feat(61): implement AdditionalStringsForConfigurationPath (#69)

* feat(61): implement AdditionalStringsForConfigurationPath

* chore: made AdditionalCharactersForConfigurationPath obsolete

Author: MeikelLP

Source/VaultSharp.Extensions.Configuration/VaultConfigurationProvider.cs

@@ -81,7 +81,7 @@ public override void Load()
                             {
                                 if (this.ConfigurationSource.Options.AcceptInsecureConnection)
                                 {
-#if NETSTANDARD2_0                                    
+#if NETSTANDARD2_0
                                     clientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, sslPolicyErrors) => true;
 #else
                                     clientHandler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
@@ -119,7 +119,7 @@ public override void Load()
 
         /// <summary>
         /// This will fetch the vault token again before the new operation.
-        /// Use IConfiguration object: configurationRoot.Providers.OfType&lt;VaultConfigurationProvider&lt;().FirstOrDefault().ResetToken(); 
+        /// Use IConfiguration object: configurationRoot.Providers.OfType&lt;VaultConfigurationProvider&lt;().FirstOrDefault().ResetToken();
         /// See https://github.com/rajanadar/VaultSharp/blob/34ab400c2a295f4a81d97fc5d65f38509c7e0f05/README.md?plain=1#L92
         /// </summary>
         public void ResetToken() => this.vaultClient?.V1.Auth.ResetVaultToken();
@@ -146,7 +146,7 @@ private async Task<bool> LoadVaultDataAsync(IVaultClient vaultClient)
                     {
                         key = this.ConfigurationSource.Options.KeyPrefix + ":" + key;
                     }
-                    
+
                 }
                 var data = secretData.SecretData.Data;
 
@@ -292,16 +292,16 @@ private async IAsyncEnumerable<KeyedSecretData> ReadKeysAsync(IVaultClient vault
 
         private string ReplaceTheAdditionalCharactersForConfigurationPath(string inputKey)
         {
-            if (!this.ConfigurationSource.Options.AdditionalCharactersForConfigurationPath.Any())
+            if (!this.ConfigurationSource.Options.AdditionalStringsForConfigurationPath.Any())
             {
                 return inputKey;
             }
 
             var outputKey = new StringBuilder(inputKey);
 
-            foreach (var c in this.ConfigurationSource.Options.AdditionalCharactersForConfigurationPath)
+            foreach (var c in this.ConfigurationSource.Options.AdditionalStringsForConfigurationPath)
             {
-                outputKey.Replace(c, ':');
+                outputKey.Replace(c, ":");
             }
 
             return outputKey.ToString();

