Fail if secret is empty as it could be missing (#2295)

Summary Throwing an error if keyvault secret does not exist or is stored empty in the KV, as in both situation it is a broken secret. Doing it from app as Platform does not fail if the secret does not exist. Fixes # [AB#544481](https://dynamicssmb2.visualstudio.com/1fcb79e7-ab07-432a-a3c6-6cf5a88ba4a5/_workitems/edit/544481) --------- Co-authored-by: WaelAbuSeada <[email protected]>
microsoft · Nov 6, 2024 · 936bb22 · 936bb22
1 parent 58d2f66
commit 936bb22
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/src/System Application/App/Azure Key Vault/src/AzureKeyVaultImpl.Codeunit.al b/src/System Application/App/Azure Key Vault/src/AzureKeyVaultImpl.Codeunit.al
@@ -30,18 +30,25 @@ codeunit 2202 "Azure Key Vault Impl."
         IsKeyVaultClientInitialized: Boolean;
         AzureKeyVaultTxt: Label 'Azure Key Vault', Locked = true;
         CertificateInfoTxt: Label 'Successfully constructed certificate from secret %1. Certificate thumbprint %2', Locked = true;
+        MissingSecretErr: Label 'The secret %1 is either missing or empty.', Comment = '%1 = Secret Name.';
 
     [NonDebuggable]
     procedure GetAzureKeyVaultSecret(SecretName: Text; var Secret: Text)
     begin
         // Gets the secret as a Text from the key vault, given a SecretName.
         Secret := GetSecretFromClient(SecretName);
+
+        if Secret.Trim() = '' then
+            Error(MissingSecretErr, SecretName);
     end;
 
     [NonDebuggable]
     procedure GetAzureKeyVaultSecret(SecretName: Text; var Secret: SecretText)
     begin
         Secret := GetSecretFromClient(SecretName);
+
+        if Secret.IsEmpty() then
+            Error(MissingSecretErr, SecretName);
     end;
 
     [NonDebuggable]

diff --git a/src/System Application/Test/Azure Key Vault/src/AzureKeyVaultTest.Codeunit.al b/src/System Application/Test/Azure Key Vault/src/AzureKeyVaultTest.Codeunit.al
@@ -23,6 +23,7 @@ codeunit 135212 "Azure Key Vault Test"
     var
         Assert: Codeunit "Library Assert";
         KeyVaultNotInitializedTxt: Label 'Azure key vault has not been set up';
+        MissingSecretErr: Label '%1 is either missing or empty', Locked = true;
 
     [Test]
     [TransactionModel(TransactionModel::AutoRollback)]
@@ -95,11 +96,12 @@ codeunit 135212 "Azure Key Vault Test"
 
         // [GIVEN] A configured Azure Key Vault
         MockAzureKeyvaultSecretProvider := MockAzureKeyvaultSecretProvider.MockAzureKeyVaultSecretProvider();
+        MockAzureKeyvaultSecretProvider.AddSecretMapping('some-secret', 'SecretFromKeyVault');
         AzureKeyVaultTestLibrary.SetAzureKeyVaultSecretProvider(MockAzureKeyvaultSecretProvider);
-        AzureKeyVaultTestLibrary.ClearSecrets();
 
         // [WHEN] The key vault is called with an unknown key
         asserterror AzureKeyVault.GetAzureKeyVaultSecret('somekeythatdoesnotexist', Secret);
+        Assert.ExpectedError(StrSubstNo(MissingSecretErr, 'somekeythatdoesnotexist'));
     end;
 
     [Test]