-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add AAD support for EG #19421
Add AAD support for EG #19421
Conversation
/azp run python - eventgrid - tests |
Azure Pipelines successfully started running 1 pipeline(s). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
small nit, but o/w lgtm
from .. import _constants as constants | ||
from .._signature_credential_policy import EventGridSasCredentialPolicy | ||
|
||
def _get_authentication_policy_async(credential): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: I think we could avoid duplicating the _get_authentication_policy
method for async by adding a policy type argument in the sync helper.
def _get_authentication_policy(credential, bearer_token_policy=BearerTokenCredentialPolicy):
if hasattr(credential, "get_token"):
return bearer_token_policy(
credential,
constants.DEFAULT_EVENTGRID_SCOPE
)
then in the async, we do
_get_authentication_policy(credential, AsyncBearerTokenCredentialPolicy)
def _get_authentication_policy_async(credential): | ||
if credential is None: | ||
raise ValueError("Parameter 'self._credential' must not be None.") | ||
if hasattr(credential, "get_token"): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dumb question: what error would be raised if a user passed a sync AD credential into the async client?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It'll be a type error
/azp run python - eventgrid - tests |
Azure Pipelines successfully started running 1 pipeline(s). |
/azp run python - eventgrid - tests |
Azure Pipelines successfully started running 1 pipeline(s). |
/azp run python - eventgrid - tests |
Azure Pipelines successfully started running 1 pipeline(s). |
/azp run python - eventgrid - tests |
Azure Pipelines successfully started running 1 pipeline(s). |
@@ -38,6 +38,34 @@ az eventgrid domain --create --location <location> --resource-group <resource-gr | |||
In order to interact with the Event Grid service, you will need to create an instance of a client. | |||
An **endpoint** and **credential** are necessary to instantiate the client object. | |||
|
|||
#### Using Azure Active Directory (AAD) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice, this reminds me I need to add this for .NET 😄
|
||
To send events to a topic or domain with a `TokenCredential`, the authenticated identity should have the "EventGrid Data Sender" role assigned. | ||
|
||
With the `azure-identity` package, you can seamlessly authorize requests in both development and production environments. To learn more about Azure Active Directory, see the [`azure-identity` README](https://github.com/Azure/azure-sdk-for-python/blob/master/sdk/identity/azure-identity/README.md). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We shouldn't link to the old master
branch.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good catch - updated
_is_cloud_event, | ||
_is_eventgrid_event, | ||
_eventgrid_data_typecheck, | ||
_build_request, | ||
_cloud_event_to_generated, | ||
_get_authentication_policy |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nitpick: missing trailing comma - did you run this through black?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nope - i did not - can do that
EDIT: done
@@ -73,7 +78,7 @@ class EventGridPublisherClient: | |||
def __init__( | |||
self, | |||
endpoint: str, | |||
credential: Union[AzureKeyCredential, AzureSasCredential], | |||
credential: Union["AsyncTokenCredential", AzureKeyCredential, AzureSasCredential], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That seems inconsistent, if not used those types should be in the TYPE_CHECKING
as well, but I see now reason why some type would be string and some would be types
|
||
class AsyncEventGridTest(EventGridTest): | ||
|
||
def generate_oauth_token(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You shouldn't need that, there is everything you need in devtools to care care of that for free
