Add credential support to ASP.NET Core integration layer #6805
Conversation
| @@ -38,14 +39,14 @@ | |||
| <PackageReference Update="Microsoft.CodeAnalysis.CSharp.Workspaces" Version="2.6.1" /> | |||
| <PackageReference Update="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="2.6.2" /> | |||
| <PackageReference Update="Microsoft.CodeAnalysis" Version="2.3.0" /> | |||
| <PackageReference Update="Microsoft.Extensions.Configuration.Abstractions" Version="2.2.0" /> | |||
| <PackageReference Update="Microsoft.Extensions.Configuration.Binder" Version="2.2.0" /> | |||
| <PackageReference Update="Microsoft.Extensions.Configuration.Abstractions" Version="2.1.0" /> | |||
There was a problem hiding this comment.
I've downgraded versions of dependencies to the current LTS version. Azure.Core.Extensions is the only project using them
| private string _clientId; | ||
| private X509Certificate2 _clientCertificate; | ||
| private AadIdentityClient _client; | ||
| public string TenantId { get; } |
There was a problem hiding this comment.
cc @schaabs
I've exposed the properties to enable testing.
|
Hm, pipeline tries to pack my sample project for some reason. |
| <WarnOnPackingNonPackableProject>false</WarnOnPackingNonPackableProject> | ||
| </PropertyGroup> | ||
| <ItemGroup> | ||
| <PackageReference Include="Microsoft.AspNetCore.App" IsImplicitlyDefined="true" /> |
There was a problem hiding this comment.
Orthogonal to these changes: I'm not familiar with IsImplicitlyDefined and a quick search didn't turn up anything. I'd be grateful for a quick pointer to a reference or explanation of what it is for. :)
There was a problem hiding this comment.
Sooooo, you are not supposed to have package version for Microsoft.AspNetCore.App package, SDK would pick the highest patch for you based on the target framework.
Unfortunately, this conflicts with our central version management strategy that produces a warning when something outside of Packages.Data.props set a package version. IsImplicitlyDefined suppresses this warning.
| @@ -29,6 +29,7 @@ | |||
| </ItemGroup> | |||
|
|
|||
| <ItemGroup> | |||
| <ProjectReference Include="..\..\..\identity\Azure.Identity\src\Azure.Identity.csproj" /> | |||
There was a problem hiding this comment.
Should this use a package reference rather than a project reference?
There was a problem hiding this comment.
I'll keep it a package reference until preview2 so we can iterate them in parallel.
sdk/core/Azure.Core.Extensions/src/Internal/ConfigurationClientFactory.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
I haven't used ASP.NET in five years and don't recognize any of this... so feel free to disregard most of my comments/questions if you're following standard patterns I'm oblivious to.
The only real issue I see is specializing everything to TokenCredential when we have other types for different services. I'm okay with it if you and @schaabs decide that's the plan, but think it'll feel weird if users are trying to setup a default StorageSharedKeyCredential to use with all their BlobClients.
| @@ -39,9 +39,10 @@ | |||
|
|
|||
| <PropertyGroup> | |||
| <IsTestProject Condition="$(MSBuildProjectName.EndsWith('.Tests'))">true</IsTestProject> | |||
| <IsSamplesProject Condition="$(MSBuildProjectName.EndsWith('.Samples'))">true</IsSamplesProject> | |||
There was a problem hiding this comment.
Nit - any reason not to follow our existing .Samples.Tests approach for testable samples?
There was a problem hiding this comment.
I really want to give folks outside our team an easy way to play with new APIs in ASP.NET Core app
There was a problem hiding this comment.
We can also consider checking for /samples/ in the path.
...nfiguration/Azure.ApplicationModel.Configuration/src/ConfigurationClientBuilderExtensions.cs
Outdated
Show resolved
Hide resolved
|
|
||
| services.AddAzureClients(builder => { | ||
|
|
||
| builder.AddSecretClient(Configuration.GetSection("KeyVault")) |
There was a problem hiding this comment.
When I see it written like this, I wonder if we should be calling it AddKeyVaultSecretClient.
There was a problem hiding this comment.
We've been back and forth on this couple of times with @KrzysztofCwalina, I'm open to any naming schema but would prefer to follow up on this later.
sdk/core/Azure.Core.Extensions/src/Internal/AzureClientsGlobalOptions.cs
Outdated
Show resolved
Hide resolved
sdk/core/Azure.Core.Extensions/src/Internal/AzureClientsGlobalOptions.cs
Outdated
Show resolved
Hide resolved
| return credential; | ||
| } | ||
|
|
||
| // TODO: More logging |
There was a problem hiding this comment.
Should we throw an exception if they don't provide enough detail? Like say they forgot the clientId, would it be helpful to tell them that here?
There was a problem hiding this comment.
We should, something similar to constructor not found exception.
sdk/core/Azure.Core.Extensions/src/Internal/ConfigureClientOptions.cs
Outdated
Show resolved
Hide resolved
fixed next link in backup (#6805)
fixed next link in backup (#6805)
Adding support for multiple features:
In extensions methods, the credential parameter should be made optional. The default value means that a global default credential would be used.
New extension type name pattern
SomethingClientBuilderExtensions, method nameAddSomethingClient