Source/VaultSharp.Extensions.Configuration/VaultOptions.cs

@@ -2,6 +2,7 @@ namespace VaultSharp.Extensions.Configuration
 {
     using System;
     using System.Collections.Generic;
+    using System.Linq;
     using System.Net.Http;
     using System.Net.Security;
     using System.Security.Cryptography.X509Certificates;
@@ -24,6 +25,7 @@ public class VaultOptions
         /// <param name="omitVaultKeyName">Omit Vault Key Name in Configuration Keys.</param>
         /// <param name="keyPrefix">Store all Vault keys under this prefix </param>
         /// <param name="additionalCharactersForConfigurationPath">Additional characters for the Configuration path.</param>
+        /// <param name="additionalStringsForConfigurationPath">Additional strings for the Configuration path.</param>
         /// <param name="namespace">Vault namespace.</param>
         /// <param name="alwaysAddTrailingSlashToBasePath">Should a trailing slash be added to the base path. See AlwaysAddTrailingSlashToBasePath property for details </param>
         /// <param name="insecureConnection">(Dangerous!) Ignore certificate validation. This implies self-signed certificates are accepted.</param>
@@ -38,6 +40,7 @@ public VaultOptions(
             bool omitVaultKeyName = false,
             string? keyPrefix = null,
             IEnumerable<char>? additionalCharactersForConfigurationPath = null,
+            IEnumerable<string>? additionalStringsForConfigurationPath = null,
             string? @namespace = null,
             bool alwaysAddTrailingSlashToBasePath = true,
             bool insecureConnection = false,
@@ -51,7 +54,10 @@ public VaultOptions(
             this.ReloadCheckIntervalSeconds = reloadCheckIntervalSeconds;
             this.OmitVaultKeyName = omitVaultKeyName;
             this.KeyPrefix = keyPrefix;
+#pragma warning disable CS0618 // Type or member is obsolete
             this.AdditionalCharactersForConfigurationPath = additionalCharactersForConfigurationPath ?? Array.Empty<char>();
+#pragma warning restore CS0618 // Type or member is obsolete
+            this.AdditionalStringsForConfigurationPath = [..additionalStringsForConfigurationPath ?? [], ..(additionalCharactersForConfigurationPath ?? []).Select(x => x.ToString())];
             this.Namespace = @namespace;
             this.AlwaysAddTrailingSlashToBasePath = alwaysAddTrailingSlashToBasePath;
             this.AcceptInsecureConnection = insecureConnection;
@@ -67,6 +73,7 @@ public VaultOptions(
         /// <param name="reloadCheckIntervalSeconds">Interval in seconds to check Vault for any changes.</param>
         /// <param name="omitVaultKeyName">Omit Vault Key Name in Configuration Keys.</param>
         /// <param name="additionalCharactersForConfigurationPath">Additional characters for the Configuration path.</param>
+        /// <param name="additionalStringsForConfigurationPath">Additional strings for the Configuration path.</param>
         /// <param name="namespace">Vault namespace.</param>
         /// <param name="alwaysAddTrailingSlashToBasePath">Should a trailing slash be added to the base path. See AlwaysAddTrailingSlashToBasePath property for details </param>
         /// <param name="insecureConnection">(Dangerous!) Ignore certificate validation. This implies self-signed certificates are accepted.</param>
@@ -78,6 +85,7 @@ public VaultOptions(
             int reloadCheckIntervalSeconds = 300,
             bool omitVaultKeyName = false,
             IEnumerable<char>? additionalCharactersForConfigurationPath = null,
+            IEnumerable<string>? additionalStringsForConfigurationPath = null,
             string? @namespace = null,
             bool alwaysAddTrailingSlashToBasePath = true,
             bool insecureConnection = false,
@@ -88,7 +96,10 @@ public VaultOptions(
             this.ReloadOnChange = reloadOnChange;
             this.ReloadCheckIntervalSeconds = reloadCheckIntervalSeconds;
             this.OmitVaultKeyName = omitVaultKeyName;
+#pragma warning disable CS0618 // Type or member is obsolete
             this.AdditionalCharactersForConfigurationPath = additionalCharactersForConfigurationPath ?? Array.Empty<char>();
+#pragma warning restore CS0618 // Type or member is obsolete
+            this.AdditionalStringsForConfigurationPath = [..additionalStringsForConfigurationPath ?? [], ..(additionalCharactersForConfigurationPath ?? []).Select(x => x.ToString())];
             this.Namespace = @namespace;
             this.AlwaysAddTrailingSlashToBasePath = alwaysAddTrailingSlashToBasePath;
             this.AcceptInsecureConnection = insecureConnection;
@@ -143,9 +154,17 @@ public VaultOptions(
 
         /// <summary>
         /// Gets an array of characters that will be used as a path to form the Configuration.
+        /// This may not be equal to <see cref="AdditionalStringsForConfigurationPath"/>.
         /// </summary>
+        [Obsolete($"Please use ${nameof(AdditionalStringsForConfigurationPath)}. This property will be removed in a future release.")]
         public IEnumerable<char> AdditionalCharactersForConfigurationPath { get; }
 
+        /// <summary>
+        /// Gets an array of strings that will be used as a path to form the Configuration.
+        /// Contains string values of <see cref="AdditionalCharactersForConfigurationPath"/>.
+        /// </summary>
+        public IEnumerable<string> AdditionalStringsForConfigurationPath { get; }
+
         /// <summary>
         /// Gets Vault namespace.
         /// </summary>
@@ -161,8 +180,8 @@ public VaultOptions(
         /// <summary>
         /// Indicates whether we should disregard the certificate validation (for examples, servers behind Internet aren't likely to have a strong certs but we can't afford to use HTTP either)
         /// Previously, the certificate behavior can be set globally, but subsequently removed in .NET Core and onwards due to security reasons.
-        /// We need to set the behavior to each HttpClient on a case-by-case basis. As such, this option is provided as a resolution. 
-        /// If it is true, a custom PostProcessHttpClientHandlerAction will be injected to the VaultClientSettings to accept any server certificate. 
+        /// We need to set the behavior to each HttpClient on a case-by-case basis. As such, this option is provided as a resolution.
+        /// If it is true, a custom PostProcessHttpClientHandlerAction will be injected to the VaultClientSettings to accept any server certificate.
         /// Default value: false. Hashicorp also recommend using a proper CA to setup Vault access due to security concerns.
         /// </summary>
         public bool AcceptInsecureConnection { get; }
@@ -178,7 +197,7 @@ public VaultOptions(
         /// </summary>
         /// <remarks>
         /// The action will be invoked after the VaultSharp provider applies the AcceptInsecureConnection and ServerCertificateCustomValidationCallback
-        /// customizations, if you enabled them.  Be aware that if you overwrite the HttpMessageHandler's ServerCertificateCustomValidationCallback 
+        /// customizations, if you enabled them.  Be aware that if you overwrite the HttpMessageHandler's ServerCertificateCustomValidationCallback
         /// in your action-handler method, you will cancel out the effect of enabling the AcceptInsecureConnection and/or
         /// ServerCertificateCustomValidationCallback options.
         /// </remarks>

