User authentication API for applications #10612
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chlowell
added
Client
xiangyan99
reviewed
Apr 3, 2020
| @@ -7,3 +7,7 @@ | |||
|
|
|||
| class CredentialUnavailableError(ClientAuthenticationError): | |||
| """The credential did not attempt to authenticate because required data or state is unavailable.""" | |||
|
|
|||
|
|
|||
| class AuthenticationRequiredError(CredentialUnavailableError): | |||
There was a problem hiding this comment.
Why AuthenticationRequiredError is a subclass of CredentialUnavailableError?
It seems to me AuthenticationRequiredError is a HttpRequestError but CredentialUnavailableError may be not?
There was a problem hiding this comment.
Silent authentication can succeed or fail without sending a request. The question is really about the behavior of chained credentials: if a credential is configured to authenticate silently only, should a chain try its next credential when silent auth fails? I lean toward "yes", hence CredentialUnavailableError. What do you think?
There was a problem hiding this comment.
It can't go under HttpRequestError, because as Charles said there might have been no request made when we determine that authentication is required. As far as if it should fall under CredentialUnavailableError, i.e. allow other credentials in a chain to be attempted, I also lean towards yes. However, as we develop this more we might find we have to tweak this over the course of the preview.
schaabs
reviewed
Apr 3, 2020
schaabs
reviewed
Apr 3, 2020
sdk/identity/azure-identity/azure/identity/_internal/__init__.py
Outdated
Show resolved
Hide resolved
chlowell
force-pushed
the
authenticate
branch
2 times, most recently
from
d782281
to
a2fd26e
Compare
This was referenced Apr 24, 2020
chlowell
commented
Apr 28, 2020
sdk/identity/azure-identity/azure/identity/_internal/msal_credentials.py
Outdated
Show resolved
Hide resolved
xiangyan99
reviewed
Apr 30, 2020
xiangyan99
reviewed
Apr 30, 2020
schaabs
reviewed
May 1, 2020
schaabs
reviewed
May 1, 2020
schaabs
previously approved these changes
May 1, 2020
xiangyan99
reviewed
May 1, 2020
sdk/identity/azure-identity/azure/identity/_internal/msal_credentials.py
Show resolved
Hide resolved
xiangyan99
reviewed
May 1, 2020
sdk/identity/azure-identity/azure/identity/_internal/msal_credentials.py
Show resolved
Hide resolved
xiangyan99
approved these changes
May 1, 2020
xiangyan99
added a commit
that referenced
this pull request
May 1, 2020
* [DataLake][Bug]Upload is not working with umask and permissions (#10845) * Add force generation to SwaggerToSdk (#10933) * [formrecognizer] edits to docstrings (#11003) * edits to docstrings * correct date * updating setup template (#11022) * [formrecognizer] handle unsupervised pages better with service bug (#11017) * handle unsupervised pages better * python 2 oops * Increment package version after release of azure_ai_formrecognizer (#11026) * add regular endpoint in new env variable (#11031) * Update Ubuntu VM Image to 18.04 (#11032) * updating the VM image, need to update the recording as well. * update release * fixing merge error (#11039) * Fixing compute test (#11036) * trigger test * Packaging update of azure-mgmt-compute * fix test * fix * fix duplicated comment Co-authored-by: Azure SDK Bot <[email protected]> * Servicebus - Track2 - Remove timeout from Send (#11002) * With retry options available, send should no longer require its own timeout. Removes the parameter from sync and async clients, adds a note to changelog about the delta. * rename SearchIndexClient -> SearchClient (#10964) * Implementation for Datasources operations (#11012) * Initial Commit * lint + mypy * tests * recordings update * Apply suggestions from code review * typo * remove datasource * lint * rename to get_datasources Co-authored-by: Bryan Van de Ven <[email protected]> * [ServiceBus] Update for readme and sample (#11047) * tweak sample code * update according to comment * add aad sample in readme * Update sdk/servicebus/azure-servicebus/README.md Co-Authored-By: KieranBrantnerMagee <[email protected]> Co-authored-by: KieranBrantnerMagee <[email protected]> * Fix pip link in azure-keyvault-secrets readme (#11056) * fixed alternative document input samples (#11078) * Add sync/async samples to demonstrate consuming from a number of sessions at one time. (#11001) * Add sync/async samples to demonstrate consuming from a number of sessions at one time. * Add informational message to session pool samples regarding the exit condition and how it manifests. * [ServiceBus] Settle non-deferred message through receiver link (#10800) * settle non-deferred message through receiver link except dead_letter * revert dead-letter back to t1 as well * improve settlement and put is_deferred_letter into kwargs * add test * update according to comment * fix a bug in dead_letter through receiver_link * Search