-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Storage identity remove resource manager provider #15837
Closed
yevster
wants to merge
56
commits into
Azure:master
from
yevster:storage-identity-remove-resource-manager-provider
+1,280
−608
Closed
Changes from 6 commits
Commits
Show all changes
56 commits
Select commit
Hold shift + click to select a range
03f8ab4
In progress
mnriem 7266ac5
Throw an exception when configuration is incomplete
mnriem 0de9b40
Added class level JavaDoc
mnriem 3964b68
Resolve POM conflict
mnriem 9fb49ba
Added unit tests
mnriem 9acd2b9
Merge branch 'credential-helper' of https://github.com/mnriem/azure-s…
yevster bedcf50
Changing the Identity Helper into a builder
yevster 9ad8a79
Adding storage resource sample, autoconfiguration for blob storage wi…
yevster f9adbe0
Attempting to generate an endpoint string
yevster 9cac0d3
Provisional workaround for using IdentityToken in Shared service conn…
yevster c2bbb46
Merge branch 'master' into storage-identity
yevster 41f32fa
In progress
mnriem 8c1297b
Throw an exception when configuration is incomplete
mnriem f0322af
Added class level JavaDoc
mnriem 8a6385c
Resolve POM conflict
mnriem 9305ee1
Added unit tests
mnriem 92fd3dd
Changing the Identity Helper into a builder
yevster 06d8aa9
Adding storage resource sample, autoconfiguration for blob storage wi…
yevster 723e463
Attempting to generate an endpoint string
yevster 62c5533
Provisional workaround for using IdentityToken in Shared service conn…
yevster b96c739
Merge branch 'storage-identity' of github.com:yevster/azure-sdk-for-j…
yevster 3f7e8ac
XML syntax fix
yevster 670e4a2
Storage resource demo works
yevster cfef365
Removing tight Resource Manager Provider coupling
yevster f7f9414
Merge branch 'master' into storage-identity-remove-resource-manager-p…
yevster 9662b85
Fixing autoconfiguration for legacy resource management to not kick i…
yevster 6f780a9
Merge branch 'master' into storage-identity-remove-resource-manager-p…
yevster ef3f807
Resource demo works with file legacy file credentail'
yevster 525c5b4
Resource sample works with environment parameters
yevster 7d7adb1
Removing debugging code
yevster 80a9e20
Fixing SPEL expression to omit legacy auto-config when using Spring e…
yevster 9277d71
checkstyle appeasement
yevster e4608d5
Checktyle appeasement, version fixing
yevster 42d5e50
Adding mock token credentail to Actuator test config to ward off unea…
yevster 29beabc
Adding mock token credentail to Actuator test config to ward off unea…
yevster 969353e
Removing topic manager dependency from queue autoconfig
yevster bbc811e
Fixing autoconfig dependencies for Topic binders
yevster 01b1378
Fixing startup failure when namespace is provided instead of connection
yevster cc74b40
Updating to incorporate upstream library signature changes
yevster cdb5ed4
Merge branch 'master' into storage-identity-remove-resource-manager-p…
saragluna bccd6e2
include version tag should be on the same line
saragluna 9a206f1
Spring Cloud Stream - Event Hub binder demo now works
yevster f19af87
merging with master
yevster 7bec935
Fixing build failures
yevster 456d383
Preventing reliance on resource management bean when resource group
yevster 9b1792b
Merge branch 'master' into storage-identity-remove-resource-manager-p…
yevster fcb8bc8
Fixing NPE in auto-configuration
yevster a6cfcfe
Fixing NPE in auto-configuration
yevster 8277c89
Fixing package names broken in merge
yevster 005e67f
Checkstyle appeasement
yevster 552af0c
Checkstyle appeasement
yevster 2456b26
Merge branch 'context-config-npe-fix' into storage-identity-remove-re…
yevster 8558375
Eliminating ServiceBus ARM dependency when not pulled in thorugh sett…
yevster dde0594
Deleting duplicate sample
yevster 2a7d5a3
Removing module for superfluous storage resource demeo
yevster 5531c84
Fixing parent pom of identity library
yevster File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,69 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
|
|
||
| <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
| <modelVersion>4.0.0</modelVersion> | ||
| <parent> | ||
| <groupId>com.azure</groupId> | ||
| <artifactId>azure-spring-boot-service</artifactId> | ||