Tests/VaultSharp.Extensions.Configuration.Test/IntegrationTests.cs

@@ -168,7 +168,7 @@ public async Task Success_SimpleTest_TokenAuth()
                 configurationRoot.GetValue<int>("option3").Should().Be(5);
                 configurationRoot.GetValue<bool>("option4").Should().Be(true);
                 configurationRoot.GetValue<string>("option5:0").Should().Be("v1");
-                configurationRoot.GetValue<string>("option5:1").Should().Be("v2"); 
+                configurationRoot.GetValue<string>("option5:1").Should().Be("v2");
                 configurationRoot.GetValue<string>("option5:2").Should().Be("v3");
                 var t1 = new TestConfigObject();
                 configurationRoot.Bind("option6:0", t1);
@@ -228,6 +228,12 @@ public async Task Success_SimpleTestWithKeyPrefix_TokenAuth()
                             new KeyValuePair<string, object>("option7", "value7"),
                         }
                     },
+                    {
+                        "test/otherSubsection__otherSubsection2/otherSubsection3__otherSubsection4__otherSubsection6", new[]
+                        {
+                            new KeyValuePair<string, object>("option9", "value9"),
+                        }
+                    },
                     {
                         "test/subsection/testsection", new[]
                         {
@@ -247,7 +253,7 @@ public async Task Success_SimpleTestWithKeyPrefix_TokenAuth()
 
                 var keyPrefix = "MyConfig";
                 builder.AddVaultConfiguration(
-                    () => new VaultOptions("http://localhost:8200", "root", additionalCharactersForConfigurationPath: new[] { '.' }, keyPrefix: keyPrefix),
+                    () => new VaultOptions("http://localhost:8200", "root", additionalCharactersForConfigurationPath: new[] { '.' }, additionalStringsForConfigurationPath: ["__"], keyPrefix: keyPrefix),
                     "test",
                     "secret",
                     this.logger);
@@ -258,7 +264,7 @@ public async Task Success_SimpleTestWithKeyPrefix_TokenAuth()
                 configurationRoot.GetValue<int>($"{keyPrefix}:option3").Should().Be(5);
                 configurationRoot.GetValue<bool>($"{keyPrefix}:option4").Should().Be(true);
                 configurationRoot.GetValue<string>($"{keyPrefix}:option5:0").Should().Be("v1");
-                configurationRoot.GetValue<string>($"{keyPrefix}:option5:1").Should().Be("v2"); 
+                configurationRoot.GetValue<string>($"{keyPrefix}:option5:1").Should().Be("v2");
                 configurationRoot.GetValue<string>($"{keyPrefix}:option5:2").Should().Be("v3");
                 var t1 = new TestConfigObject();
                 configurationRoot.Bind($"{keyPrefix}:option6:0", t1);
@@ -270,11 +276,17 @@ public async Task Success_SimpleTestWithKeyPrefix_TokenAuth()
                 t2.OptionB.Should().Be("b2");
                 configurationRoot.GetSection($"{keyPrefix}:subsection").GetValue<string>("option2").Should().Be("value2");
                 configurationRoot.GetSection($"{keyPrefix}:otherSubsection")
-                    .GetSection($"otherSubsection2")
+                    .GetSection("otherSubsection2")
                     .GetSection("otherSubsection3")
                     .GetSection("otherSubsection4")
                     .GetSection("otherSubsection5")
                     .GetValue<string>("option7").Should().Be("value7");
+                configurationRoot.GetSection($"{keyPrefix}:otherSubsection")
+                    .GetSection("otherSubsection2")
+                    .GetSection("otherSubsection3")
+                    .GetSection("otherSubsection4")
+                    .GetSection("otherSubsection6")
+                    .GetValue<string>("option9").Should().Be("value9");
                 configurationRoot.GetSection($"{keyPrefix}:subsection").GetSection("testsection").GetValue<string>("option8").Should().Be("value8");
             }
             finally
@@ -754,7 +766,7 @@ public async Task Failure_PermissionDenied()
                 Action act = () => builder.Build();
                 act.Should().Throw<VaultApiException>().And.HttpStatusCode.Should().Be(HttpStatusCode.Forbidden);
 
-            }           
+            }
             finally
             {
                 await cts.CancelAsync();