def __init__(self, endpoint, client_cls, config=None, client_id=None, **kwargs): # type: (str, Type, Optional[Configuration], Optional[str], **Any) -> None self._identity_config = kwargs.pop("identity_config", None) or {} if client_id: if os.environ.get( EnvironmentVariables.MSI_ENDPOINT) and os.environ.get( EnvironmentVariables.MSI_SECRET): # App Service: version 2017-09-1 accepts client ID as parameter "clientid" if "clientid" not in self._identity_config: self._identity_config["clientid"] = client_id elif "client_id" not in self._identity_config: self._identity_config["client_id"] = client_id config = config or self._create_config(**kwargs) policies = [ ContentDecodePolicy(), config.headers_policy, config.user_agent_policy, config.retry_policy, config.logging_policy, DistributedTracingPolicy(**kwargs), HttpLoggingPolicy(**kwargs), ] self._client = client_cls(endpoint=endpoint, config=config, policies=policies, **kwargs)
def _create_pipeline(self, credential, **kwargs): # type: (Any, **Any) -> Tuple[Configuration, Pipeline] self._credential_policy = None if hasattr(credential, "get_token"): self._credential_policy = BearerTokenCredentialPolicy( credential, STORAGE_OAUTH_SCOPE) elif isinstance(credential, SharedKeyCredentialPolicy): self._credential_policy = credential elif credential is not None: raise TypeError("Unsupported credential: {}".format(credential)) config = kwargs.get("_configuration") or create_configuration(**kwargs) if kwargs.get("_pipeline"): return config, kwargs["_pipeline"] config.transport = kwargs.get("transport") # type: ignore kwargs.setdefault("connection_timeout", CONNECTION_TIMEOUT) kwargs.setdefault("read_timeout", READ_TIMEOUT) if not config.transport: config.transport = RequestsTransport(**kwargs) policies = [ QueueMessagePolicy(), config.headers_policy, config.proxy_policy, config.user_agent_policy, StorageContentValidation(), StorageRequestHook(**kwargs), self._credential_policy, ContentDecodePolicy(response_encoding="utf-8"), RedirectPolicy(**kwargs), StorageHosts(hosts=self._hosts, **kwargs), config.retry_policy, config.logging_policy, StorageResponseHook(**kwargs), DistributedTracingPolicy(**kwargs), HttpLoggingPolicy(**kwargs) ] if kwargs.get("_additional_pipeline_policies"): policies = policies + kwargs.get("_additional_pipeline_policies") return config, Pipeline(config.transport, policies=policies)
def create_pipeline(credential, **kwargs): # type: (Any, **Any) -> Tuple[Configuration, Pipeline] credential_policy = None if hasattr(credential, 'get_token'): credential_policy = BearerTokenCredentialPolicy( credential, STORAGE_OAUTH_SCOPE) elif isinstance(credential, SharedKeyCredentialPolicy): credential_policy = credential elif credential is not None: raise TypeError("Unsupported credential: {}".format(credential)) config = kwargs.get('_configuration') or create_configuration(**kwargs) if kwargs.get('_pipeline'): return config, kwargs['_pipeline'] if 'connection_timeout' not in kwargs: kwargs['connection_timeout'] = DEFAULT_SOCKET_TIMEOUT transport = kwargs.get('transport') # type: HttpTransport if not transport: transport = RequestsTransport(**kwargs) policies = [ QueueMessagePolicy(), config.headers_policy, config.user_agent_policy, StorageContentValidation(), StorageRequestHook(**kwargs), credential_policy, ContentDecodePolicy(), config.redirect_policy, StorageHosts(**kwargs), config.retry_policy, config.logging_policy, StorageResponseHook(**kwargs), ] return config, Pipeline(transport, policies=policies)
def _build_pipeline(self, **kwargs): # pylint: disable=no-self-use transport = kwargs.get('transport') policies = kwargs.get('policies') credential_policy = \ AsyncServiceBusSharedKeyCredentialPolicy(self._endpoint, self._credential, "Authorization") \ if isinstance(self._credential, ServiceBusSharedKeyCredential) \ else AsyncBearerTokenCredentialPolicy(self._credential, JWT_TOKEN_SCOPE) if policies is None: # [] is a valid policy list policies = [ RequestIdPolicy(**kwargs), self._config.headers_policy, self._config.user_agent_policy, self._config.proxy_policy, ContentDecodePolicy(**kwargs), ServiceBusXMLWorkaroundPolicy(), self._config.redirect_policy, self._config.retry_policy, credential_policy, self._config.logging_policy, DistributedTracingPolicy(**kwargs), HttpLoggingPolicy(**kwargs), ] if not transport: transport = AioHttpTransport(**kwargs) return AsyncPipeline(transport, policies)
