-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose methods for closing async credential transport sessions #9090
Conversation
Can one of the admins verify this patch? |
sdk/keyvault/azure-keyvault-secrets/azure/keyvault/secrets/_shared/challenge_auth_policy.py
Outdated
Show resolved
Hide resolved
3ad6e2d
to
d3a91a2
Compare
sdk/identity/azure-identity/azure/identity/aio/_credentials/base.py
Outdated
Show resolved
Hide resolved
sdk/identity/azure-identity/azure/identity/aio/_credentials/chained.py
Outdated
Show resolved
Hide resolved
sdk/identity/azure-identity/azure/identity/aio/_credentials/chained.py
Outdated
Show resolved
Hide resolved
sdk/identity/azure-identity/azure/identity/aio/_credentials/base.py
Outdated
Show resolved
Hide resolved
@@ -37,6 +39,15 @@ def __new__(cls, *args, **kwargs): | |||
def __init__(self, **kwargs: "Any") -> None: | |||
pass | |||
|
|||
async def __aenter__(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is getting a bit more odd the more methods you add to the class. I know I asked before, but I can't remember the answer - why is this a class with a __new__
and not just a function that returns the correct credential type?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To hide the implementations while providing the right surface for documentation and code completion. It could instead hold an instance of the appropriate credential and wrap its methods... #9302
sdk/identity/azure-identity/azure/identity/aio/_internal/msal_transport_adapter.py
Show resolved
Hide resolved
c928dbd
to
c6b73e7
Compare
sdk/identity/azure-identity/azure/identity/aio/_authn_client.py
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Except the "return self" in a aexit, nit picking
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are you going to depend on azure-core 1.1.2/3?
To ensure the new protocol is available? It isn't needed at runtime, so I don't think it's worth requiring. |
sdk/identity/azure-identity/azure/identity/aio/_credentials/shared_cache.py
Show resolved
Hide resolved
@@ -22,6 +24,11 @@ class ChainedTokenCredential(SyncChainedTokenCredential): | |||
:type credentials: :class:`azure.core.credentials.TokenCredential` | |||
""" | |||
|
|||
async def close(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have a concern here: do we expect customer to "async enter" all the credentials in the chain, or should we have a aenter here that loop thourgh all of them and enter them?
Can I see a sample of usage of this one?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is what I want to enable:
credential = DefaultAzureCredential()
client = FooServiceClient(credential)
# ... time passes, many useful service requests are authorized ...
credential.close()
I think close
is the important API. I don't expect anyone to "enter" or "open" a credential. I have aenter
doing nothing here because the credential doesn't know which members of its chain will send requests, and transports will open sessions as needed. (At least, our current transport implementations will. Perhaps we should make explicit who's expected to open a transport.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you implement __aenter__
/__aexit__
(e.g. you are an async context manager), then you are strongly signalling to users that using async with
is general goodness, but you can do the closing yourself if you so see fit.
If we don't want to give an example of intended use with async with
, then why is it an async context manager?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To be consistent with everything else in the SDK that wraps async transport by exposing __aenter__
, __aexit__
, and close
. This PR does add an async with
example to the README, and it's okay to use credentials that way. Every other credential's __aenter__
invokes its transport's __aenter__
.
The awkwardness for ChainedTokenCredential.__aenter__
is that if it opens sessions for N credentials, N-1 of them may never be used, at some cost dependent on the HTTP client's implementation. These sessions will all be closed by __aexit__
, but I thought it unnecessary to open them given that our async transports will do so as needed.
