diff --git a/sdk/extensions/Microsoft.Extensions.Azure/CHANGELOG.md b/sdk/extensions/Microsoft.Extensions.Azure/CHANGELOG.md index 5b919958399a..1509e9a76429 100644 --- a/sdk/extensions/Microsoft.Extensions.Azure/CHANGELOG.md +++ b/sdk/extensions/Microsoft.Extensions.Azure/CHANGELOG.md @@ -2,6 +2,9 @@ ## 1.1.0-beta.2 (Unreleased) +### Added + +- The ability to use `ManagedIdentityCredential` from the configuration using the `"credential": "managedidentity"` ## 1.1.0-beta.1 (2020-11-10) diff --git a/sdk/extensions/Microsoft.Extensions.Azure/src/Internal/ClientFactory.cs b/sdk/extensions/Microsoft.Extensions.Azure/src/Internal/ClientFactory.cs index fd925f84262d..18d09a05e25b 100644 --- a/sdk/extensions/Microsoft.Extensions.Azure/src/Internal/ClientFactory.cs +++ b/sdk/extensions/Microsoft.Extensions.Azure/src/Internal/ClientFactory.cs @@ -85,6 +85,7 @@ public static object CreateClient(Type clientType, Type optionsType, object opti internal static TokenCredential CreateCredential(IConfiguration configuration, TokenCredentialOptions identityClientOptions = null) { + var credentialType = configuration["credential"]; var clientId = configuration["clientId"]; var tenantId = configuration["tenantId"]; var clientSecret = configuration["clientSecret"]; @@ -92,6 +93,11 @@ internal static TokenCredential CreateCredential(IConfiguration configuration, T var certificateStoreName = configuration["clientCertificateStoreName"]; var certificateStoreLocation = configuration["clientCertificateStoreLocation"]; + if (string.Equals(credentialType, "managedidentity", StringComparison.OrdinalIgnoreCase)) + { + return new ManagedIdentityCredential(clientId); + } + if (!string.IsNullOrWhiteSpace(tenantId) && !string.IsNullOrWhiteSpace(clientId) && !string.IsNullOrWhiteSpace(clientSecret)) diff --git a/sdk/extensions/Microsoft.Extensions.Azure/tests/ClientFactoryTests.cs b/sdk/extensions/Microsoft.Extensions.Azure/tests/ClientFactoryTests.cs index 25270dc14ead..8231ce019e9c 100644 --- a/sdk/extensions/Microsoft.Extensions.Azure/tests/ClientFactoryTests.cs +++ b/sdk/extensions/Microsoft.Extensions.Azure/tests/ClientFactoryTests.cs @@ -3,6 +3,7 @@ using System; using System.Collections.Generic; +using System.Reflection; using System.Security.Cryptography.X509Certificates; using Azure.Identity; using Microsoft.Extensions.Azure; @@ -155,6 +156,43 @@ public void CreatesClientSecretCredentials() Assert.AreEqual("ConfigurationTenantId", clientSecretCredential.TenantId); } + [Test] + public void CreatesManagedServiceIdentityCredentialsWithClientId() + { + IConfiguration configuration = GetConfiguration( + new KeyValuePair("clientId", "ConfigurationClientId"), + new KeyValuePair("credential", "managedidentity") + ); + + var credential = ClientFactory.CreateCredential(configuration); + + Assert.IsInstanceOf(credential); + var managedIdentityCredential = (ManagedIdentityCredential)credential; + + var client = (ManagedIdentityClient)typeof(ManagedIdentityCredential).GetField("_client", BindingFlags.NonPublic | BindingFlags.Instance).GetValue(managedIdentityCredential); + var clientId = typeof(ManagedIdentityClient).GetProperty("ClientId", BindingFlags.NonPublic | BindingFlags.Instance).GetValue(client); + + Assert.AreEqual("ConfigurationClientId", clientId); + } + + [Test] + public void CreatesManagedServiceIdentityCredentials() + { + IConfiguration configuration = GetConfiguration( + new KeyValuePair("credential", "managedidentity") + ); + + var credential = ClientFactory.CreateCredential(configuration); + + Assert.IsInstanceOf(credential); + var managedIdentityCredential = (ManagedIdentityCredential)credential; + + var client = (ManagedIdentityClient)typeof(ManagedIdentityCredential).GetField("_client", BindingFlags.NonPublic | BindingFlags.Instance).GetValue(managedIdentityCredential); + var clientId = typeof(ManagedIdentityClient).GetProperty("ClientId", BindingFlags.NonPublic | BindingFlags.Instance).GetValue(client); + + Assert.Null(clientId); + } + [Test] public void IgnoresConstructorWhenCredentialsNull() {