| <version>1.0.0</version> | ||
| </parent> | ||
| <artifactId>azure-identity-spring-library</artifactId> | ||
| <version>1.0.0-SNAPSHOT</version> | ||
| <packaging>jar</packaging> | ||
| <name>Azure Identity Spring Integration Library</name> | ||
| <properties> | ||
| <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | ||
| <maven.compiler.source>1.8</maven.compiler.source> | ||
| <maven.compiler.target>1.8</maven.compiler.target> | ||
| </properties> | ||
| <build> | ||
| <plugins> | ||
| <plugin> | ||
| <groupId>org.apache.maven.plugins</groupId> | ||
| <artifactId>maven-surefire-plugin</artifactId> | ||
| <version>3.0.0-M5</version> | ||
| </plugin> | ||
| </plugins> | ||
| </build> | ||
| <dependencies> | ||
| <dependency> | ||
| <groupId>org.springframework</groupId> | ||
| <artifactId>spring-context</artifactId> | ||
| <version>5.2.8.RELEASE</version> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.springframework</groupId> | ||
| <artifactId>spring-core</artifactId> | ||
| <version>5.2.8.RELEASE</version> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>com.azure</groupId> | ||
| <artifactId>azure-identity</artifactId> | ||
| <version>1.0.9</version> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.junit.jupiter</groupId> | ||
| <artifactId>junit-jupiter-api</artifactId> | ||
| <version>5.6.2</version> | ||
| <scope>test</scope> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.junit.jupiter</groupId> | ||
| <artifactId>junit-jupiter-params</artifactId> | ||
| <version>5.6.2</version> | ||
| <scope>test</scope> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.junit.jupiter</groupId> | ||
| <artifactId>junit-jupiter-engine</artifactId> | ||
| <version>5.6.2</version> | ||
| <scope>test</scope> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>junit</groupId> | ||
| <artifactId>junit</artifactId> | ||
| <scope>test</scope> | ||
| <version>4.13</version> | ||
| </dependency> | ||
| </dependencies> | ||
| </project> | ||
184 changes: 184 additions & 0 deletions
184
...-library/src/main/java/com/microsoft/azure/identity/spring/AzureIdentitySpringHelper.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,184 @@ | ||
| // Copyright (c) Microsoft Corporation. All rights reserved. | ||
| // Licensed under the MIT License. | ||
| package com.microsoft.azure.identity.spring; | ||
|
|
||
| import com.azure.core.credential.TokenCredential; | ||
| import com.azure.identity.ClientCertificateCredentialBuilder; | ||
| import com.azure.identity.ClientSecretCredentialBuilder; | ||
| import com.azure.identity.DefaultAzureCredentialBuilder; | ||
| import java.util.HashMap; | ||
| import org.springframework.core.env.Environment; | ||
| import org.springframework.stereotype.Component; | ||
|
|
||
| /** | ||
| * A helper class to deal with credentials in a Spring environment. | ||
| * | ||
| * <p> | ||
| * This helper class makes it possible to configure credentials to be used | ||
| * within a Spring context. | ||
| * </p> | ||
| * | ||
| * <table> | ||
| * <tr> | ||
| * <th>Property Tuples</th> | ||
| * <th>Description</th> | ||
| * </tr> | ||
| * <tr> | ||
| * <td> | ||
| * azure.credential.(name.)tenantId <br> | ||
| * azure.credential.(name.)clientId <br> | ||
| * azure.credential.(name.)clientSecret | ||
| * </td> | ||
| * <td> | ||
| * the Azure Tenant ID <br> | ||
| * the Client ID <br> | ||
| * the Client Certificate <br> | ||
| * </td> | ||
| * </tr> | ||
| * <tr> | ||
| * <td> | ||
| * azure.credential.(name.)tenantId <br> | ||
| * azure.credential.(name.)clientId <br> | ||
| * azure.credential.(name.)clientCertificate | ||
| * </td> | ||
| * <td> | ||
| * the Azure Tenant ID <br> | ||
| * the Client ID <br> | ||
| * the path to the PEM client certificate | ||
| * </td> | ||
| * </tr> | ||
| * </table> | ||
| * | ||
| * where name is the <code>name</code> of the credential. Note if | ||
| * <code>name</code> is entirely omitted it is taken to be the default | ||
| * credential. Note if the default credential is omitted it is configure to use | ||
| * AzureDefaultCredential which allows for the use a Managed Identity (if it is | ||
| * present). | ||
| * | ||
| * @author manfred.riem@microsoft.com | ||