def get_oauth_endpoint(self): | ||
return os.getenv("EG_TOPIC_HOSTNAME") | ||
|
||
def generate_oauth_token(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same, you don't need that
client = EventGridPublisherClient("eventgrid_endpoint", bad_credential) | ||
|
||
@pytest.mark.live_test_only |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why live only?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
little tricky to generate recording given we use resource group preparers and envvars for secrets
/azp run python - eventgrid - tests |
Azure Pipelines successfully started running 1 pipeline(s). |
Review request for Microsoft.ContainerService to add version 2022-06-01 (Azure#19848) * Adds base for updating Microsoft.ContainerService from version stable/2022-04-01 to version 2022-06-01 * Updates readme * Updates API version in new specs and examples * update readmes (Azure#19421) * Add key management service profile of a managed cluster for version 2022-06-01 (Azure#19529) * Add NetworkPlugin none option to 2022-06-01 (Azure#19510) * Add NetworkPlugin none option to 2022-06-01 * improve description for none value * Fix violated rule R4041 for 2022-06-01 managedCluster swagger (Azure#19581) * remove useless directive * fix R4041 * GA AKS support for Dedicated Host Group (Azure#19547) * GA AKS support for Dedicated Host Group * fit some format minor issue * add newline in end of files * Defender updates (Azure#19665) * Defender updates * sample * remove old description Co-authored-by: Bin Xia <binxi@microsoft.com> Co-authored-by: Matt Stam <mattstam@live.com> Co-authored-by: Jianping Zeng <zjpjack@users.noreply.github.com> Co-authored-by: Or Parnes <orparnes@microsoft.com>
Compute update folder structure (Azure#19723) * update folder structure * small errors and CI check * [Language Text] Update swagger titles (Azure#19835) * [Language Text] Update swagger titles * edits * address feedback * Review request for Microsoft.ContainerService to add version 2022-06-01 (Azure#19848) * Adds base for updating Microsoft.ContainerService from version stable/2022-04-01 to version 2022-06-01 * Updates readme * Updates API version in new specs and examples * update readmes (Azure#19421) * Add key management service profile of a managed cluster for version 2022-06-01 (Azure#19529) * Add NetworkPlugin none option to 2022-06-01 (Azure#19510) * Add NetworkPlugin none option to 2022-06-01 * improve description for none value * Fix violated rule R4041 for 2022-06-01 managedCluster swagger (Azure#19581) * remove useless directive * fix R4041 * GA AKS support for Dedicated Host Group (Azure#19547) * GA AKS support for Dedicated Host Group * fit some format minor issue * add newline in end of files * Defender updates (Azure#19665) * Defender updates * sample * remove old description Co-authored-by: Bin Xia <binxi@microsoft.com> Co-authored-by: Matt Stam <mattstam@live.com> Co-authored-by: Jianping Zeng <zjpjack@users.noreply.github.com> Co-authored-by: Or Parnes <orparnes@microsoft.com> * Update resources.json (Azure#19861) * Pattts/predictive autoscale 20221001 (Azure#19765) * Rev Autoscale API from 2021-05-01-preview to 2022-10-01. * Fix minor swagger issue. Default should be 'false' * Fix swagger validation error * Defining a new package 2022-10 * AutoscaleSettingResource now reference allOf 'resource' which is the actual autoscaleSetting resource definition * Fix require property issue * Run prettier against autoscale_API.json * [Maps - Render & Spatial Services] add v2022-08-01 (Azure#19520) * copy old swagger to new folders * set api version to 2022-08-01 * apply api changes Co-authored-by: Gigi Grajo <gigigrajo@microsoft.com> * update appconfiguration (Azure#19330) * update appconfiguration * Update readme.python.md * Update readme.python.md * Update readme.python.md * Update readme.python.md * Update readme.python.md * Update