Skip to content

Export credentials from azure_identity #756

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
May 20, 2022
Merged

Export credentials from azure_identity #756

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
a1bad6e
Export credentials from azure_identity
heaths May 19, 2022
d3dce4b
remove token_credentials from path
ctaggart May 20, 2022
0277413
fix example
ctaggart May 20, 2022
c56c5df
Merge remote-tracking branch 'origin/main' into refactor_identity
ctaggart May 20, 2022
6db0fb3
update changelog
ctaggart May 20, 2022
8a59221
update merged example
ctaggart May 20, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion sdk/device_update/examples/delete_update.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/get_file.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/get_operation.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/get_update.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/import_update.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/list_files.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/list_names.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/list_operations.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/list_providers.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/list_updates.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/examples/list_versions.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use azure_device_update::DeviceUpdateClient;
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use std::{env, sync::Arc};

#[tokio::main]
Expand Down
6 changes: 3 additions & 3 deletions sdk/device_update/src/client.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ use azure_core::{
auth::{TokenCredential, TokenResponse},
Error as CoreError, HttpError,
};
use azure_identity::token_credentials::AutoRefreshingTokenCredential;
use azure_identity::AutoRefreshingTokenCredential;
use const_format::formatcp;
use serde::de::DeserializeOwned;
use std::sync::Arc;
Expand All @@ -18,7 +18,7 @@ pub(crate) const API_VERSION_PARAM: &str = formatcp!("api-version={}", API_VERSI
///
/// ```no_run
/// use azure_device_update::DeviceUpdateClient;
/// use azure_identity::token_credentials::DefaultAzureCredential;
/// use azure_identity::DefaultAzureCredential;
/// let creds = std::sync::Arc::new(DefaultAzureCredential::default());
/// let client = DeviceUpdateClient::new("contoso.api.adu.microsoft.com", creds).unwrap();
/// ```
Expand All @@ -37,7 +37,7 @@ impl DeviceUpdateClient {
///
/// ```no_run
/// use azure_device_update::DeviceUpdateClient;
/// use azure_identity::token_credentials::DefaultAzureCredential;
/// use azure_identity::DefaultAzureCredential;
/// let creds = std::sync::Arc::new(DefaultAzureCredential::default());
/// let client = DeviceUpdateClient::new("contoso.api.adu.microsoft.com", creds).unwrap();
/// ```
Expand Down
2 changes: 1 addition & 1 deletion sdk/device_update/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ pub type Result<T> = std::result::Result<T, Error>;
#[cfg(test)]
mod tests {
use azure_core::auth::{TokenCredential, TokenResponse};
use azure_identity::token_credentials::AutoRefreshingTokenCredential;
use azure_identity::AutoRefreshingTokenCredential;
use chrono::{Duration, Utc};
use oauth2::AccessToken;
use std::sync::Arc;
Expand Down
3 changes: 3 additions & 0 deletions sdk/identity/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
# 0.3.0 (2022-05)

- [#756](https://github.com/Azure/azure-sdk-for-rust/pull/756) Export credentials from azure_identity
- BREAKING CHANGE: the credential types have moved. For example:
- use `azure_identity::DefaultAzureCredential` instead of `azure_identity::token_credentials::DefaultAzureCredential`
- [#751](https://github.com/Azure/azure-sdk-for-rust/pull/751) datetime from azure cli token is in the local timezone
- [#748](https://github.com/Azure/azure-sdk-for-rust/pull/748) adding option to specify client_id for MSI

Expand Down
2 changes: 2 additions & 0 deletions sdk/identity/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,3 +54,5 @@ The supported authentication flows are:
* [Device code flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-device-code).

This crate also includes utilities for handling refresh tokens and accessing token credentials from many different sources.

A list of changes can be found in [CHANGELOG.md](https://github.com/Azure/azure-sdk-for-rust/blob/main/sdk/identity/CHANGELOG.md);
2 changes: 1 addition & 1 deletion sdk/identity/examples/cli_credentials.rs → ...dentity/examples/azure_cli_credentials.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use azure_identity::token_credentials::*;
use azure_identity::*;
use std::error::Error;
use url::Url;

Expand Down
2 changes: 1 addition & 1 deletion sdk/identity/examples/client_certificate_credentials.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
/// please make sure to set the send_certificate_chain option to true otherwise
/// the authentication will fail.
use azure_core::auth::TokenCredential;
use azure_identity::token_credentials::{
use azure_identity::{
CertificateCredentialOptions, ClientCertificateCredential, DefaultAzureCredential,
};
use azure_security_keyvault::KeyClient;
Expand Down
6 changes: 3 additions & 3 deletions sdk/identity/examples/default_credentials.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use azure_identity::token_credentials::*;
use azure_identity::*;
use url::Url;

