Bug Fix: Initializing _certDataReader #9
Conversation
joevanwanzeeleKF
commented
Oct 29, 2025
joevanwanzeeleKF
commented
- bug fix: _certDataReader is now initialized in the Initialize method
… version of the integration
…sm for getting product ID's. Added check for a null response.
There was a problem hiding this comment.
Pull request overview
This PR addresses a bug where the _certDataReader field was not being initialized in the Initialize method, along with multiple improvements to API response handling, logging, and spelling corrections throughout the codebase. The changes also update package dependencies and refactor how Vault API responses are deserialized by properly handling the wrapped response format.
Key changes:
- Fixed bug where
_certificateDataReaderwas not initialized in the Initialize method (line 57) - Changed
RevocationTimefromDateTime?tostringinCertResponseto properly handle RFC3339 formatted timestamps from Vault API - Updated multiple package dependencies to newer versions, including several to version 10.0.0
- Refactored Vault API calls to use
WrappedResponse<T>wrapper for proper deserialization of nested response data - Corrected multiple spelling errors ("retreive" → "retrieve", "successfule" → "successful")
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| hashicorp-vault-cagateway/HashicorpVaultCAConnector.cs | Initializes _certificateDataReader, adds assembly version logging, changes RevocationTime handling from DateTime to string, fixes spelling errors, adds cancellation token to sync operations |
| hashicorp-vault-cagateway/Client/VaultHttp.cs | Enhanced logging, improved deserialization handling, fixed error message terminology |
| hashicorp-vault-cagateway/Client/HashicorpVaultClient.cs | Refactored to use WrappedResponse wrapper for API calls, fixed spelling in documentation |
| hashicorp-vault-cagateway/APIProxy/WrappedResponse.cs | Added RequestId and MountType properties to match Vault API response structure |
| hashicorp-vault-cagateway/APIProxy/CertResponse.cs | Changed RevocationTime from DateTime? to string, added RevocationTimestamp property |
| hashicorp-vault-cagateway/hashicorp-vault-caplugin.csproj | Updated package versions and added Microsoft.Extensions.Logging.Abstractions, removed Resources configuration |
| hashicorp-vault-cagateway/Properties/launchSettings.json | Removed launch settings file |
| readme_source.md | Fixed spelling error in documentation |
| CHANGELOG.md | Added entry documenting the bug fix |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| Certificate = certFromVault.Certificate, | ||
| Status = vaultStatus, | ||
| RevocationDate = certFromVault.RevocationTime | ||
| RevocationDate = !string.IsNullOrEmpty(certFromVault.RevocationTime) ? DateTime.Parse(certFromVault.RevocationTime) : null, |
There was a problem hiding this comment.
The DateTime.Parse call should specify culture and DateTimeStyles for consistent parsing. Line 173 properly handles this with CultureInfo.InvariantCulture and DateTimeStyles, but this line doesn't. Consider using the same pattern for consistency: DateTime.Parse(certFromVault.RevocationTime, System.Globalization.CultureInfo.InvariantCulture, System.Globalization.DateTimeStyles.AdjustToUniversal | System.Globalization.DateTimeStyles.AssumeUniversal)
| string serializedParams = JsonSerializer.Serialize(parameters, _serializerOptions); | ||
| logger.LogTrace($"serialized parameters (from {parameters.GetType()?.Name}): {serializedParams}"); | ||
| string serializedParams = JsonSerializer.Serialize(parameters); | ||
| logger.LogTrace($"deserialized parameters (from {parameters.GetType()?.Name}): {serializedParams}"); |
There was a problem hiding this comment.
The log message refers to "deserialized parameters" but should be "serialized parameters" since the code is serializing the parameters object into JSON format.
| logger.LogTrace($"deserialized parameters (from {parameters.GetType()?.Name}): {serializedParams}"); | |
| logger.LogTrace($"serialized parameters (from {parameters.GetType()?.Name}): {serializedParams}"); |
| { | ||
| var res = await _vaultHttp.GetAsync<WrappedResponse<KeyedList>>("certs/?list=true"); | ||
| return res.Data.Entries; | ||
| return res.Data?.Entries; |
There was a problem hiding this comment.
