Skip to content

Commit

Permalink
Reset changes to the patch version.
Browse files Browse the repository at this point in the history
  • Loading branch information
@billwert
billwert committed Mar 1, 2024
1 parent 693c368 commit 5ee6431
Show file tree
Hide file tree
Showing 36 changed files with 239 additions and 983 deletions.
16 changes: 0 additions & 16 deletions sdk/identity/azure-identity/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,5 @@
# Release History

## 1.12.0-beta.2 (Unreleased)

### Features Added

### Breaking Changes

### Bugs Fixed

### Other Changes

## 1.12.0-beta.1 (2024-02-12)

### Features Added
- Added expires_on parsing support to `AzureCliCredential`.([#38406](https://github.com/Azure/azure-sdk-for-java/pull/38406))
- Added caching support for working credential in `DefaultAzureCredential`. ([#38404](https://github.com/Azure/azure-sdk-for-java/pull/38404))

## 1.11.2 (2024-02-05)

### Bugs Fixed
Expand Down
6 changes: 0 additions & 6 deletions sdk/identity/azure-identity/assets.json
View file

This file was deleted.

19 changes: 7 additions & 12 deletions sdk/identity/azure-identity/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

<groupId>com.azure</groupId>
<artifactId>azure-identity</artifactId>
<version>1.12.0-beta.2</version><!-- {x-version-update;com.azure:azure-identity;current} -->
<version>1.11.2</version><!-- {x-version-update;com.azure:azure-identity;current} -->

<name>Microsoft Azure client library for Identity</name>
<description>This module contains client library for Microsoft Azure Identity.</description>
Expand All @@ -33,17 +33,12 @@
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-core</artifactId>
<version>1.47.0</version> <!-- {x-version-update;com.azure:azure-core;dependency} -->
<version>1.46.0</version> <!-- {x-version-update;com.azure:azure-core;dependency} -->
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-core-http-netty</artifactId>
<version>1.14.1</version> <!-- {x-version-update;com.azure:azure-core-http-netty;dependency} -->
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-json</artifactId>
<version>1.1.0</version> <!-- {x-version-update;com.azure:azure-json;dependency} -->
<version>1.14.0</version> <!-- {x-version-update;com.azure:azure-core-http-netty;dependency} -->
</dependency>
<dependency>
<groupId>com.microsoft.azure</groupId>
Expand All @@ -58,7 +53,7 @@
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-core-test</artifactId>
<version>1.24.0</version> <!-- {x-version-update;com.azure:azure-core-test;dependency} -->
<version>1.23.0</version> <!-- {x-version-update;com.azure:azure-core-test;dependency} -->
<scope>test</scope>
</dependency>
<dependency>
Expand Down Expand Up @@ -100,19 +95,19 @@
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<version>5.1.0</version> <!-- {x-version-update;redis.clients:jedis;external_dependency} -->
<version>4.3.1</version> <!-- {x-version-update;redis.clients:jedis;external_dependency} -->
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.lettuce</groupId>
<artifactId>lettuce-core</artifactId>
<version>6.3.1.RELEASE</version> <!-- {x-version-update;io.lettuce:lettuce-core;external_dependency} -->
<version>6.2.0.RELEASE</version> <!-- {x-version-update;io.lettuce:lettuce-core;external_dependency} -->
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.redisson</groupId>
<artifactId>redisson</artifactId>
<version>3.27.0</version> <!-- {x-version-update;org.redisson:redisson;external_dependency} -->
<version>3.17.0</version> <!-- {x-version-update;org.redisson:redisson;external_dependency} -->
<scope>test</scope>
</dependency>
<dependency>
Expand Down
131 changes: 42 additions & 89 deletions sdk/identity/azure-identity/src/main/java/com/azure/identity/ChainedTokenCredential.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,6 @@
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Function;
import java.util.stream.Collectors;

/**
Expand Down Expand Up @@ -58,15 +56,13 @@ public class ChainedTokenCredential implements TokenCredential {
private static final ClientLogger LOGGER = new ClientLogger(ChainedTokenCredential.class);
private final List<TokenCredential> credentials;
private final String unavailableError = this.getClass().getSimpleName() + " authentication failed. ---> ";
private final AtomicReference<TokenCredential> selectedCredential;