#[tokio::main]
Expand All @@ -7,7 +7,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {

let sub_id = std::env::var("AZURE_SUBSCRIPTION_ID")?;
let creds = DefaultAzureCredentialBuilder::new()
.exclude_cli_credential() // disable using CLI for credentials (just as an example)
.exclude_azure_cli_credential() // disable using CLI for credentials (just as an example)
.build();

let res = creds
Expand All @@ -32,6 +32,6 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
.text()
.await?;

println!("\n\nresp {:?}", resp);
println!("\n\n{:?}", resp);
Ok(())
}
2 changes: 1 addition & 1 deletion sdk/identity/examples/environment_credentials.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use azure_identity::token_credentials::*;
use azure_identity::*;
use std::error::Error;
use url::Url;

Expand Down
10 changes: 5 additions & 5 deletions sdk/identity/src/errors.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,19 +8,19 @@ use std::fmt;
pub enum Error {
/// An error getting credentials from the Azure CLI
#[error("Error getting token credentials from Azure CLI")]
AzureCliCredential(#[from] crate::token_credentials::AzureCliCredentialError),
AzureCliCredential(#[from] crate::AzureCliCredentialError),
/// An error getting credentials through the client secrect token credential flow
#[error("Client secret credentials error")]
ClientSecretCredential(#[from] crate::token_credentials::ClientSecretCredentialError),
ClientSecretCredential(#[from] crate::ClientSecretCredentialError),
/// An error getting credentials from the environment
#[error("Error getting environment credential")]
EnvironmentCredential(#[from] crate::token_credentials::EnvironmentCredentialError),
EnvironmentCredential(#[from] crate::EnvironmentCredentialError),
/// An error getting managed identity credentials
#[error("Error getting managed identity credential")]
ManagedIdentityCredential(#[from] crate::token_credentials::ManagedIdentityCredentialError),
ManagedIdentityCredential(#[from] crate::ManagedIdentityCredentialError),
/// An error using the default token credential flow
#[error("Error getting default credential")]
DefaultAzureCredentialError(#[from] crate::token_credentials::DefaultAzureCredentialError),
DefaultAzureCredentialError(#[from] crate::DefaultAzureCredentialError),
/// An error getting a refresh token
#[error("Error refreshing token")]
RefreshToken(#[from] crate::refresh_token::Error),
Expand Down
47 changes: 23 additions & 24 deletions sdk/identity/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,37 +1,35 @@
//! Azure OAuth2 helper crate for the unofficial Microsoft Azure SDK for Rust. This crate is part of a collection of crates: for more information please refer to [https://github.com/azure/azure-sdk-for-rust](https://github.com/azure/azure-sdk-for-rust).
//! Azure Identity crate for the unofficial Microsoft Azure SDK for Rust. This crate is part of a collection of crates: for more information please refer to [https://github.com/azure/azure-sdk-for-rust](https://github.com/azure/azure-sdk-for-rust).
//! This crate provides mechanisms for several ways to authenticate against Azure
//!
//! For example, to authenticate using the client credential flow, you can do the following:
//! For example, to authenticate using the recommended DefaultAzureCredential, you can do the following:
//!
//! ```no_run
//! use azure_identity::client_credentials_flow;
//! use oauth2::{ClientId, ClientSecret};
//! use azure_identity::{DefaultAzureCredential, TokenCredential};
//! use url::Url;
//!
//! use std::env;
//! use std::error::Error;
//!
//! #[tokio::main]
//! async fn main() -> Result<(), Box<dyn Error>> {
//! let client_id =
//! ClientId::new(env::var("CLIENT_ID").expect("Missing CLIENT_ID environment variable."));
//! let client_secret = ClientSecret::new(
//! env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET environment variable."),
//! );
//! let tenant_id = env::var("TENANT_ID").expect("Missing TENANT_ID environment variable.");
//! let subscription_id =
//! env::var("SUBSCRIPTION_ID").expect("Missing SUBSCRIPTION_ID environment variable.");
//!
//! let client = reqwest::Client::new();
//! // This will give you the final token to use in authorization.
//! let token = client_credentials_flow::perform(
//! client,
//! &client_id,
//! &client_secret,
//! &["https://management.azure.com/"],
//! &tenant_id,
//! )
//! .await?;
//! let credential = DefaultAzureCredential::default();
//! let response = credential
//! .get_token("https://management.azure.com")
//! .await?;
//!
//! let subscription_id = env::var("AZURE_SUBSCRIPTION_ID")?;
//! let url = Url::parse(&format!(
//! "https://management.azure.com/subscriptions/{}/providers/Microsoft.Storage/storageAccounts?api-version=2019-06-01",
//! subscription_id))?;
//! let response = reqwest::Client::new()
//! .get(url)
//! .header("Authorization", format!("Bearer {}", response.token.secret()))
//! .send()
//! .await?
//! .text()
//! .await?;
//!
//! println!("{:?}", response);
//! Ok(())
//! }
//! ```
Expand All @@ -52,6 +50,7 @@ pub mod client_credentials_flow;
pub mod development;
pub mod device_code_flow;
pub mod refresh_token;
pub mod token_credentials;
mod token_credentials;

