Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AzureCliCredential interrupts credential chain if Azure CLI is not logged in #11819

Closed
mpderbec opened this issue Jun 4, 2020 · 2 comments · Fixed by #11829
Closed

AzureCliCredential interrupts credential chain if Azure CLI is not logged in #11819

mpderbec opened this issue Jun 4, 2020 · 2 comments · Fixed by #11829
Assignees
@chlowell
Labels
Azure.Identity bug This issue requires a change to an existing behavior in the product in order to be resolved. Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization.
Milestone
[2020] June

Comments

@mpderbec
Copy link

mpderbec commented Jun 4, 2020

  • Package Name: azure-identity
  • Package Version: 1.4.0b3
  • Operating System: Windows
  • Python Version: 3.7

Describe the bug
On Windows (haven't tried other OSes, but would expect the same), if the Azure CLI client is logged out, then the AzureCliCredential class will raise ClientAuthenticationError, which causes the credential chain to stop. A common need is to include InteractiveBrowserCredential as the final link in a chained credential, and this bug prevents it from being used.

To Reproduce
Steps to reproduce the behavior:

  1. Use the following credential, which behind the scenes creates a chain:
        credential = identity.DefaultAzureCredential(
            exclude_shared_token_cache_credential=False,
            exclude_visual_studio_code_credential=False,
            exclude_cli_credential=False,
            exclude_interactive_browser_credential=False
        )
  1. Make sure Visual Studio Code is logged out of Azure and that the Azure CLI is also logged out.
  2. Use the credential for some purpose that would cause it to retrieve a token.

Expected behavior
I believe if the AzureCliCredential class were to raise CredentialUnavailableError instead, then the chain would continue.

Additional context
Found in the course of attempting to work around Azure/azure-sdk-for-net#8934.
@ghost ghost added needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Jun 4, 2020
@mpderbec mpderbec mentioned this issue Jun 4, 2020
Closed
@mpderbec mpderbec changed the title AzureCliCredential raises incorrect exception when az client is not logged in AzureCliCredential interrupts credential chain is Azure CLI is not logged in Jun 4, 2020
@mpderbec mpderbec changed the title AzureCliCredential interrupts credential chain is Azure CLI is not logged in AzureCliCredential interrupts credential chain is Azure CLI if not logged in Jun 4, 2020
@mpderbec mpderbec changed the title AzureCliCredential interrupts credential chain is Azure CLI if not logged in AzureCliCredential interrupts credential chain if Azure CLI is not logged in Jun 4, 2020
@kaerm kaerm added Azure.Identity Client This issue points to a problem in the data-plane of the library. labels Jun 4, 2020
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Jun 4, 2020
@kaerm
Copy link
Contributor

kaerm commented Jun 4, 2020

@mpderbec thanks for reporting this, @chlowell could you take a look at this

@kaerm kaerm added this to the Backlog milestone Jun 4, 2020
@chlowell chlowell mentioned this issue Jun 4, 2020
Merged
@chlowell chlowell modified the milestones: Backlog, [2020] June Jun 4, 2020
@chlowell
Copy link
Member

chlowell commented Jun 4, 2020

Thanks @mpderbec, this will be fixed in our next release.

@chlowell chlowell added bug This issue requires a change to an existing behavior in the product in order to be resolved. and removed question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Jun 4, 2020
openapi-sdkautomation bot pushed a commit to AzureSDKAutomation/azure-sdk-for-python that referenced this issue Dec 12, 2020
CodeGen from PR 11819 in Azure/azure-rest-api-specs
f0b3be2 
Added synctoken property to app configuration event grid schema. (Azure#11819)
@github-actions github-actions bot locked and limited conversation to collaborators Apr 12, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@chlowell chlowell

Labels
Azure.Identity bug This issue requires a change to an existing behavior in the product in order to be resolved. Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization.
Projects
None yet
Milestone
[2020] June
Development

Successfully merging a pull request may close this issue.

AzureCliCredential is unavailable when no account is logged in chlowell/azure-sdk-for-python
3 participants
@mpderbec @chlowell @kaerm