/**
* Create an instance of chained token credential that aggregates a list of token
* credentials.
*/
ChainedTokenCredential(List<TokenCredential> credentials) {
this.credentials = Collections.unmodifiableList(credentials);
selectedCredential = new AtomicReference<>();
}

/**
Expand All @@ -83,76 +79,58 @@ public class ChainedTokenCredential implements TokenCredential {
@Override
public Mono<AccessToken> getToken(TokenRequestContext request) {
List<CredentialUnavailableException> exceptions = new ArrayList<>(4);
Mono<AccessToken> accessTokenMono;
if (selectedCredential.get() != null) {
accessTokenMono = Mono.defer(() -> selectedCredential.get().getToken(request)
.doOnNext(t -> logTokenMessage("Azure Identity => Returning token from cached credential {}",
selectedCredential.get()))
.onErrorResume(Exception.class, handleExceptionAsync(exceptions,
selectedCredential.get(), "Azure Identity => Cached credential {} is unavailable.")));
} else {
accessTokenMono = Flux.fromIterable(credentials)
.flatMap(p -> p.getToken(request)
.doOnNext(t -> {
logTokenMessage("Azure Identity => Attempted credential {} returns a token", p);
selectedCredential.set(p);
}).onErrorResume(Exception.class, handleExceptionAsync(exceptions, p,
"Azure Identity => Attempted credential {} is unavailable.")), 1)
.next();
}
return accessTokenMono.switchIfEmpty(Mono.defer(() -> {
// Chain Exceptions.
CredentialUnavailableException last = exceptions.get(exceptions.size() - 1);
for (int z = exceptions.size() - 2; z >= 0; z--) {
CredentialUnavailableException current = exceptions.get(z);
last = new CredentialUnavailableException(current.getMessage() + "\r\n" + last.getMessage()
+ (z == 0 ? "To mitigate this issue, please refer to the troubleshooting guidelines here at "
+ "https://aka.ms/azure-identity-java-default-azure-credential-troubleshoot" : ""));
}
return Mono.error(last);
}));
}

private Function<Exception, Mono<? extends AccessToken>> handleExceptionAsync(List<CredentialUnavailableException> exceptions,
TokenCredential p, String logMessage) {
return t -> {
if (!t.getClass().getSimpleName().equals("CredentialUnavailableException")) {
return Mono.error(new ClientAuthenticationException(
getCredUnavailableMessage(p, t),
null, t));
}
exceptions.add((CredentialUnavailableException) t);
logTokenMessage(logMessage, p);
return Mono.empty();
};
return Flux.fromIterable(credentials)
.flatMap(p -> p.getToken(request)
.doOnNext(t -> LOGGER.info("Azure Identity => Attempted credential {} returns a token",
p.getClass().getSimpleName()))
.onErrorResume(Exception.class, t -> {
if (!t.getClass().getSimpleName().equals("CredentialUnavailableException")) {
return Mono.error(new ClientAuthenticationException(
unavailableError + p.getClass().getSimpleName()
+ " authentication failed. Error Details: " + t.getMessage(),
null, t));
}
exceptions.add((CredentialUnavailableException) t);
LOGGER.info("Azure Identity => Attempted credential {} is unavailable.",
p.getClass().getSimpleName());
return Mono.empty();
}), 1)
.next()
.switchIfEmpty(Mono.defer(() -> {
// Chain Exceptions.
CredentialUnavailableException last = exceptions.get(exceptions.size() - 1);
for (int z = exceptions.size() - 2; z >= 0; z--) {
CredentialUnavailableException current = exceptions.get(z);
last = new CredentialUnavailableException(current.getMessage() + "\r\n" + last.getMessage()
+ (z == 0 ? "To mitigate this issue, please refer to the troubleshooting guidelines here at "
+ "https://aka.ms/azure-identity-java-default-azure-credential-troubleshoot"
: ""));
}
return Mono.error(last);
}));
}


@Override
public AccessToken getTokenSync(TokenRequestContext request) {
List<CredentialUnavailableException> exceptions = new ArrayList<>(4);

if (selectedCredential.get() != null) {
for (TokenCredential credential : credentials) {
try {
AccessToken accessToken = selectedCredential.get().getTokenSync(request);
logTokenMessage("Azure Identity => Returning token from cached credential {}", selectedCredential.get());
return accessToken;
return credential.getTokenSync(request);
} catch (Exception e) {
handleExceptionSync(e, selectedCredential.get(), exceptions,
"Azure Identity => Cached credential {} is unavailable.", selectedCredential.get());
}
} else {
for (TokenCredential credential : credentials) {
try {
AccessToken accessToken = credential.getTokenSync(request);
logTokenMessage("Azure Identity => Attempted credential {} returns a token", credential);
selectedCredential.set(credential);
return accessToken;

} catch (Exception e) {
handleExceptionSync(e, credential, exceptions,
"Azure Identity => Attempted credential {} is unavailable.", credential);
if (e.getClass() != CredentialUnavailableException.class) {
throw new ClientAuthenticationException(
unavailableError + credential.getClass().getSimpleName()
+ " authentication failed. Error Details: " + e.getMessage(),
null, e);
} else {
if (e instanceof CredentialUnavailableException) {
exceptions.add((CredentialUnavailableException) e);
}
}
LOGGER.info("Azure Identity => Attempted credential {} is unavailable.",
credential.getClass().getSimpleName());
}
}

Expand All @@ -167,31 +145,6 @@ public AccessToken getTokenSync(TokenRequestContext request) {
throw last;
}

private void logTokenMessage(String format, TokenCredential selectedCredential) {
LOGGER.info(format,
selectedCredential.getClass().getSimpleName());
}

private String getCredUnavailableMessage(TokenCredential p, Exception t) {
return unavailableError + p.getClass().getSimpleName()
+ " authentication failed. Error Details: " + t.getMessage();
}

private void handleExceptionSync(Exception e, TokenCredential selectedCredential,
List<CredentialUnavailableException> exceptions, String logMessage,
TokenCredential selectedCredential1) {
if (e.getClass() != CredentialUnavailableException.class) {
throw new ClientAuthenticationException(
getCredUnavailableMessage(selectedCredential, e),
null, e);
} else {
if (e instanceof CredentialUnavailableException) {
exceptions.add((CredentialUnavailableException) e);
}
}
logTokenMessage(logMessage, selectedCredential1);
}

WorkloadIdentityCredential getWorkloadIdentityCredentialIfPresent() {
List<TokenCredential> tokenCredentials = this.credentials
.stream().filter(tokenCredential -> tokenCredential instanceof WorkloadIdentityCredential)
Expand Down
98 changes: 48 additions & 50 deletions ...entity/azure-identity/src/main/java/com/azure/identity/implementation/IdentityClient.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -349,6 +349,7 @@ public Mono<AccessToken> authenticateWithAzureCli(TokenRequestContext request) {
? LoggingUtil.logCredentialUnavailableException(LOGGER, options, (CredentialUnavailableException) e)
: LOGGER.logExceptionAsError(e));
}

}

/**
Expand Down Expand Up @@ -610,42 +611,48 @@ public Mono<MsalToken> authenticateWithUsernamePassword(TokenRequestContext requ
@SuppressWarnings("deprecation")
public Mono<MsalToken> authenticateWithPublicClientCache(TokenRequestContext request, IAccount account) {
return getPublicClientInstance(request).getValue()
.flatMap(pc -> Mono.fromFuture(() ->
acquireTokenFromPublicClientSilently(request, pc, account, false)
).map(MsalToken::new)
.flatMap(pc -> Mono.fromFuture(() -> {
SilentParameters.SilentParametersBuilder parametersBuilder = SilentParameters.builder(
new HashSet<>(request.getScopes()));

if (request.isCaeEnabled() && request.getClaims() != null) {
ClaimsRequest customClaimRequest = CustomClaimRequest.formatAsClaimsRequest(request.getClaims());
parametersBuilder.claims(customClaimRequest);
parametersBuilder.forceRefresh(true);
}
if (account != null) {
parametersBuilder = parametersBuilder.account(account);
}
parametersBuilder.tenant(
IdentityUtil.resolveTenantId(tenantId, request, options));
try {
return pc.acquireTokenSilently(parametersBuilder.build());
} catch (MalformedURLException e) {
return getFailedCompletableFuture(LOGGER.logExceptionAsError(new RuntimeException(e)));
}
}).map(MsalToken::new)
.filter(t -> OffsetDateTime.now().isBefore(t.getExpiresAt().minus(REFRESH_OFFSET)))
.switchIfEmpty(Mono.fromFuture(() ->
acquireTokenFromPublicClientSilently(request, pc, account, true)
).map(MsalToken::new))
);
}
.switchIfEmpty(Mono.fromFuture(() -> {
SilentParameters.SilentParametersBuilder forceParametersBuilder = SilentParameters.builder(
new HashSet<>(request.getScopes())).forceRefresh(true);