pub use crate::token_credentials::*;
pub use errors::Error;
0 .../src/token_credentials/cli_credentials.rs → ...oken_credentials/azure_cli_credentials.rs
View file
Open in desktop
File renamed without changes.
34 changes: 17 additions & 17 deletions sdk/identity/src/token_credentials/default_credentials.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@ use azure_core::auth::TokenResponse;
pub struct DefaultAzureCredentialBuilder {
include_environment_credential: bool,
include_managed_identity_credential: bool,
include_cli_credential: bool,
include_azure_cli_credential: bool,
}

impl Default for DefaultAzureCredentialBuilder {
fn default() -> Self {
Self {
include_environment_credential: true,
include_managed_identity_credential: true,
include_cli_credential: true,
include_azure_cli_credential: true,
}
}
}
Expand All @@ -33,22 +33,22 @@ impl DefaultAzureCredentialBuilder {
self
}

/// Exclude using credentials from the cli
pub fn exclude_cli_credential(&mut self) -> &mut Self {
self.include_cli_credential = false;
self
}

/// Exclude using managed identity credentials
pub fn exclude_managed_identity_credential(&mut self) -> &mut Self {
self.include_managed_identity_credential = false;
self
}

/// Exclude using credentials from the cli
pub fn exclude_azure_cli_credential(&mut self) -> &mut Self {
self.include_azure_cli_credential = false;
self
}

/// Create a `DefaultAzureCredential` from this builder.
pub fn build(&self) -> DefaultAzureCredential {
let source_count = self.include_cli_credential as usize
+ self.include_cli_credential as usize
let source_count = self.include_azure_cli_credential as usize
+ self.include_azure_cli_credential as usize
+ self.include_managed_identity_credential as usize;
let mut sources = Vec::<DefaultAzureCredentialEnum>::with_capacity(source_count);
if self.include_environment_credential {
Expand All @@ -61,7 +61,7 @@ impl DefaultAzureCredentialBuilder {
ImdsManagedIdentityCredential::default(),
))
}
if self.include_cli_credential {
if self.include_azure_cli_credential {
sources.push(DefaultAzureCredentialEnum::AzureCli(AzureCliCredential {}));
}
DefaultAzureCredential::with_sources(sources)
Expand Down Expand Up @@ -197,25 +197,25 @@ mod tests {
#[test]
fn test_builder_included_credential_flags() {
let builder = DefaultAzureCredentialBuilder::new();
assert!(builder.include_cli_credential);
assert!(builder.include_azure_cli_credential);
assert!(builder.include_environment_credential);
assert!(builder.include_managed_identity_credential);

let mut builder = DefaultAzureCredentialBuilder::new();
builder.exclude_cli_credential();
assert!(!builder.include_cli_credential);
builder.exclude_azure_cli_credential();
assert!(!builder.include_azure_cli_credential);
assert!(builder.include_environment_credential);
assert!(builder.include_managed_identity_credential);

let mut builder = DefaultAzureCredentialBuilder::new();
builder.exclude_environment_credential();
assert!(builder.include_cli_credential);
assert!(builder.include_azure_cli_credential);
assert!(!builder.include_environment_credential);
assert!(builder.include_managed_identity_credential);

let mut builder = DefaultAzureCredentialBuilder::new();
builder.exclude_managed_identity_credential();
assert!(builder.include_cli_credential);
assert!(builder.include_azure_cli_credential);
assert!(builder.include_environment_credential);
assert!(!builder.include_managed_identity_credential);
}
Expand Down Expand Up @@ -270,7 +270,7 @@ mod tests {

// remove cli source

builder.exclude_cli_credential();
builder.exclude_azure_cli_credential();
let credential = builder.build();

assert_eq!(credential.sources.len(), 1);
Expand Down
4 changes: 2 additions & 2 deletions sdk/identity/src/token_credentials/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
//! * Managed identity
//! * Client secret
mod auto_refreshing_credentials;
mod cli_credentials;
mod azure_cli_credentials;
#[cfg(feature = "client_certificate")]
mod client_certificate_credentials;
mod client_secret_credentials;
Expand All @@ -15,7 +15,7 @@ mod environment_credentials;
mod imds_managed_identity_credentials;

pub use auto_refreshing_credentials::*;
pub use cli_credentials::*;
pub use azure_cli_credentials::*;
#[cfg(feature = "client_certificate")]
pub use client_certificate_credentials::*;
pub use client_secret_credentials::*;
Expand Down
2 changes: 1 addition & 1 deletion sdk/security_keyvault/examples/backup_secret.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_security_keyvault::KeyClient;
use std::env;

Expand Down
2 changes: 1 addition & 1 deletion sdk/security_keyvault/examples/delete_secret.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_security_keyvault::KeyClient;
use std::env;

Expand Down
2 changes: 1 addition & 1 deletion sdk/security_keyvault/examples/get_secret.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use azure_identity::token_credentials::{ClientSecretCredential, TokenCredentialOptions};
use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
use azure_security_keyvault::KeyClient;
use std::env;

Expand Down
Loading