Skip to content

add additionally allowed tenant ids support#26133

Merged
xiangyan99 merged 15 commits intomainfrom
identity_allow_tenants
Sep 16, 2022
Merged

add additionally allowed tenant ids support#26133
xiangyan99 merged 15 commits intomainfrom
identity_allow_tenants

Conversation

@xiangyan99
Copy link
Copy Markdown
Member

Cherry picked the commits.

Removed beta changes:

  1. tenant_id for AzureCliCredential
  2. removed VisualStudioCodeCredential from DefaultAzureCredential token chain.
  3. AZURE_CLIENT_CERTIFICATE_PASSWORD support for EnvironmentCredential
  4. validate_authority support

@ghost ghost added the Azure.Identity label Sep 9, 2022
@azure-sdk
Copy link
Copy Markdown
Collaborator

API change check

APIView has identified API level changes in this PR and created following API reviews.

azure-identity

@xiangyan99 xiangyan99 requested a review from pvaneck September 9, 2022 23:15
Copy link
Copy Markdown
Member

@mccoyp mccoyp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did architects prefer additionally_allowed_tenant_ids over something like additionally_allowed_tenants, and/or is the naming conversation still ongoing?

Comment thread sdk/identity/azure-identity/azure/identity/_credentials/authorization_code.py Outdated
…ization_code.py

Co-authored-by: McCoy Patiño <39780829+mccoyp@users.noreply.github.com>
@xiangyan99
Copy link
Copy Markdown
Member Author

xiangyan99 commented Sep 9, 2022

Did architects prefer additionally_allowed_tenant_ids over something like additionally_allowed_tenants, and/or is the naming conversation still ongoing?

We are working with the architects on the name. :)

@xiangyan99 xiangyan99 requested a review from mccoyp September 12, 2022 20:48
Comment thread sdk/identity/azure-identity/CHANGELOG.md
Comment thread sdk/identity/azure-identity/azure/identity/_credentials/authorization_code.py Outdated
Comment thread sdk/identity/azure-identity/azure/identity/_credentials/azure_cli.py Outdated
Comment thread sdk/identity/azure-identity/tests/test_cli_credential.py
xiangyan99 and others added 5 commits September 13, 2022 17:40
…ization_code.py

Co-authored-by: McCoy Patiño <39780829+mccoyp@users.noreply.github.com>
@xiangyan99 xiangyan99 requested a review from mccoyp September 14, 2022 21:55
Copy link
Copy Markdown
Member

@pvaneck pvaneck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With Azure/azure-sdk-for-net#31037 merged after a lot of documentation review/revision, should we reflect the same documentation here for consistency? Or is that a follow-up as a part of #26159?

Comment thread sdk/identity/azure-identity/CHANGELOG.md Outdated
Comment thread sdk/identity/azure-identity/azure/identity/_credentials/authorization_code.py Outdated
Comment thread sdk/identity/azure-identity/azure/identity/_internal/__init__.py Outdated
Co-authored-by: McCoy Patiño <39780829+mccoyp@users.noreply.github.com>
@xiangyan99
Copy link
Copy Markdown
Member Author

With Azure/azure-sdk-for-net#31037 merged after a lot of documentation review/revision, should we reflect the same documentation here for consistency? Or is that a follow-up as a part of #26159?

We will need more time to finalize the docs/troubleshooting guideline/etc.

My plan is to merge the code and start the API review with our architects and we will have another PR to update the docs.

Copy link
Copy Markdown
Member

@mccoyp mccoyp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aside from my nitpicking, I think this looks good! I don't think I see a negative test though, where we verify that sending an invalid tenant raises the expected error; I think we should have that for at least one credential to validate the behavior of resolve_tenant. Feel free to correct me if there is such a test and I just missed it 🙂

Comment thread sdk/identity/azure-identity/azure/identity/_credentials/authorization_code.py Outdated
…ization_code.py

Co-authored-by: McCoy Patiño <39780829+mccoyp@users.noreply.github.com>
Comment thread sdk/identity/azure-identity/tests/test_aad_client.py Outdated
@xiangyan99 xiangyan99 requested a review from mccoyp September 16, 2022 23:00
Copy link
Copy Markdown
Member

@mccoyp mccoyp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm still unsure about the documentation of additionally_allowed_tenants in the CLI and PowerShell credentials since it doesn't seem like the kwarg actually does anything right now, but I'm not going to block the PR on it since the feature will at least apply in the near future.

@xiangyan99
Copy link
Copy Markdown
Member Author

I'm still unsure about the documentation of additionally_allowed_tenants in the CLI and PowerShell credentials since it doesn't seem like the kwarg actually does anything right now, but I'm not going to block the PR on it since the feature will at least apply in the near future.

Yes. Before we add the support of user-specified tenant-id, additionally_allowed_tenants will not take effect.

@xiangyan99 xiangyan99 merged commit aa3d536 into main Sep 16, 2022
@xiangyan99 xiangyan99 deleted the identity_allow_tenants branch September 16, 2022 23:31
mccoyp added a commit to mccoyp/azure-sdk-for-python that referenced this pull request Sep 22, 2022
* add additionally allowed tenant ids support

* Update sdk/identity/azure-identity/azure/identity/_credentials/authorization_code.py

Co-authored-by: McCoy Patiño <39780829+mccoyp@users.noreply.github.com>

* rename additionally_allowed_tenant_ids

* update

* Update sdk/identity/azure-identity/azure/identity/_credentials/authorization_code.py

Co-authored-by: McCoy Patiño <39780829+mccoyp@users.noreply.github.com>

* updates

* update

* update

* update

* Update sdk/identity/azure-identity/CHANGELOG.md

Co-authored-by: McCoy Patiño <39780829+mccoyp@users.noreply.github.com>

* update

* Update sdk/identity/azure-identity/azure/identity/_credentials/authorization_code.py

Co-authored-by: McCoy Patiño <39780829+mccoyp@users.noreply.github.com>

* update

* update

* update

Co-authored-by: McCoy Patiño <39780829+mccoyp@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants