search

jakeFeldman / strapi-provider-upload-azure-storage

Strapi Provider Upload Azure Storage
MIT License
75 stars 42 forks source link

Support for ManagedIdentity #71

Closed mbfaay closed 8 months ago

mbfaay commented 1 year ago

It would be nice to have support for ManagedIdentityCredential. e.g. for case where Strapi is running in Azure App Service and media is stored in Azure Storage Account with shared keys disabled.

mbfaay commented 1 year ago

Have a suggested solution available for you. Based on: https://learn.microsoft.com/en-us/answers/questions/760656/using-managedidentity-with-node-js-web-app-to-acce


@@ -1,5 +1,6 @@
 import {
     AnonymousCredential,
+    ManagedIdentityCredential,
     BlobServiceClient,
     newPipeline,
     StorageSharedKeyCredential,
@@ -14,6 +15,7 @@ type Config = {
     containerName: string;
     defaultPath: string;
     cdnBaseURL?: string;
+    managedIdentity?: boolean;
 };

 type StrapiFile = File & {
@@ -44,12 +46,18 @@ function makeBlobServiceClient(config: Config) {
     const account = trimParam(config.account);
     const accountKey = trimParam(config.accountKey);
     const sasToken = trimParam(config.sasToken);
+    const managedIdentity = config.managedIdentity;
     const serviceBaseURL = getServiceBaseUrl(config);
-    // if accountKey doesn't contain value return below line
+    // if sasToken contains value return below line
     if (sasToken != '') {
         const anonymousCredential = new AnonymousCredential();
         return new BlobServiceClient(`${serviceBaseURL}${sasToken}`, anonymousCredential);
     }
+    // if managedIdentity is true return below line
+    if (managedIdentity) {
+        const aadCredentials = new ManagedIdentityCredential();
+        return new BlobServiceClient(serviceBaseURL, aadCredentials);
+    }
     const sharedKeyCredential = new StorageSharedKeyCredential(account, accountKey);
     const pipeline = newPipeline(sharedKeyCredential);
     return new BlobServiceClient(serviceBaseURL, pipeline);
jakeFeldman commented 1 year ago

Hello @mbfaay, I'm okay supporting other connection types. Would you like to issue a PR?

mbfaay commented 1 year ago

Hi @jakeFeldman, I can issue a PR for supporting managed identity. Can you give me the rights to create a branch for this?

mbfaay commented 1 year ago

Hi @jakeFeldman, I can issue a PR for supporting managed identity. Can you give me the rights to create a branch for this?

Gentle reminder

jakeFeldman commented 1 year ago

Hey @mbfaay thanks for the reminder. You should be able to fork the repo and open a PR from your fork. Let me know if you have any issues doing so.

nmartin5 commented 1 year ago

@jakeFeldman I see that https://github.com/jakeFeldman/strapi-provider-upload-azure-storage/pull/72 has been approved. Is this still on the roadmap? I would love to start using this feature. Thanks!

Jeinhaus commented 1 year ago

@jakeFeldman This would be awesome to have. Is there anything needed beside the open #72 to get this working?

jakeFeldman commented 12 months ago

Hi @Jeinhaus, I haven't looked at #72 in a while and would need testing. If you would like to take ownership on the PR and make sure everything is good to go, I'd be happy to get it merged in

Jeinhaus commented 12 months ago

@jakeFeldman thank you for responding so quickly. To be honest, I'm a total Azure, strapi and js noob, but I might give it a try to test #72. Maybe @mbfaay is still around and have a look at it as well?

fardarter commented 8 months ago

Can be closed now?