readme.python.md * Update readme.python.md * [Hub Generated] Publish private branch 'main' (Azure#19852) * Add StorageMover specification for PubliC Preview * SpellCheck fix * Update custom-words * Update specification/storagemover/resource-manager/readme.md Co-authored-by: Abhishek Krishna <abkrish@microsoft.com> Co-authored-by: Dapeng Zhang <dapzhang@microsoft.com> * Merging Dynatrace swagger in stable folder (Azure#19862) * Committing base swagger version * Removing preview tag from stable folder api version * Changing version name in all the files * Updating readme.go and readme.md files * [CDN] Fix customDomains property type in Endpoint (Azure#19788) * [CDN] Fix customDomains property type in Endpoint * Fix linter error Co-authored-by: Bo Zhang <bzhan@microsoft.com> * Adding Microsoft.Sql AdvancedThreatProtectionSettings APIs for MI on v5 tag for 2022-02-01-preview (Azure#19866) * update folders * [Hub Generated] Review request for Microsoft.KeyVault to add version stable/7.3 (Azure#19844) * Update description of exportable attribute and release_policy.data * Remove submodule azure-reset-api-specs * Fix description for exportable Co-authored-by: Sunny Solanki <Sunny.Solanki@microsoft.com> * Add latest StorageMover updates (Azure#19876) * Add StorageMover specification for PubliC Preview * SpellCheck fix * Update custom-words * Update specification/storagemover/resource-manager/readme.md * Add latest StorageMover updates Co-authored-by: Abhishek Krishna <abkrish@microsoft.com> Co-authored-by: Dapeng Zhang <dapzhang@microsoft.com> * Update readme.python.md (Azure#19899) * Update readme.python.md * Update readme.md * Moving files from azure-rest-spec-pr to azure-rest-spec repo after api review (Azure#19878) * Moving files from azure-rest-spec-pr to azure-rest-spec repo after api review * Add known words * Removed static IP allocation only from examples (Azure#19858) * Removed static IP allocation * Removed static only from examples Co-authored-by: Arpit Gagneja <argagnej@microsoft.com> * Update securityinsights readme.python (Azure#19903) * update securityinsights readme.python * Update readme.python.md Co-authored-by: Zhenbiao Wei (WICRESOFT NORTH AMERICA LTD) <v-zhenbwei@microsoft.com> * fix lint errors in Synapse trigger.json (Azure#19660) * put json files into RP folders * update readme * Add CONTRIBUTING.md (Azure#19257) * Add CONTRIBUTING.md * Apply suggestions from PR review Co-authored-by: Heath Stewart <heaths@outlook.com> * Apply suggestions from PR review Co-authored-by: Weidong Xu <weidxu@microsoft.com> * Regen toc for CONTRIBUTING.md * Address PR review comments * Address PR review comments Co-authored-by: Heath Stewart <heaths@outlook.com> Co-authored-by: Weidong Xu <weidxu@microsoft.com> * fix devcenter readme.go.md config (Azure#19906) * fix readme.go.md config * rename to SkuInfo * add annotation for labservices (Azure#19884) * add to description of OS state (Azure#19764) * [Hub Generated] Review request for Microsoft.KeyVault to add version preview/2021-06-01-preview (Azure#19767) * Updated the managed hsm resource manager spec to include two additional properties for private endpoint connection item * Update managed hsm private endpoint connection item in mhsm spec for latest api version * Address LRO_RESPONSE_HEADER violation for managed hsm Long running operations that are annotated with x-ms-long-running-operation:true must return location header or azure-AsyncOperation in response. Added the missing location header for managed hsm update command as well as to the corresponding examples. * [Microsoft.DeviceUpdate] Adding first stable API version (Azure#19846) * Copied the most recent preview version into the first stable version * Updated api version in new stable version, added the tag to readme.md * Fixed typo * Fixed the wrong path in readme.md * Reverted VS Code automatic breaking change * Fix broken link (Azure#19688) * add