README issues (#11082) * fix for azure.search.documents change * indentation, naming * SearchIndexClient -> SearchClient * Update README.md (#11084) * [ServiceBus] Remove exception from __init__.py (#11080) * remove exception from __init__.py * update changelog, fix some docstring and sample error * Pin astroid to 2.3.3 to fix pylint failure (#11088) * Lint error in cosmos (#11092) * Fix TYPING cycles if TYPE_CHECKING manually forced (#10799) * Improve mypy typing for azure core (#10653) * first commit * more changes * few changes * lint * comments * more changes * fix test * lint * mypy * comments * changes * async polling method * async * Accept authority option with or without scheme (#11050) * Split Search Service Client (#11090) * split datasources client * split skillsets client * split synonym maps client * split indexes client * cleanup * [text analytics] Add how to get json response to sample (#11102) * ARM default whitelist headers (#10940) * ARM default whitelist headers * ChangeLog * Typo * Syntax error * Update sdk/core/azure-mgmt-core/CHANGELOG.md Co-Authored-By: Jiashuo Li <[email protected]> * More headers Co-authored-by: Jiashuo Li <[email protected]> * update version (#11106) * Return pageable for Search list_indexes (#11125) * Adjust README with comments from the per-release doc review. (#11110) * Adjust README with comments from the per-release doc review. * Make additional breadcrumb to samples higher in the page, duplication is OKd (and even recommended) in this case. * Removed spurious FIFO reference. * Added a note about preview vs. existing docs, with breadcrumb to existing libs. * Make 0.50 doc links more specific. * [Event Hubs] add enqueueTime to Process span links (#10932) * remove formatter in samples/readme.md to prevent preview samples being published (#10884) * [DataLake]Update ChangeLog (#11133) * Add capability to send multiple events in one Send() call. (#11093) * Add the ability for send to take a list of messages, failing if they don't fit in a single batch to maintain idempotency. * Adds tests for multisend. * Puts details of multisend into the changelog. * Adjust docstring type definition for send() async. * Make test more targeted (256KB) for too-large validation. * Create batch helper to create from list. * Adjust docstrings to point to proper exception location instead of under common. * Fix failing unit test expecting the old send error type. * Remove test segments that will likely never be readded (queue message) and make docstring type inputs for send() more precise. * Set time out to 90 mins for regression test (#11105) * Autorest check to run tests in autorestv3 branch for core (#11131) * Autorest CI changes to use autorestv3 * Add DeleteAfter tag to Search test resource groups (#11136) * add DeleteAfter tag to RG * update recordings * Increment version for storage releases (#11138) * Increment package version after release of azure_storage_blob * Increment package version after release of azure_storage_file_datalake * [Event Hubs] `EventHubProducerClient.send_batch` accepts a list of EventData (#11079) * add ServiceDirectory to usage of remove-test-resources.yml (#11117) * resume subscriptions test (#11111) * resume subscriptions test * recording subscriptions * Adding test for signalr (#11146) * generated signalr test * generated recording * Packaging update of azure-mgmt-signalr Co-authored-by: Azure SDK Bot <[email protected]> * update live tests yml + add form (#11139) * [Service Bus] Exception Handling review (#11060) * [form recognizer] add repr (#11150) * [ServiceBus] Support for scheduling and cancellation (#11095) * make schedule a property on the message * make send api public * schedule and cancellation * remove iterable type hint and docstring * update implementation * update comment * update docs * Update sdk/servicebus/azure-servicebus/CHANGELOG.md Co-authored-by: KieranBrantnerMagee <[email protected]> Co-authored-by: KieranBrantnerMagee <[email protected]> * identity_vscode_credential (#10840) * identity_win_vscode_credential Co-authored-by: Charles Lowell <[email protected]> * Sync eng/common directory with azure-sdk-tools repository (#11007) * ChangeLog generics for autorest v5 (#10885) * ChangeLog generics for autorest v5 * Update changelog_generics.md * [Event Hubs] Add params in stress test command line for receive batch and send list (#11161) * Storageache cjf (#11122) * Update from master * release azure-mgmt-storagecache * Update CHANGELOG.md * Packaging update of azure-mgmt-storagecache Co-authored-by: SDK Automation <[email protected]> Co-authored-by: Your Name <[email protected]> Co-authored-by: Azure SDK Bot <[email protected]> * added AzureKeyCredential link to readme (#11089) * Fix core auth (#11177) * [Azure-Core]Auth Header missing when token credential is not expired * Fix mypy * Test we put the header even if we didn't tech a new token Co-authored-by: xiafu <[email protected]> * [formrecognizer] increase test coverage (#11096) * working on more tests * add multipage tests for custom form and training * adding multipage tests * fix * add tests for bad input into custom analyze * remove test dependency on storage * update tests.yml * fix for custom analyze url unlabeled tests * update changelog * review feedback * pushing a commit to reset CI * Release edits for Search (#11178) * fix README typo * Getting started section order * add first search request subsection * update CHANGELOG * update readme with note about service version support (#11180) * [Event Hubs] Fix a bug that sets owner level 0 (#11172) * [ServiceBus] Docstring and Changelog adjustment (#11166) * Identity use pbyte (#11173) * identity_vscode_cred_format * EnvironmentCredential correctly initializes UsernamePasswordCredential (#11127) * User authentication API for applications (#10612) * [Event Hubs] Version/Docs adjustment for 5.1.0 (#11179) * [form recognizer] Add some stuff that .net has to our samples (#11187) * re-enable schedule tests in session (#11184) * add helpers for search fields (#11164) * add helpers for search fields * pylint * fix annotation * Define match conditions for CreateOrUpdate and Delete operations (#11116) * sync * async * lint * Update sdk/search/azure-search-documents/azure/search/documents/_service/_datasources_client.py * tests fix * use match conditiond * error map * fix test * lint * comments * test_utils * Update sdk/search/azure-search-documents/azure/search/documents/_service/_utils.py * Update sdk/search/azure-search-documents/azure/search/documents/_service/_utils.py Co-authored-by: Johan Stenberg (MSFT) <[email protected]> * Update sdk/search/azure-search-documents/azure/search/documents/_service/_utils.py * Revert "Update sdk/search/azure-search-documents/azure/search/documents/_service/_utils.py" This reverts commit b0ca117. * fix * more changes Co-authored-by: Johan Stenberg (MSFT) <[email protected]> Co-authored-by: Xiaoxi Fu <[email protected]> Co-authored-by: Laurent Mazuel <[email protected]> Co-authored-by: Krista Pratico <[email protected]> Co-authored-by: Zim Kalinowski <[email protected]> Co-authored-by: Azure SDK Bot <[email protected]> Co-authored-by: iscai-msft <[email protected]> Co-authored-by: Scott Beddall <[email protected]> Co-authored-by: Azure SDK Bot <[email protected]> Co-authored-by: KieranBrantnerMagee <[email protected]> Co-authored-by: Bryan Van de Ven <[email protected]> Co-authored-by: Rakshith Bhyravabhotla <[email protected]> Co-authored-by: Adam Ling (MSFT) <[email protected]> Co-authored-by: Charles Lowell <[email protected]> Co-authored-by: praveenkuttappan <[email protected]> Co-authored-by: Rakshith Bhyravabhotla <[email protected]> Co-authored-by: Jiashuo Li <[email protected]> Co-authored-by: Yijun Xie <[email protected]> Co-authored-by: Daniel Jurek <[email protected]> Co-authored-by: changlong-liu <[email protected]> Co-authored-by: 陈箭飞 <[email protected]> Co-authored-by: SDK Automation <[email protected]> Co-authored-by: Your Name <[email protected]> Co-authored-by: xiafu <[email protected]> Co-authored-by: Johan Stenberg (MSFT) <[email protected]>
openapi-sdkautomation bot
pushed a commit
to AzureSDKAutomation/azure-sdk-for-python
that referenced
this pull request
Dec 4, 2020
Add missing properties in appplatform preview API (Azure#10612) * add missing properties to 2019-05-01-preview * update examples
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The new API in this PR is intended for applications using credentials which require user interaction to authenticate (
DeviceCodeCredentialandInteractiveBrowserCredential).Here's what it does and how:
authenticatemethod begins interactive authentication. Applications can call it at their convenience.authenticateaccepts optional scopes, allowing an application which knows the scopes it needs to cache an access token for them before sending service requestsdisable_automatic_authenticationconfiguresget_tokento raiseAuthenticationRequiredErrorrather than immediately begin interactive authentication whenever it's necessaryDeviceCodeCredentialandInteractiveBrowserCredentialuse a persistent cache on supported platforms (today, Windows). Constructor argumentdisable_persistent_cacheallows opting out, configuring a credential to cache in memory only.authenticatereturns a serializableAuthenticationRecordAuthenticationRecord, enabling that credential to use data cached during prior executionsUsage
Prompt a user to authenticate, store the record
Initialize a credential with a record
Prevent automatic authentication prompts
Applications decide how to respond when user interaction is required. This example demonstrates the simplest case, authenticating immediately and retrying a request, to show the API:
Closes #11128, closes #11043, closes #10278, closes #9744