| */ | ||
| @Component | ||
| public class AzureIdentitySpringHelper { | ||
|
|
||
| /** | ||
| * Defines the AZURE_CREDENTIAL_PREFIX. | ||
| */ | ||
| private static final String AZURE_CREDENTIAL_PREFIX = "azure.credential."; | ||
|
|
||
| /** | ||
| * Stores the named credentials. | ||
| */ | ||
| private final HashMap<String, TokenCredential> credentials; | ||
|
|
||
| /** | ||
| * Constructor. | ||
| */ | ||
| public AzureIdentitySpringHelper() { | ||
| credentials = new HashMap<>(); | ||
| credentials.put("", new DefaultAzureCredentialBuilder().build()); | ||
| } | ||
|
|
||
| /** | ||
| * Add a named credential. | ||
| * | ||
| * @param name the name. | ||
| * @param credential the credential. | ||
| */ | ||
| public void addNamedCredential(String name, TokenCredential credential) { | ||
| credentials.put(name, credential); | ||
| } | ||
|
|
||
| /** | ||
| * Get the default Azure credential. | ||
| * | ||
| * @return the default Azure credential | ||
| */ | ||
| public TokenCredential getDefaultCredential() { | ||
| return credentials.get(""); | ||
| } | ||
|
|
||
| /** | ||
| * Get the named credential. | ||
| * | ||
| * @param name the name. | ||
| * @return the named credential, or null if not found. | ||
| */ | ||
| public TokenCredential getNamedCredential(String name) { | ||
| return credentials.get(name); | ||
| } | ||
|
|
||
| /** | ||
| * Populate from Environment. | ||
| * | ||
| * @param environment the environment. | ||
| */ | ||
| public void populate(Environment environment) { | ||
| populateNamedCredential(environment, ""); | ||
| String credentialNamesKey = AZURE_CREDENTIAL_PREFIX + "names"; | ||
| if (environment.containsProperty(credentialNamesKey)) { | ||
| String[] credentialNames = environment.getProperty(credentialNamesKey).split(","); | ||
| for(int i=0; i<credentialNames.length; i++) { | ||
| populateNamedCredential(environment, credentialNames[i]); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * Populate a named credential. | ||
| * | ||
| * @param environment the environment | ||
| * @param name the name. | ||
| */ | ||
| private void populateNamedCredential(Environment environment, String name) { | ||
| String standardizedName = name; | ||
|
|
||
| if (!standardizedName.equals("") && !standardizedName.endsWith(".")) { | ||
| standardizedName = standardizedName + "."; | ||
| } | ||
|
|
||
| String tenantIdKey = AZURE_CREDENTIAL_PREFIX + standardizedName + "tenantId"; | ||
| String clientIdKey = AZURE_CREDENTIAL_PREFIX + standardizedName + "clientId"; | ||
| String clientSecretKey = AZURE_CREDENTIAL_PREFIX + standardizedName + "clientSecret"; | ||
|
|
||
| String tenantId = environment.getProperty(tenantIdKey); | ||
| String clientId = environment.getProperty(clientIdKey); | ||
| String clientSecret = environment.getProperty(clientSecretKey); | ||
|
|
||
| if (tenantId != null && clientId != null && clientSecret != null) { | ||
| TokenCredential credential = new ClientSecretCredentialBuilder() | ||
| .tenantId(tenantId) | ||
| .clientId(clientId) | ||
| .clientSecret(clientSecret) | ||
| .build(); | ||
| credentials.put(name, credential); | ||
| return; | ||
| } | ||
|
|
||
| String clientCertificateKey = AZURE_CREDENTIAL_PREFIX + standardizedName + "clientCertificate"; | ||
| String clientCertificatePath = environment.getProperty(clientCertificateKey); | ||
|
|
||
| if (tenantId != null && clientId != null && clientCertificatePath != null) { | ||
| TokenCredential credential = new ClientCertificateCredentialBuilder() | ||
| .tenantId(tenantId) | ||
| .clientId(clientId) | ||
| .pemCertificate(clientCertificatePath) | ||
| .build(); | ||
| credentials.put(name, credential); | ||
| return; | ||
| } | ||
|
|
||
| if (!name.equals("")) { | ||
| throw new RuntimeException("Configuration for azure.credential." + name + " is incomplete"); | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * Remove the named credential. | ||
| * | ||
| * @param name the name. | ||
| * @return the removed named credential, or null if not found. | ||
| */ | ||
| public TokenCredential removeNamedCredential(String name) { | ||
| return credentials.remove(name); | ||
| } | ||
| } |
92 changes: 92 additions & 0 deletions
