Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support multiple data source prop passwordless and new prop of credential bean name #42486

Open
wants to merge 12 commits into
base: main
Choose a base branch
from
Open

Support multiple data source prop passwordless and new prop of credential bean name #42486

wants to merge 12 commits into from

Conversation

moarychan
Copy link
Member

@moarychan moarychan commented Oct 21, 2024
edited
Loading

Description

Fixes #41977

Changelogs:

  • Fix primitive type prop (isManagedIdentityEnabled) copy issue
  • Support multiple data source prop passwordless
  • Add new prop of credential bean name, it's suitable for all SDK client, JMS passworless, Redis passwordless, JDBC passwordless, Spring Integration for Service Bus.

All SDK Contribution checklist:

  • The pull request does not introduce [breaking changes]
  • CHANGELOG is updated for new features, bug fixes or other significant changes.
  • I have read the contribution guidelines.

General Guidelines and Best Practices

  • Title of the pull request is clear and informative.
  • There are a small number of commits, each of which have an informative message. This means that previously merged commits do not appear in the history of the PR. For more information on cleaning up the commits in your PR, see this page.

Testing Guidelines

  • Pull request includes test coverage for the included changes.

@github-actions github-actions bot added the azure-spring All azure-spring related issues label Oct 21, 2024
@azure-sdk
Copy link
Collaborator

azure-sdk commented Oct 21, 2024
edited
Loading

API change check

API changes are not detected in this pull request.

@moarychan moarychan marked this pull request as ready for review October 21, 2024 07:34
saragluna
saragluna reviewed Oct 22, 2024
View reviewed changes
...re/implementation/context/SpringTokenCredentialProviderContextProviderAutoConfiguration.java
*/
@Configuration(proxyBeanMethods = false)
@ConditionalOnClass(AzureAuthenticationTemplate.class)
public class SpringTokenCredentialProviderContextProviderAutoConfiguration {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
public class SpringTokenCredentialProviderContextProviderAutoConfiguration {
class SpringTokenCredentialProviderContextProviderAutoConfiguration {

...re/implementation/context/SpringTokenCredentialProviderContextProviderAutoConfiguration.java

@Bean
@ConditionalOnMissingBean
static SpringTokenCredentialProviderContextProvider springTokenCredentialProviderContextProvider() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this static?

...cloud/autoconfigure/implementation/data/redis/AzureLettucePasswordlessAutoConfiguration.java
@@ -51,10 +59,11 @@ AzureRedisPasswordlessProperties redisPasswordlessProperties() {

@Bean(name = "azureRedisCredentials")
@ConditionalOnMissingBean
@DependsOn("springTokenCredentialProviderContextProvider")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we have other better choice here, if feels like not correct to depends on this class.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any good suggestions?

...zure/spring/cloud/autoconfigure/implementation/data/redis/lettuce/AzureRedisCredentials.java Outdated
this(null, null, username, passwordlessProperties);
}

public AzureRedisCredentials(GenericApplicationContext applicationContext,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The AzureRedisCredentials should be independent of any Spring APIs.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This class should pass in a credential provider, instead of the context.

...zure/spring/cloud/autoconfigure/implementation/data/redis/lettuce/AzureRedisCredentials.java
Comment on lines +36 to +38
public AzureRedisCredentials(String username,
TokenCredentialProvider tokenCredentialProvider,
PasswordlessProperties passwordlessProperties) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
public AzureRedisCredentials(String username,
TokenCredentialProvider tokenCredentialProvider,
PasswordlessProperties passwordlessProperties) {
public AzureRedisCredentials(String username,
PasswordlessProperties passwordlessProperties,
TokenCredentialProvider tokenCredentialProvider) {

...zure/spring/cloud/autoconfigure/implementation/data/redis/lettuce/AzureRedisCredentials.java
azureAuthenticationTemplate.init(properties);
this.username = resolveUsername(azureAuthenticationTemplate, username);
}

public AzureRedisCredentials(String username, PasswordlessProperties passwordlessProperties, TokenCredential tokenCredential) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we call the newly added ctor in from this method?

...ring/cloud/autoconfigure/implementation/jms/ServiceBusJmsConnectionFactoryConfiguration.java
factoryCustomizers.orderedStream().collect(Collectors.toList()))
.createConnectionFactory(ServiceBusJmsConnectionFactory.class);
}

private TokenCredentialProvider getPasswordlessTokenCredentialProvider(AzureServiceBusJmsProperties serviceBusJmsProperties) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we leverage the authenticate template instead?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should put all the same logic into the same place, instead of writing it everywhere

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will improve the logic

...configure/implementation/resourcemanager/AzureEventHubsResourceManagerAutoConfiguration.java
Comment on lines +48 to +50
AzureGlobalProperties.PREFIX + ".credential.token-credential-bean-name",
AzureEventHubsProperties.PREFIX + ".credential.token-credential-bean-name"
})
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But the credential can come from all the other spring.cloud.azure.credential.xxx properties

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, not covered all the credentials, we should add all credential types here, right?

...cloud/autoconfigure/implementation/servicebus/AzureServiceBusMessagingAutoConfiguration.java
@@ -80,8 +84,19 @@ static class ProcessorContainerConfiguration {
@ConditionalOnMissingBean
ServiceBusProcessorFactory defaultServiceBusNamespaceProcessorFactory(
NamespaceProperties properties,
ObjectProvider<PropertiesSupplier<ConsumerIdentifier, ProcessorProperties>> suppliers) {
return new DefaultServiceBusNamespaceProcessorFactory(properties, suppliers.getIfAvailable());
ObjectProvider<PropertiesSupplier<ConsumerIdentifier, ProcessorProperties>> suppliers,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What are these for?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For Service Bus Integration scenario, it's used to custom the Service Bus builder factory in DefaultServiceBusNamespaceProcessorFactory.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@saragluna saragluna saragluna left review comments

@rujche rujche Awaiting requested review from rujche rujche is a code owner

@Netyyyy Netyyyy Awaiting requested review from Netyyyy Netyyyy is a code owner

@mssfang mssfang Awaiting requested review from mssfang mssfang is a code owner

@JonathanGiles JonathanGiles Awaiting requested review from JonathanGiles JonathanGiles is a code owner

@alzimmermsft alzimmermsft Awaiting requested review from alzimmermsft alzimmermsft is a code owner

@srnagar srnagar Awaiting requested review from srnagar srnagar is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
azure-spring All azure-spring related issues
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG] Passwordless authentication for RDBMS when multiple data sources are registered
3 participants
@moarychan @azure-sdk @saragluna