Skip to content

Commit

Permalink
Add credential Scope keyword (Azure#20987)
Browse files Browse the repository at this point in the history
* Support for audience

* Update CHANGELOG.md

* Update sdk/monitor/azure-monitor-query/azure/monitor/query/_metrics_query_client.py
  • Loading branch information
Rakshith Bhyravabhotla authored Sep 30, 2021
1 parent 5c3c625 commit d1b2a62
Show file tree
Hide file tree
Showing 8 changed files with 59 additions and 23 deletions.
7 changes: 2 additions & 5 deletions sdk/monitor/azure-monitor-query/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Release History

## 1.0.0b5 (Unreleased)
## 1.0.0b5 (2021-10-05)

### Features Added

Expand All @@ -9,6 +9,7 @@
- Added `LogsQueryStatus` Enum to describe the status of a result.
- Added a new `LogsTableRow` type that represents a single row in a table.
- Items in `metrics` list in `MetricsResult` can now be accessed by metric names.
- Added `audience` keyword to support providing credential scope when creating clients.

### Breaking Changes

Expand All @@ -19,10 +20,6 @@
- `query_batch` API now returns a union of `LogsQueryPartialResult`, `LogsQueryError` and `LogsQueryResult`.
- `metric_namespace` is renamed to `namespace` and is a keyword-only argument in `list_metric_definitions` API.

### Bugs Fixed

### Other Changes

## 1.0.0b4 (2021-09-09)

### Features Added
Expand Down
4 changes: 4 additions & 0 deletions sdk/monitor/azure-monitor-query/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,10 @@ The Azure Monitor Query client library is used to execute read-only queries agai
- [Samples][samples]
- [Change log][changelog]

## _Disclaimer_

_Azure SDK Python packages support for Python 2.7 is ending 01 January 2022. For more information and questions, please refer to https://github.com/Azure/azure-sdk-for-python/issues/20691_

## Getting started

### Prerequisites
Expand Down
16 changes: 11 additions & 5 deletions sdk/monitor/azure-monitor-query/azure/monitor/query/_helpers.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,32 +15,38 @@


def get_authentication_policy(
credential, # type: TokenCredential
credential, # type: "TokenCredential"
audience=None # type: str
):
# type: (...) -> BearerTokenCredentialPolicy
"""Returns the correct authentication policy"""

if not audience:
audience = "https://api.loganalytics.io/"
scope = audience.rstrip('/') + "/.default"
if credential is None:
raise ValueError("Parameter 'credential' must not be None.")
if hasattr(credential, "get_token"):
return BearerTokenCredentialPolicy(
credential, "https://api.loganalytics.io/.default"
credential, scope
)

raise TypeError("Unsupported credential")


def get_metrics_authentication_policy(
credential, # type: TokenCredential
audience=None # type: str
):
# type: (...) -> BearerTokenCredentialPolicy
"""Returns the correct authentication policy"""

if not audience:
audience = "https://management.azure.com/"
scope = audience.rstrip('/') + "/.default"
if credential is None:
raise ValueError("Parameter 'credential' must not be None.")
if hasattr(credential, "get_token"):
return BearerTokenCredentialPolicy(
credential, "https://management.azure.com/.default"
credential, scope
)

raise TypeError("Unsupported credential")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,15 +49,20 @@ class LogsQueryClient(object):
:type credential: ~azure.core.credentials.TokenCredential
:keyword endpoint: The endpoint to connect to. Defaults to 'https://api.loganalytics.io'.
:paramtype endpoint: str
:keyword audience: URL to use for credential authentication with AAD.
:paramtype audience: str
"""

def __init__(self, credential, **kwargs):
# type: (TokenCredential, Any) -> None

self._endpoint = kwargs.pop("endpoint", "https://api.loganalytics.io/v1")
audience = kwargs.pop("audience", None)
endpoint = kwargs.pop("endpoint", "https://api.loganalytics.io/v1")
if not endpoint.startswith("https://") and not endpoint.startswith("http://"):
endpoint = "https://" + endpoint
self._endpoint = endpoint
self._client = MonitorQueryClient(
credential=credential,
authentication_policy=get_authentication_policy(credential),
authentication_policy=get_authentication_policy(credential, audience),
base_url=self._endpoint,
**kwargs
)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -44,15 +44,21 @@ class MetricsQueryClient(object):
:type credential: ~azure.core.credentials.TokenCredential
:keyword endpoint: The endpoint to connect to. Defaults to 'https://management.azure.com'.
:paramtype endpoint: str
:keyword audience: URL to use for credential authentication with AAD.
:paramtype audience: str
"""

