Open riezebosch opened 1 year ago
new CLI should be on MSAL, but this lib stays at ADAL.
The lib is in maintenance mode, and to be deprecated.
Please plan switch to https://aka.ms/azsdk/dotnet/mgmt
For this particular issue I don't think it is ADAL/MSAL related. The AzureCliCredentials
class just uses the credentials cached by azure-cli. I've seen the new SDK using the cli directly for that, and this lib has its built-in parser.
@riezebosch
I had an issue with the AzureCliCredentials and wanted to check the source code. I looked at the implementation here and thought I'd bumped into the unsupported old json issue, but I was actually using the newer library Azure.Identity. The implementation in here (old) directly reads the json file, but the implementation in Azure.Identity directly calls the Azure cli and does not have the issue.
Azure.Identity
should work fine (unless there is bug).
Yes, the current solution would be call CLI and let it fetch the result. However, I am not sure whether it works same, if CLI is an old version (before they've moved to MSAL).
@riezebosch
As mentioned by @rvdginste, the JSON format changed (or even file location). Whether it is ADAL/MSAL is now internal to CLI. But as said, this lib is likely to be deprecated soon, and we are not adding new features.
I understand, but now people depending on this library find their software being in an unusable state since it no longer works with an updated azure-cli.
It is possible to combine the credentials provided byAzure.Identity
with this library?
Describe the bug A clear and concise description of what the bug is.
The format of the
json
files that are used by azure-cli to store the access tokens has changed. Therefore theAzureCliCredentials
fails to parse the tokens that are used for logging in using a service principal.Old format & location:
New format & location:
Exception or Stack Trace Add the exception log and stack trace if available
To Reproduce Steps to reproduce the behavior:
az logout
(to clear the~/.azure
folder)az login --service-principal -u '** GUID **' -p '** TOKEN **' --tenant '** GUID **'
AzureCliCredentials.Create()
Code Snippet Add the code snippet that causes the issue.
Expected behavior A clear and concise description of what you expected to happen.
Screenshots If applicable, add screenshots to help explain your problem.
Setup (please complete the following information):
Microsoft.Azure.Management.Fluent@1.38.1
Additional context Add any other context about the problem here. https://github.com/Azure/azure-libraries-for-net/blob/master/src/ResourceManagement/ResourceManager/Authentication/AzureCliCredentials.cs#L45
Information Checklist Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report