Skip to content

Commit

Permalink
Updates APIC plugins to use DefaultAzureCredential (#708)
Browse files Browse the repository at this point in the history
  • Loading branch information
waldekmastykarz authored May 14, 2024
1 parent 2a46633 commit bef8763
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 87 deletions.
48 changes: 5 additions & 43 deletions dev-proxy-plugins/RequestLogs/ApiCenterOnboardingPlugin.cs
Original file line number Diff line number Diff line change
Expand Up @@ -26,15 +26,17 @@ internal class ApiCenterOnboardingPluginConfiguration
public string ServiceName { get; set; } = "";
public string WorkspaceName { get; set; } = "default";
public bool CreateApicEntryForNewApis { get; set; } = true;
public bool UseDevCredentials { get; set; } = true;
public bool UseProdCredentials { get; set; } = false;
}

public class ApiCenterOnboardingPlugin : BaseProxyPlugin
{
private ApiCenterOnboardingPluginConfiguration _configuration = new();
private readonly string[] _scopes = ["https://management.azure.com/.default"];
private TokenCredential _credential = new DefaultAzureCredential();
private TokenCredential _credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions() {
ExcludeInteractiveBrowserCredential = true,
// fails on Ubuntu
ExcludeSharedTokenCacheCredential = true
});
private HttpClient? _httpClient;
private JsonSerializerOptions _jsonSerializerOptions = new JsonSerializerOptions
{
Expand Down Expand Up @@ -68,16 +70,6 @@ public override void Register(IPluginEvents pluginEvents,
_logger?.LogError("Specify ServiceName in the {plugin} configuration. The {plugin} will not be used.", Name, Name);
return;
}
if (!_configuration.UseDevCredentials && !_configuration.UseProdCredentials)
{
_logger?.LogError(
"Both {useDev} and {useProd} are set to false. You need to use at least one set of credentials The {plugin} will not be used.",
nameof(ApiCenterOnboardingPluginConfiguration.UseDevCredentials),
nameof(ApiCenterOnboardingPluginConfiguration.UseProdCredentials),
Name
);
return;
}

// load configuration from env vars
if (_configuration.SubscriptionId.StartsWith('@'))
Expand All @@ -97,36 +89,6 @@ public override void Register(IPluginEvents pluginEvents,
_configuration.WorkspaceName = Environment.GetEnvironmentVariable(_configuration.WorkspaceName.Substring(1)) ?? _configuration.WorkspaceName;
}

var credentials = new List<TokenCredential>();
// as defined in DefaultAzureCredential
var tokenCredentialOptions = new TokenCredentialOptions
{
Retry =
{
NetworkTimeout = TimeSpan.FromSeconds(1)
}
};
if (_configuration.UseDevCredentials)
{
credentials.AddRange([
new SharedTokenCacheCredential(),
new VisualStudioCredential(),
new VisualStudioCodeCredential(),
new AzureCliCredential(),
new AzurePowerShellCredential(),
new AzureDeveloperCliCredential(),
]);
}
if (_configuration.UseProdCredentials)
{
credentials.AddRange([
new EnvironmentCredential(),
new WorkloadIdentityCredential(),
new ManagedIdentityCredential(options: tokenCredentialOptions)
]);
}
_credential = new ChainedTokenCredential(credentials.ToArray());

if (_logger?.LogLevel == LogLevel.Debug)
{
var consoleListener = AzureEventSourceListener.CreateConsoleLogger(EventLevel.Verbose);
Expand Down
49 changes: 5 additions & 44 deletions dev-proxy-plugins/RequestLogs/ApiCenterProductionVersionPlugin.cs
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@

using System.Diagnostics;
using System.Diagnostics.Tracing;
using System.Dynamic;
using System.Net.Http.Json;
using System.Text.Json;
using Azure.Core;
Expand Down Expand Up @@ -36,15 +35,17 @@ internal class ApiCenterProductionVersionPluginConfiguration
public string ResourceGroupName { get; set; } = "";
public string ServiceName { get; set; } = "";
public string WorkspaceName { get; set; } = "default";
public bool UseDevCredentials { get; set; } = true;
public bool UseProdCredentials { get; set; } = false;
}

public class ApiCenterProductionVersionPlugin : BaseProxyPlugin
{
private ApiCenterProductionVersionPluginConfiguration _configuration = new();
private readonly string[] _scopes = ["https://management.azure.com/.default"];
private TokenCredential _credential = new DefaultAzureCredential();
private TokenCredential _credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions() {
ExcludeInteractiveBrowserCredential = true,
// fails on Ubuntu
ExcludeSharedTokenCacheCredential = true
});
private HttpClient? _httpClient;
private JsonSerializerOptions _jsonSerializerOptions = new JsonSerializerOptions
{
Expand Down Expand Up @@ -78,16 +79,6 @@ public override void Register(IPluginEvents pluginEvents,
_logger?.LogError("Specify ServiceName in the ApiCenterProductionVersionPlugin configuration. The ApiCenterProductionVersionPlugin will not be used.");
return;
}
if (!_configuration.UseDevCredentials && !_configuration.UseProdCredentials)
{
_logger?.LogError(
"Both {useDev} and {useProd} are set to false. You need to use at least one set of credentials The {plugin} will not be used.",
nameof(ApiCenterProductionVersionPluginConfiguration.UseDevCredentials),
nameof(ApiCenterProductionVersionPluginConfiguration.UseProdCredentials),
Name
);
return;
}

// load configuration from env vars
if (_configuration.SubscriptionId.StartsWith('@'))
Expand All @@ -107,36 +98,6 @@ public override void Register(IPluginEvents pluginEvents,
_configuration.WorkspaceName = Environment.GetEnvironmentVariable(_configuration.WorkspaceName.Substring(1)) ?? _configuration.WorkspaceName;
}

var credentials = new List<TokenCredential>();
// as defined in DefaultAzureCredential
var tokenCredentialOptions = new TokenCredentialOptions
{
Retry =
{
NetworkTimeout = TimeSpan.FromSeconds(1)
}
};
if (_configuration.UseDevCredentials)
{
credentials.AddRange([
new SharedTokenCacheCredential(),
new VisualStudioCredential(),
new VisualStudioCodeCredential(),
new AzureCliCredential(),
new AzurePowerShellCredential(),
new AzureDeveloperCliCredential(),
]);
}
if (_configuration.UseProdCredentials)
{
credentials.AddRange([
new EnvironmentCredential(),
new WorkloadIdentityCredential(),
new ManagedIdentityCredential(options: tokenCredentialOptions)
]);
}
_credential = new ChainedTokenCredential(credentials.ToArray());

if (_logger?.LogLevel == LogLevel.Debug)
{
var consoleListener = AzureEventSourceListener.CreateConsoleLogger(EventLevel.Verbose);
Expand Down

0 comments on commit bef8763

Please sign in to comment.