You need it to make pylint happy, right? |
Sure, I as an SDK developer need it to satisfy pylint, but I get it with this PR. Do you think an SDK user might need it? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove blocker
@@ -74,6 +72,11 @@ def _get_challenge_request(request): | |||
class ChallengeAuthPolicy(ChallengeAuthPolicyBase, HTTPPolicy): | |||
"""policy for handling HTTP authentication challenges""" | |||
|
|||
def __init__(self, credential, **kwargs): | |||
# type: (TokenCredential, **Any) -> None | |||
self._credential = credential |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess this means every release of KV now will need this new azure-identity, be sure to update the setup.py to reflect that
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Assuming you mean KV will need the new azure-core because the async challenge auth policy uses AsyncTokenCredential
, this is what @xiangyan99 and I have been discussing. I haven't bumped dependencies because AsyncTokenCredential
is only used in type annotations. I think a user combining old azure-core with new azure-keyvault would need to run mypy or pylint on azure-keyvault to see a warning. Is that mistaken, or too sloppy?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If tests are fine, I'm fine. Be sure to test with storage 12.0.0 and KV 4.0.0 the backward compat
* Index Creation Bugfixes (#9334) * porting updates for azure-mgmt-web namespaces. updating index creation script to include replace relative links. small updates to package json. updating documentation landing page with appropriate link text and location. * updating 404ing reference to cspack tool, resolving 404ing link to powershell cmdlet, removing pymodule index from index, remove links to some standard sphinx constructs that won't stick around anymore, override reference to 404ing roboto-slab font. * Run Tox Test Environments in Parallel (#9034) * take advantage of improvements to tox-monorepo, plumb through tox environments in parallel * update tox.ini to only use `envtmpdir` instead of `distdir` for temp work. * disabling coverage in sdist environment * cogservices textanalytics uses core * changing the whl to use envtmpdir * replacing dev_requirements during CI build. this should mitigate CI failures due to parallelization of install during tox runs * ignoring the .tox directory to stop pytest discovery errors during collection * Update issue templates (#9353) Add issue and feature templates, mirroring the pattern used in Azure JS SDKs. * [EventHubs] Sample, Doc, Test improvement (#9349) * revert back and improve comments * remove livetest mark for tests which are not livetest * update docstring and readme * readme and sample improvement * update migration guide * minor update on history * review update * small fix of samples * [textanalytics] update history.md (#9368) * update history for TA preview release * add note to track1 * formatting * add contributing for readme (#9369) * Remove enter and exit from async context managers (#9313) * Adding testutils to defined packages within azure-common (#9365) * adding testutils to defined packages within azure-common * moving testutils out of azure-common and into azure-sdk-tools * updated version and changelog (#9373) * [textanalytics] Add azure-ai-nspkg to artifacts in ci.yml (#9371) * update ci.yml to include nspkg * newline * add setup.cfg to nspkg * readme tweaks and fix innererror code returned * clean up temp file after run (#9356) * clean up temp file after run * use tempfile * Fix certs readme (#9370) * Improve DefaultAzureCredential docstring and error message (#9376) * Categorize Text Analytics (#9377) * categorize textanalytics * Manually generate iothub (#9378) * multi-api package * history and version * Packaging update of azure-mgmt-iothub * rerecorded tests Co-authored-by: Azure SDK Bot <[email protected]> * Restapi auto databoxedge/resource manager (#9367) * [AutoPR databoxedge/resource-manager] chore: jsonfmt databoxedge (#7361) * Generated from 8b79ae248e5093f824f1c3c0df81a20a3b3cd4de chore: jsonfmt databoxedge * Packaging update of azure-mgmt-databoxedge * [AutoPR databoxedge/resource-manager] Add new version of API with object store, sku selection and arm lite user (#8735) * Generated from b9b42fd9797234b52ae3f05f93711067560d2544 Fixed comments on Sku API * Generated from b502551c6a94008e85be6c3a666f7f3edfc2b67f Removed unused property * Generated from b288943f733062a70176e972eeb92e46c85fa6a1 "Changed operationId for skus API" * databoxedge generated multi-api * history and version * Packaging update of azure-mgmt-databoxedge * added pipeline Co-authored-by: Azure SDK Bot <[email protected]> * [EventHubs] Comment, Test Updates (#9366) * update docstring * await task to prevent potential seg fault * review update * PM review update * review update * review update * minor improvement * minor improvement * Generated from 1998d0a6549d02cceed76351dbbbfc131382fa80 (#9382) Adding all files, examples (removed the readonly from encryption services for table and queue) * [AutoPR storagesync/resource-manager] Microsoft.StorageSync 2019-06-01 API version (#7846) * Generated from a2749eec38ba462433316a22161df798373732f2 Updates API version in new specs and examples * Generated from 565b2bebd47ef8fc6b4eba421fe5cc863d15e062 Update StorageSync 2019-06-01 protocol with cloud tiering and recall status (#7161) * introduce cloud tiering and recall status * fix validation errors * Additional validation fixes * Packaging update of azure-mgmt-storagesync * Packaging update of azure-mgmt-storagesync * history and version Co-authored-by: Zim Kalinowski <[email protected]> * history and version (#9383) * history and version * Packaging update of azure-mgmt-storage Co-authored-by: Azure SDK Bot <[email protected]> * [textanalytics] add azure/__init__.py to manifest.in for nspkg (#9380) * add azure/__init__ to manifest.in for nspkg * edit nspkg setup * revert nspkg changes * Add tracing_attributes to tracing decorator (#9297) * Add tracing_attributes to tracing decorator * Add tests * Fix request_id tests * Add attribute tests for tracing decorator * Blackened * Improve tests * Change tracing_attributes to kwargs * Generated from 5c7e7c408cb77bf5896658ba9556cf9d841d6dae (#9189) fixing build failure for go sdk * corrected container registry + history and version (#9392) * corrected container registry + history and version * Packaging update of azure-mgmt-containerregistry Co-authored-by: Azure SDK Bot <[email protected]> * Update README.md * Restore eventhub dependency tentatively to b6 (#9384) * Generated from 2b995fff1a9984825fad215fcb4e317af1a20bf5 (#9237) Update netapp.json * Generated from 4bc9f1d4e2d95c6b43e61e59740aae7a79241e3d (#9391) add the required property on inputschemamapping * [AutoPR cognitiveservices/data-plane/*] Updating several cognitive services (#3649) * Generated from cf8d4b7ee4befc39b377d86669411e557618edf4 Add cognitiveservices\data-plane\NewsSearch\readme.typescript.md * Packaging update of azure-cognitiveservices-search-newssearch * Packaging update of azure-cognitiveservices-search-newssearch * Packaging update of azure-cognitiveservices-language-spellcheck * regeneared search services * Packaging update of azure-cognitiveservices-search-autosuggest * Packaging update of azure-cognitiveservices-search-videosearch * Packaging update of azure-cognitiveservices-search-websearch * Packaging update of azure-cognitiveservices-search-entitysearch * Packaging update of azure-cognitiveservices-search-customimagesearch * Packaging update of azure-cognitiveservices-search-customsearch * fixed test * updated history and version * removed change made by accident? * spacing * additional test fixes * try to fix test * fix test again * skipping spell test check * import unittest * skipping tests Co-authored-by: Azure Builder <[email protected]> Co-authored-by: Zim Kalinowski <[email protected]> * [Event Hubs] Eventhubs update sample and docs (#9407) * Update release date * Add starting_position to receive samples * Add starting_position to code snippet * Add starting_position to some code snippet * Docstring update * Fix pylint error of docstring * Update docstring, comment from review * Netapp history and version (#9413) * history and version * test * Packaging update of azure-mgmt-netapp * Update HISTORY.rst * Update HISTORY.rst Co-authored-by: Azure SDK Bot <[email