aadObjectId property to kustoPool (Azure#19856) Co-authored-by: Amit Elran <amelran@microsoft.com> * Updata securityinsights readme.python (Azure#19917) * update securityinsights readme.python * update readme.python Co-authored-by: Zhenbiao Wei (WICRESOFT NORTH AMERICA LTD) <v-zhenbwei@microsoft.com> * modify readme.typescripy.md for compute package (Azure#19607) Co-authored-by: ZiWei Chen (WICRESOFT NORTH AMERICA LTD) <v-ziweichen@microsoft.com> * Dev gubalasu frontdoor microsoft.network 2021 06 01 (Azure#19578) * Adds base for updating Microsoft.Network from version stable/2020-05-01 to version 2021-06-01 * Updates readme * Updates API version in new specs and examples * update waf configs and examples from 2020-11-01 * Update api version in new specs and examples * Migration api update * Update readme * Fix readme * update readme * Fix readme again * Fix readme * Fix readme * update waf policy provisioning state * Update securityinsights readme.python (Azure#19923) * update securityinsights readme.python * update readme.python * last modify * Update readme.python.md Co-authored-by: Zhenbiao Wei (WICRESOFT NORTH AMERICA LTD) <v-zhenbwei@microsoft.com> * sync with changes made to master * update folder structure * small errors and CI check * update folders * put json files into RP folders * update readme * resolve capitalization and number misplacement accident Co-authored-by: Theodore Chang <theodore.l.chang@gmail.com> Co-authored-by: Deyaaeldeen Almahallawi <dealmaha@microsoft.com> Co-authored-by: FumingZhang <81607949+FumingZhang@users.noreply.github.com> Co-authored-by: Bin Xia <binxi@microsoft.com> Co-authored-by: Matt Stam <mattstam@live.com> Co-authored-by: Jianping Zeng <zjpjack@users.noreply.github.com> Co-authored-by: Or Parnes <orparnes@microsoft.com> Co-authored-by: Alexander Batishchev <abatishchev@gmail.com> Co-authored-by: PatrickTseng <pattts@microsoft.com> Co-authored-by: gigi <52640944+gigigoo0@users.noreply.github.com> Co-authored-by: Gigi Grajo <gigigrajo@microsoft.com> Co-authored-by: zhenbiao wei <424401670@qq.com> Co-authored-by: Abhishek Krishna <AbhishekKrishna123@users.noreply.github.com> Co-authored-by: Abhishek Krishna <abkrish@microsoft.com> Co-authored-by: Dapeng Zhang <dapzhang@microsoft.com> Co-authored-by: Divyansh Agarwal <83802474+divyansh3131@users.noreply.github.com> Co-authored-by: t-bzhan <61817681+t-bzhan@users.noreply.github.com> Co-authored-by: Bo Zhang <bzhan@microsoft.com> Co-authored-by: Uriel Cohen <urielc@microsoft.com> Co-authored-by: susolank <73919400+susolank@users.noreply.github.com> Co-authored-by: Sunny Solanki <Sunny.Solanki@microsoft.com> Co-authored-by: Ralf Beckers <bexxx@users.noreply.github.com> Co-authored-by: arpit-gagneja <gagneja.arpit@gmail.com> Co-authored-by: Arpit Gagneja <argagnej@microsoft.com> Co-authored-by: Zhenbiao Wei (WICRESOFT NORTH AMERICA LTD) <v-zhenbwei@microsoft.com> Co-authored-by: YanjunGao <85206987+yanjungao718@users.noreply.github.com> Co-authored-by: Mike Kistler <mikekistler@microsoft.com> Co-authored-by: Heath Stewart <heaths@outlook.com> Co-authored-by: Weidong Xu <weidxu@microsoft.com> Co-authored-by: Jiahui Peng <46921893+Alancere@users.noreply.github.com> Co-authored-by: j-zhong-ms <107880703+j-zhong-ms@users.noreply.github.com> Co-authored-by: Tom FitzMacken <tomfitz@microsoft.com> Co-authored-by: neeerajaakula <81248992+neeerajaakula@users.noreply.github.com> Co-authored-by: darkoa-msft <61987922+darkoa-msft@users.noreply.github.com> Co-authored-by: Roy Wellington <53838718+roy-work@users.noreply.github.com> Co-authored-by: Amit Elran <amitelran2110@gmail.com> Co-authored-by: Amit Elran <amelran@microsoft.com> Co-authored-by: kazrael2119 <98569699+kazrael2119@users.noreply.github.com> Co-authored-by: ZiWei Chen (WICRESOFT NORTH AMERICA LTD) <v-ziweichen@microsoft.com> Co-authored-by: gubalasu <59630928+gubalasu@users.noreply.github.com>
fixes #17963