How to create ApplicationTokenCredentials instance for Azure emulator?

Azure / Azurite

A lightweight server clone of Azure Storage that simulates most of the commands supported by it with minimal dependencies

MIT License

1.83k stars 325 forks source link

How to create ApplicationTokenCredentials instance for Azure emulator? #537

Open kannangce opened 4 years ago

kannangce commented 4 years ago

Which service(blob, file, queue, table) does this issue concern?

blob

Which version of the Azurite was used?

3.8.0

Where do you get Azurite? (npm, DockerHub, NuGet, Visual Studio Code Extension)

DockerHub

What's the Node.js version?

N/A

What problem was encountered?

Need help in creating Authentication file or ApplicationTokenCredentials instance for Azurite.

Steps to reproduce the issue?

N/A

Have you found a mitigation/solution?

N/A

XiaoningLiu commented 4 years ago

Hi @kannangce Don't understand your question. What's ApplicationTokenCredentials you are referring to?

kannangce commented 4 years ago

@XiaoningLiu My existing code uses authfile based authentication with Azure. For testing , local setup if I have to make a drop-in-replacement of Azurite, I'll be needing one of the below things,

An auth file containing the credentials.
Java SDK's ApplicationTokenCredentials instance which in turn is created from the auth file, which requires confgurations like ClientId, Client Secret, TenantId and Subsription Id.The mentioned parameters for Azurite is not mentioned in the readme.

If one of the above is possible with Azurite that would be awesome to integrate Azurite in my case.

XiaoningLiu commented 4 years ago

Hi @kannangce

It should work. If the token credential works for your production storage account, then it will work for Azurite. Anyway take a try, report any Azurite errors/debug.log here.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

douglasg14b commented 2 years ago

I am also wanting this information. We want to run this in a testing pipeline, however, we will not be injecting production secrets into there for testing purposes....

@XiaoningLiu Specifically:

When using a ClientSecretCredential, which requires a ClientId, TenantId, and a Client Secret, what does this library expect...?

What does azurite expect for the ClientId, TenantId, and Client Secret. Putting fake values in there does not work, and there is no mention in the readme of what is expected here, nor is there a runnable example.

XiaoningLiu commented 2 years ago

@douglasg14b

Guess you are using TokenCredential or similar SDK, which requires you input valid ClientId, TenantId etc. Unluckily the SDK cannot support granting a fake token to Azurite. The SDK will go to AAD asking for a production token.

There are 2 ways you can explorer:

Go to your Azure portal creating an application just for Azurite tests. You can decouple the credentials with your production services. The input ClientId, TenantId using the newly created application credentials.
You can build up code by-yourself to fake tokens to Azurite. Refer to https://github.com/Azure/Azurite/blob/24533376c9bb11ceef005eac5242738032f7196d/tests/blob/oauth.test.ts#L30 and https://github.com/Azure/Azurite/blob/24533376c9bb11ceef005eac5242738032f7196d/tests/testutils.ts#L179