def __init__(self, credential, **kwargs):
# type: (TokenCredential, Any) -> None
audience = kwargs.pop("audience", None)
endpoint = kwargs.pop("endpoint", "https://management.azure.com")
if not endpoint.startswith("https://") and not endpoint.startswith("http://"):
endpoint = "https://" + endpoint
self._endpoint = endpoint
self._client = MonitorQueryClient(
credential=credential,
base_url=endpoint,
authentication_policy=get_metrics_authentication_policy(credential),
base_url=self._endpoint,
authentication_policy=get_metrics_authentication_policy(credential, audience),
**kwargs
)
self._metrics_op = self._client.metrics
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,29 +13,35 @@

def get_authentication_policy(
credential: "AsyncTokenCredential",
audience: str = None
) -> AsyncBearerTokenCredentialPolicy:
"""Returns the correct authentication policy"""

if not audience:
audience = "https://api.loganalytics.io/"
scope = audience.rstrip('/') + "/.default"
if credential is None:
raise ValueError("Parameter 'credential' must not be None.")
if hasattr(credential, "get_token"):
return AsyncBearerTokenCredentialPolicy(
credential, "https://api.loganalytics.io/.default"
credential, scope
)

raise TypeError("Unsupported credential")


def get_metrics_authentication_policy(
credential: "AsyncTokenCredential",
audience: str = None
) -> AsyncBearerTokenCredentialPolicy:
"""Returns the correct authentication policy"""

if not audience:
audience = "https://management.azure.com/"
scope = audience.rstrip('/') + "/.default"
if credential is None:
raise ValueError("Parameter 'credential' must not be None.")
if hasattr(credential, "get_token"):
return AsyncBearerTokenCredentialPolicy(
credential, "https://management.azure.com/.default"
credential, scope
)

raise TypeError("Unsupported credential")
Original file line number Diff line number Diff line change
Expand Up @@ -35,13 +35,19 @@ class LogsQueryClient(object):
:type credential: ~azure.core.credentials_async.AsyncTokenCredential
:keyword endpoint: The endpoint to connect to. Defaults to 'https://api.loganalytics.io/v1'.
:paramtype endpoint: str
:keyword audience: URL to use for credential authentication with AAD.
:paramtype audience: str
"""

def __init__(self, credential: "AsyncTokenCredential", **kwargs: Any) -> None:
self._endpoint = kwargs.pop("endpoint", "https://api.loganalytics.io/v1")
audience = kwargs.pop("audience", None)
endpoint = kwargs.pop("endpoint", "https://api.loganalytics.io/v1")
if not endpoint.startswith("https://") and not endpoint.startswith("http://"):
endpoint = "https://" + endpoint
self._endpoint = endpoint
self._client = MonitorQueryClient(
credential=credential,
authentication_policy=get_authentication_policy(credential),
authentication_policy=get_authentication_policy(credential, audience),
base_url=self._endpoint,
**kwargs
)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,14 +32,20 @@ class MetricsQueryClient(object):
:type credential: ~azure.core.credentials.TokenCredential
:keyword endpoint: The endpoint to connect to. Defaults to 'https://management.azure.com'.
:paramtype endpoint: str
:keyword audience: URL to use for credential authentication with AAD.
:paramtype audience: str
"""

def __init__(self, credential: "AsyncTokenCredential", **kwargs: Any) -> None:
audience = kwargs.pop("audience", None)
endpoint = kwargs.pop("endpoint", "https://management.azure.com")
if not endpoint.startswith("https://") and not endpoint.startswith("http://"):
endpoint = "https://" + endpoint
self._endpoint = endpoint
self._client = MonitorQueryClient(
credential=credential,
base_url=endpoint,
authentication_policy=get_metrics_authentication_policy(credential),
base_url=self._endpoint,
authentication_policy=get_metrics_authentication_policy(credential, audience),
**kwargs
)
self._metrics_op = self._client.metrics
Expand Down

0 comments on commit d1b2a62

Please sign in to comment.