app.logger.error(
                f"Failed to cast response to valid result class {self.__repr__()}:",