protected]> * eventgrid - history and version (#9414) * history and version * Packaging update of azure-mgmt-eventgrid * Update HISTORY.rst * Update HISTORY.rst Co-authored-by: Azure SDK Bot <[email protected]> * [Event Hubs] Update checkpoint store dependency on eventhubs to 5.0.0 for release (#9423) * Small changes on README (#9431) * remove parallel spinner for tox logs. allow eventhub to run in serial (#9428) * Expose methods for closing async credential transport sessions (#9090) * update changelog and release date (#9436) * OpenTelemetry plugin (#7703) * Introducing change_context to replace set_current_span * OpenTelemetry plugin:first pass * Plug OpenTelemetry in azure-core * Restore proper settings and tracing tests in azure-core * Create HttpSpanMixin * Need opentelemetry-sdk for testing * WIP core test * Use stable azure-core * Support Python 3.8 * OT Readme * Do not include YAML * Dependency update * Update dep * Add decorator tests in azure-core * Remove OpenCensus specific tests * Remove useless OpenCensus tests * OT testing * Versionning * Fix Link for OT * Fix setup.py * pylint * Dependency work * pylint * Need Python 3.x at least * Remove diff with master * Remove core changes * Feedback * Clarify tests * Update azure-identity history and version (#9437) * OpenCensus plugin 1.0.0b5 (#9425) * OpenCensus plugin 1.0.0b5 * Update HISTORY.md * update version number to 1.2.0 (#9440) Co-authored-by: Scott Beddall <[email protected]> Co-authored-by: Peter Marcu <[email protected]> Co-authored-by: Adam Ling (MSFT) <[email protected]> Co-authored-by: Krista Pratico <[email protected]> Co-authored-by: Charles Lowell <[email protected]> Co-authored-by: iscai-msft <[email protected]> Co-authored-by: Zim Kalinowski <[email protected]> Co-authored-by: Azure SDK Bot <[email protected]> Co-authored-by: openapi-sdkautomation[bot] <37845953+openapi-sdkautomation[bot]@users.noreply.github.com> Co-authored-by: Laurent Mazuel <[email protected]> Co-authored-by: Wes Haggard <[email protected]> Co-authored-by: Yijun Xie <[email protected]> Co-authored-by: Azure Builder <[email protected]>
* support add_user_agent * add new line * fix test case * updates * update per review feedback * fix type * correct type * update type * Get latest master (#9441) * Index Creation Bugfixes (#9334) * porting updates for azure-mgmt-web namespaces. updating index creation script to include replace relative links. small updates to package json. updating documentation landing page with appropriate link text and location. * updating 404ing reference to cspack tool, resolving 404ing link to powershell cmdlet, removing pymodule index from index, remove links to some standard sphinx constructs that won't stick around anymore, override reference to 404ing roboto-slab font. * Run Tox Test Environments in Parallel (#9034) * take advantage of improvements to tox-monorepo, plumb through tox environments in parallel * update tox.ini to only use `envtmpdir` instead of `distdir` for temp work. * disabling coverage in sdist environment * cogservices textanalytics uses core * changing the whl to use envtmpdir * replacing dev_requirements during CI build. this should mitigate CI failures due to parallelization of install during tox runs * ignoring the .tox directory to stop pytest discovery errors during collection * Update issue templates (#9353) Add issue and feature templates, mirroring the pattern used in Azure JS SDKs. * [EventHubs] Sample, Doc, Test improvement (#9349) * revert back and improve comments * remove livetest mark for tests which are not livetest * update docstring and readme * readme and sample improvement * update migration guide * minor update on history * review update * small fix of samples * [textanalytics] update history.md (#9368) * update history for TA preview release * add note to track1 * formatting * add contributing for readme (#9369) * Remove enter and exit from async context managers (#9313) * Adding testutils to defined packages within azure-common (#9365) * adding testutils to defined packages within azure-common * moving testutils out of azure-common and into azure-sdk-tools * updated version and changelog (#9373) * [textanalytics] Add