92
...rary/src/test/java/com/microsoft/azure/identity/spring/AzureIdentitySpringHelperTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,92 @@ | ||
| // Copyright (c) Microsoft Corporation. All rights reserved. | ||
| // Licensed under the MIT License. | ||
| package com.microsoft.azure.identity.spring; | ||
|
|
||
| import com.azure.identity.ClientSecretCredential; | ||
| import com.azure.identity.DefaultAzureCredential; | ||
| import com.azure.identity.DefaultAzureCredentialBuilder; | ||
| import static org.junit.jupiter.api.Assertions.assertNotNull; | ||
| import static org.junit.jupiter.api.Assertions.assertNull; | ||
| import static org.junit.jupiter.api.Assertions.assertTrue; | ||
| import static org.junit.jupiter.api.Assertions.fail; | ||
| import org.junit.jupiter.api.Test; | ||
| import org.springframework.core.env.StandardEnvironment; | ||
|
|
||
| /** | ||
| * The unit tests for the AzureIdentitySpringHelper class. | ||
| * | ||
| * @author manfred.riem@microsoft.com | ||
| */ | ||
| public class AzureIdentitySpringHelperTest { | ||
|
|
||
| /** | ||
| * Test addNamedCredential method. | ||
| */ | ||
| @Test | ||
| public void testAddNamedCredential() { | ||
| DefaultAzureCredential credential = new DefaultAzureCredentialBuilder().build(); | ||
| AzureIdentitySpringHelper helper = new AzureIdentitySpringHelper(); | ||
| helper.addNamedCredential("cred1", credential); | ||
| assertNotNull(helper.getNamedCredential("cred1")); | ||
| helper.removeNamedCredential("cred1"); | ||
| assertNull(helper.getNamedCredential("cred1")); | ||
| } | ||
|
|
||
| /** | ||
| * Test getDefaultCredential method. | ||
| */ | ||
| @Test | ||
| public void testGetDefaultCredential() { | ||
| AzureIdentitySpringHelper helper = new AzureIdentitySpringHelper(); | ||
| assertNotNull(helper.getDefaultCredential()); | ||
| } | ||
|
|
||
| /** | ||
| * Test populate method. | ||
| */ | ||
| @Test | ||
| public void testPopulate() { | ||
| System.setProperty("azure.credential.names", ""); | ||
| System.setProperty("azure.credential.tenantId", "tenantId"); | ||
| System.setProperty("azure.credential.clientId", "clientId"); | ||
| System.setProperty("azure.credential.clientSecret", "clientSecret"); | ||
| StandardEnvironment environment = new StandardEnvironment(); | ||
| AzureIdentitySpringHelper helper = new AzureIdentitySpringHelper(); | ||
| helper.populate(environment); | ||
| assertNotNull(helper.getDefaultCredential()); | ||
| assertTrue(helper.getDefaultCredential() instanceof ClientSecretCredential); | ||
| } | ||
|
|
||
| /** | ||
| * Test populate method. | ||
| */ | ||
| @Test | ||
| public void testPopulate2() { | ||
| System.setProperty("azure.credential.names", "myname"); | ||
| System.setProperty("azure.credential.myname.tenantId", "tenantId"); | ||
| System.setProperty("azure.credential.myname.clientId", "clientId"); | ||
| System.setProperty("azure.credential.myname.clientSecret", "clientSecret"); | ||
| StandardEnvironment environment = new StandardEnvironment(); | ||
| AzureIdentitySpringHelper helper = new AzureIdentitySpringHelper(); | ||
| helper.populate(environment); | ||
| assertNotNull(helper.getNamedCredential("myname")); | ||
| assertTrue(helper.getNamedCredential("myname") instanceof ClientSecretCredential); | ||
| } | ||
|
|
||
| /** | ||
| * Test populate method. | ||
| */ | ||
| @Test | ||
| public void testPopulate3() { | ||
| System.setProperty("azure.credential.names", "myname2"); | ||
| System.setProperty("azure.credential.myname2.tenantId", "tenantId"); | ||
| System.setProperty("azure.credential.myname2.clientSecret", "clientSecret"); | ||
| StandardEnvironment environment = new StandardEnvironment(); | ||
| AzureIdentitySpringHelper helper = new AzureIdentitySpringHelper(); | ||
| try { | ||
| helper.populate(environment); | ||
| fail(); | ||
| } catch(RuntimeException re) { | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggest change the artifact id to azure-identity-spring
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mnriem, any objection to eliminating the Spring Environment identity library entirely and moving this functionality to the
azure-spring-cloud-contextmodule?