Potential null reference issue: The code accesses res.Data?.Entries without null-checking res itself. If the GetAsync call returns null, this will throw a NullReferenceException. Consider adding a null check for the response object before accessing its Data property.
| var res = await _vaultHttp.GetAsync<KeyedList>("certs/revoked"); | ||
| keys = res.Entries; | ||
| var res = await _vaultHttp.GetAsync<WrappedResponse<KeyedList>>("certs/revoked"); | ||
| keys = res.Data?.Entries; |
There was a problem hiding this comment.
Potential null reference issue: The code accesses res.Data?.Entries without null-checking res itself. If the GetAsync call returns null, this will throw a NullReferenceException. Consider adding a null check for the response object before accessing its Data property.
| }; | ||
| }; | ||
|
|
||
| blockingBuffer.Add(newCert); |
There was a problem hiding this comment.
The blockingBuffer.Add() call at line 357 is missing the cancellation token parameter, while line 331 correctly includes it. For consistency and proper cancellation handling, this should be: blockingBuffer.Add(newCert, cancelToken);
| blockingBuffer.Add(newCert); | |
| blockingBuffer.Add(newCert, cancelToken); |
| Status = certFromVault.RevocationTime != null ? (int)EndEntityStatus.REVOKED : (int)EndEntityStatus.GENERATED, | ||
| RevocationDate = certFromVault.RevocationTime, | ||
| Status = !string.IsNullOrEmpty(certFromVault.RevocationTime) ? (int)EndEntityStatus.REVOKED : (int)EndEntityStatus.GENERATED, | ||
| RevocationDate = !string.IsNullOrEmpty(certFromVault.RevocationTime) ? DateTime.Parse(certFromVault.RevocationTime) : null |
There was a problem hiding this comment.
The DateTime.Parse call should specify culture and DateTimeStyles for consistent parsing. Line 173 properly handles this with CultureInfo.InvariantCulture and DateTimeStyles, but this line doesn't. Consider using the same pattern for consistency: DateTime.Parse(certFromVault.RevocationTime, System.Globalization.CultureInfo.InvariantCulture, System.Globalization.DateTimeStyles.AdjustToUniversal | System.Globalization.DateTimeStyles.AssumeUniversal)
| RevocationDate = !string.IsNullOrEmpty(certFromVault.RevocationTime) ? DateTime.Parse(certFromVault.RevocationTime) : null | |
| RevocationDate = !string.IsNullOrEmpty(certFromVault.RevocationTime) | |
| ? DateTime.Parse( | |
| certFromVault.RevocationTime, | |
| System.Globalization.CultureInfo.InvariantCulture, | |
| System.Globalization.DateTimeStyles.AdjustToUniversal | System.Globalization.DateTimeStyles.AssumeUniversal) | |
| : null |
| Certificate = cert.Certificate, | ||
| Status = revoked ? (int)EndEntityStatus.REVOKED : (int)EndEntityStatus.GENERATED, | ||
| RevocationDate = cert.RevocationTime | ||
| RevocationDate = cert.RevocationTime != null ? DateTime.Parse(cert.RevocationTime.ToString(), System.Globalization.CultureInfo.InvariantCulture, System.Globalization.DateTimeStyles.AdjustToUniversal | System.Globalization.DateTimeStyles.AssumeUniversal) : null |
There was a problem hiding this comment.
The RevocationDate parsing should handle the new string-based RevocationTime property more carefully. Since RevocationTime is now a string (changed in CertResponse.cs), you should check if it's null or empty before parsing: RevocationDate = !string.IsNullOrEmpty(cert.RevocationTime) ? DateTime.Parse(cert.RevocationTime) : null. The current code calls .ToString() on a string, which is redundant and may mask potential issues.
| string rawConfig = JsonSerializer.Serialize(configProvider.CAConnectionData); | ||
| logger.LogTrace($"serialized config: {rawConfig}"); | ||
| _caConfig = JsonSerializer.Deserialize<HashicorpVaultCAConfig>(rawConfig); | ||
| logger.MethodExit(LogLevel.Trace); |
There was a problem hiding this comment.
The logger.MethodExit() call at line 55 is placed before the initialization completes. The method continues with additional initialization steps (lines 56-69) after this exit log. This should be moved to line 69, just before the closing brace, to accurately reflect when the method completes.