azure-ai-nspkg to artifacts in ci.yml (#9371) * update ci.yml to include nspkg * newline * add setup.cfg to nspkg * readme tweaks and fix innererror code returned * clean up temp file after run (#9356) * clean up temp file after run * use tempfile * Fix certs readme (#9370) * Improve DefaultAzureCredential docstring and error message (#9376) * Categorize Text Analytics (#9377) * categorize textanalytics * Manually generate iothub (#9378) * multi-api package * history and version * Packaging update of azure-mgmt-iothub * rerecorded tests Co-authored-by: Azure SDK Bot <[email protected]> * Restapi auto databoxedge/resource manager (#9367) * [AutoPR databoxedge/resource-manager] chore: jsonfmt databoxedge (#7361) * Generated from 8b79ae248e5093f824f1c3c0df81a20a3b3cd4de chore: jsonfmt databoxedge * Packaging update of azure-mgmt-databoxedge * [AutoPR databoxedge/resource-manager] Add new version of API with object store, sku selection and arm lite user (#8735) * Generated from b9b42fd9797234b52ae3f05f93711067560d2544 Fixed comments on Sku API * Generated from b502551c6a94008e85be6c3a666f7f3edfc2b67f Removed unused property * Generated from b288943f733062a70176e972eeb92e46c85fa6a1 "Changed operationId for skus API" * databoxedge generated multi-api * history and version * Packaging update of azure-mgmt-databoxedge * added pipeline Co-authored-by: Azure SDK Bot <[email protected]> * [EventHubs] Comment, Test Updates (#9366) * update docstring * await task to prevent potential seg fault * review update * PM review update * review update * review update * minor improvement * minor improvement * Generated from 1998d0a6549d02cceed76351dbbbfc131382fa80 (#9382) Adding all files, examples (removed the readonly from encryption services for table and queue) * [AutoPR storagesync/resource-manager] Microsoft.StorageSync 2019-06-01 API version (#7846) * Generated from a2749eec38ba462433316a22161df798373732f2 Updates API version in new specs and examples * Generated from 565b2bebd47ef8fc6b4eba421fe5cc863d15e062 Update StorageSync 2019-06-01 protocol with cloud tiering and recall status (#7161) * introduce cloud tiering and recall status * fix validation errors * Additional validation fixes * Packaging update of azure-mgmt-storagesync * Packaging update of azure-mgmt-storagesync * history and version Co-authored-by: Zim Kalinowski <[email protected]> * history and version (#9383) * history and version * Packaging update of azure-mgmt-storage Co-authored-by: Azure SDK Bot <[email protected]> * [textanalytics] add azure/__init__.py to manifest.in for nspkg (#9380) * add azure/__init__ to manifest.in for nspkg * edit nspkg setup * revert nspkg changes * Add tracing_attributes to tracing decorator (#9297) * Add tracing_attributes to tracing decorator * Add tests * Fix request_id tests * Add attribute tests for tracing decorator * Blackened * Improve tests * Change tracing_attributes to kwargs * Generated from 5c7e7c408cb77bf5896658ba9556cf9d841d6dae (#9189) fixing build failure for go sdk * corrected container registry + history and version (#9392) * corrected container registry + history and version * Packaging update of azure-mgmt-containerregistry Co-authored-by: Azure SDK Bot <[email protected]> * Update README.md * Restore eventhub dependency tentatively to b6 (#9384) * Generated from 2b995fff1a9984825fad215fcb4e317af1a20bf5 (#9237) Update netapp.json * Generated from 4bc9f1d4e2d95c6b43e61e59740aae7a79241e3d (#9391) add the required property on inputschemamapping * [AutoPR cognitiveservices/data-plane/*] Updating several cognitive services (#3649) * Generated from cf8d4b7ee4befc39b377d86669411e557618edf4 Add cognitiveservices\data-plane\NewsSearch\readme.typescript.md * Packaging update of azure-cognitiveservices-search-newssearch * Packaging update of azure-cognitiveservices-search-newssearch * Packaging update of azure-cognitiveservices-language-spellcheck * regeneared search services * Packaging update of azure-cognitiveservices-search-autosuggest * Packaging update of azure-cognitiveservices-search-videosearch * Packaging update of azure-cognitiveservices-search-websearch * Packaging update of azure-cognitiveservices-search-entitysearch * Packaging