private CompletableFuture<IAuthenticationResult> acquireTokenFromPublicClientSilently(TokenRequestContext request,
PublicClientApplication pc,
IAccount account,
boolean forceRefresh
) {
SilentParameters.SilentParametersBuilder parametersBuilder = SilentParameters.builder(
new HashSet<>(request.getScopes()));
if (request.getClaims() != null) {
ClaimsRequest customClaimRequest = CustomClaimRequest
.formatAsClaimsRequest(request.getClaims());
forceParametersBuilder.claims(customClaimRequest);
}

if (forceRefresh) {
parametersBuilder.forceRefresh(true);
}
if (request.isCaeEnabled() && request.getClaims() != null) {
ClaimsRequest customClaimRequest = CustomClaimRequest.formatAsClaimsRequest(request.getClaims());
parametersBuilder.claims(customClaimRequest);
parametersBuilder.forceRefresh(true);
}
if (account != null) {
parametersBuilder = parametersBuilder.account(account);
}
parametersBuilder.tenant(
IdentityUtil.resolveTenantId(tenantId, request, options));
try {
return pc.acquireTokenSilently(parametersBuilder.build());
} catch (MalformedURLException e) {
return getFailedCompletableFuture(LOGGER.logExceptionAsError(new RuntimeException(e)));
}
if (account != null) {
forceParametersBuilder = forceParametersBuilder.account(account);
}
forceParametersBuilder.tenant(
IdentityUtil.resolveTenantId(tenantId, request, options));
try {
return pc.acquireTokenSilently(forceParametersBuilder.build());
} catch (MalformedURLException e) {
return getFailedCompletableFuture(LOGGER.logExceptionAsError(new RuntimeException(e)));
}
}).map(MsalToken::new)));
}

private SynchronizedAccessor<PublicClientApplication> getPublicClientInstance(TokenRequestContext request) {
Expand Down Expand Up @@ -822,25 +829,16 @@ public Mono<MsalToken> authenticateWithBrowserInteraction(TokenRequestContext re
} catch (URISyntaxException e) {
return Mono.error(LOGGER.logExceptionAsError(new RuntimeException(e)));
}
InteractiveRequestParameters.InteractiveRequestParametersBuilder builder =
buildInteractiveRequestParameters(request, loginHint, redirectUri);

if (options.isBrokerEnabled() && options.useOperatingSystemAccount()) {
return getPublicClientInstance(request).getValue().flatMap(pc ->
Mono.fromFuture(() ->
acquireTokenFromPublicClientSilently(request, pc, null, false)).
map(MsalToken::new));
} else {

InteractiveRequestParameters.InteractiveRequestParametersBuilder builder =
buildInteractiveRequestParameters(request, loginHint, redirectUri);

SynchronizedAccessor<PublicClientApplication> publicClient = getPublicClientInstance(request);
SynchronizedAccessor<PublicClientApplication> publicClient = getPublicClientInstance(request);

Mono<IAuthenticationResult> acquireToken = publicClient.getValue()
.flatMap(pc -> Mono.fromFuture(() -> pc.acquireToken(builder.build())));
Mono<IAuthenticationResult> acquireToken = publicClient.getValue()
.flatMap(pc -> Mono.fromFuture(() -> pc.acquireToken(builder.build())));

return acquireToken.onErrorMap(t -> new ClientAuthenticationException(
"Failed to acquire token with Interactive Browser Authentication.", null, t)).map(MsalToken::new);
}
return acquireToken.onErrorMap(t -> new ClientAuthenticationException(
"Failed to acquire token with Interactive Browser Authentication.", null, t)).map(MsalToken::new);
}

/**
Expand Down Expand Up @@ -948,7 +946,7 @@ private Mono<AccessToken> authenticateToArcManagedIdentityEndpoint(String identi
String secretKeyPath = realm.substring(separatorIndex + 1);
secretKey = new String(Files.readAllBytes(Paths.get(secretKeyPath)), StandardCharsets.UTF_8);


if (connection != null) {
connection.disconnect();
}
Expand Down
Loading

0 comments on commit 5ee6431

Please sign in to comment.