update of azure-cognitiveservices-search-customimagesearch * Packaging update of azure-cognitiveservices-search-customsearch * fixed test * updated history and version * removed change made by accident? * spacing * additional test fixes * try to fix test * fix test again * skipping spell test check * import unittest * skipping tests Co-authored-by: Azure Builder <[email protected]> Co-authored-by: Zim Kalinowski <[email protected]> * [Event Hubs] Eventhubs update sample and docs (#9407) * Update release date * Add starting_position to receive samples * Add starting_position to code snippet * Add starting_position to some code snippet * Docstring update * Fix pylint error of docstring * Update docstring, comment from review * Netapp history and version (#9413) * history and version * test * Packaging update of azure-mgmt-netapp * Update HISTORY.rst * Update HISTORY.rst Co-authored-by: Azure SDK Bot <[email protected]> * eventgrid - history and version (#9414) * history and version * Packaging update of azure-mgmt-eventgrid * Update HISTORY.rst * Update HISTORY.rst Co-authored-by: Azure SDK Bot <[email protected]> * [Event Hubs] Update checkpoint store dependency on eventhubs to 5.0.0 for release (#9423) * Small changes on README (#9431) * remove parallel spinner for tox logs. allow eventhub to run in serial (#9428) * Expose methods for closing async credential transport sessions (#9090) * update changelog and release date (#9436) * OpenTelemetry plugin (#7703) * Introducing change_context to replace set_current_span * OpenTelemetry plugin:first pass * Plug OpenTelemetry in azure-core * Restore proper settings and tracing tests in azure-core * Create HttpSpanMixin * Need opentelemetry-sdk for testing * WIP core test * Use stable azure-core * Support Python 3.8 * OT Readme * Do not include YAML * Dependency update * Update dep * Add decorator tests in azure-core * Remove OpenCensus specific tests * Remove useless OpenCensus tests * OT testing * Versionning * Fix Link for OT * Fix setup.py * pylint * Dependency work * pylint * Need Python 3.x at least * Remove diff with master * Remove core changes * Feedback * Clarify tests * Update azure-identity history and version (#9437) * OpenCensus plugin 1.0.0b5 (#9425) * OpenCensus plugin 1.0.0b5 * Update HISTORY.md * update version number to 1.2.0 (#9440) Co-authored-by: Scott Beddall <[email protected]> Co-authored-by: Peter Marcu <[email protected]> Co-authored-by: Adam Ling (MSFT) <[email protected]> Co-authored-by: Krista Pratico <[email protected]> Co-authored-by: Charles Lowell <[email protected]> Co-authored-by: iscai-msft <[email protected]> Co-authored-by: Zim Kalinowski <[email protected]> Co-authored-by: Azure SDK Bot <[email protected]> Co-authored-by: openapi-sdkautomation[bot] <37845953+openapi-sdkautomation[bot]@users.noreply.github.com> Co-authored-by: Laurent Mazuel <[email protected]> Co-authored-by: Wes Haggard <[email protected]> Co-authored-by: Yijun Xie <[email protected]> Co-authored-by: Azure Builder <[email protected]> * add changelog Co-authored-by: Scott Beddall <[email protected]> Co-authored-by: Peter Marcu <[email protected]> Co-authored-by: Adam Ling (MSFT) <[email protected]> Co-authored-by: Krista Pratico <[email protected]> Co-authored-by: Charles Lowell <[email protected]> Co-authored-by: iscai-msft <[email protected]> Co-authored-by: Zim Kalinowski <[email protected]> Co-authored-by: Azure SDK Bot <[email protected]> Co-authored-by: openapi-sdkautomation[bot] <37845953+openapi-sdkautomation[bot]@users.noreply.github.com> Co-authored-by: Laurent Mazuel <[email protected]> Co-authored-by: Wes Haggard <[email protected]> Co-authored-by: Yijun Xie <[email protected]> Co-authored-by: Azure Builder <[email protected]>
Our default async transport (aiohttp) logs an error at program exit when one of its sessions hasn't been closed. Python and asyncio don't provide a good way for a credential to close its own session at exit.
This PR therefore adds the API surface required for users to close sessions themselves: all async credentials define aenter/exit and a close method (closes #8990). It also adds an
AsyncTokenCredential
protocol (closes #8845) with these methods.