def _create_pipeline(self, credential, **kwargs): # type: (Any, **Any) -> Tuple[Configuration, Pipeline] self._credential_policy = None if hasattr(credential, "get_token"): self._credential_policy = BearerTokenCredentialPolicy(credential, STORAGE_OAUTH_SCOPE) elif isinstance(credential, SharedKeyCredentialPolicy): self._credential_policy = credential elif credential is not None: raise TypeError("Unsupported credential: {}".format(credential)) config = kwargs.get("_configuration") or create_configuration(**kwargs) if kwargs.get("_pipeline"): return config, kwargs["_pipeline"] config.transport = kwargs.get("transport") # type: ignore if "connection_timeout" not in kwargs: kwargs["connection_timeout"] = DEFAULT_SOCKET_TIMEOUT if not config.transport: config.transport = RequestsTransport(**kwargs) policies = [ QueueMessagePolicy(), config.headers_policy, config.user_agent_policy, StorageContentValidation(), StorageRequestHook(**kwargs), self._credential_policy, ContentDecodePolicy(), RedirectPolicy(**kwargs), StorageHosts(hosts=self._hosts, **kwargs), config.retry_policy, config.logging_policy, StorageResponseHook(**kwargs), DistributedTracingPolicy(), ] return config, Pipeline(config.transport, policies=policies)
def _create_appconfig_pipeline( self, credential, base_url=None, aad_mode=False, **kwargs ): transport = kwargs.get("transport") policies = kwargs.get("policies") if policies is None: # [] is a valid policy list if aad_mode: scope = base_url.strip("/") + "/.default" if hasattr(credential, "get_token"): credential_policy = BearerTokenCredentialPolicy(credential, scope) else: raise TypeError( "Please provide an instance from azure-identity " "or a class that implement the 'get_token protocol" ) else: credential_policy = AppConfigRequestsCredentialsPolicy(credential) policies = [ self._config.headers_policy, self._config.user_agent_policy, self._config.retry_policy, self._sync_token_policy, credential_policy, self._config.logging_policy, # HTTP request/response log DistributedTracingPolicy(**kwargs), HttpLoggingPolicy(**kwargs), ContentDecodePolicy(**kwargs), ] if not transport: transport = RequestsTransport(**kwargs) return Pipeline(transport, policies)
def _configure_policies(self, **kwargs): # type: (**Any) -> None try: from azure.core.pipeline.transport import AioHttpTransport if not kwargs.get("transport"): kwargs.setdefault("transport", AioHttpTransport(**kwargs)) except ImportError: raise ImportError( "Unable to create async transport. Please check aiohttp is installed." ) kwargs.setdefault("connection_timeout", CONNECTION_TIMEOUT) kwargs.setdefault("read_timeout", READ_TIMEOUT) self._policies = [ StorageHeadersPolicy(**kwargs), ProxyPolicy(**kwargs), UserAgentPolicy(sdk_moniker=SDK_MONIKER, **kwargs), StorageContentValidation(), StorageRequestHook(**kwargs), self._credential_policy, ContentDecodePolicy(response_encoding="utf-8"), AsyncRedirectPolicy(**kwargs), StorageHosts(hosts=self._hosts, **kwargs), AsyncTablesRetryPolicy(**kwargs), StorageLoggingPolicy(**kwargs), AsyncStorageResponseHook(**kwargs), DistributedTracingPolicy(**kwargs), HttpLoggingPolicy(**kwargs), ]
def __init__(self, config=None, **kwargs): # type: (Optional[Configuration], Dict[str, Any]) -> None config = config or self.create_config(**kwargs) policies = [ config.header_policy, ContentDecodePolicy(), config.logging_policy, config.retry_policy ] self._client = AuthnClient(Endpoints.IMDS, config, policies, **kwargs)
def _create_pipeline(account, credential, **kwargs): # type: (Any, **Any) -> Tuple[Configuration, Pipeline] credential_policy = SharedKeyCredentialPolicy(account_name=account.name, account_key=credential) transport = RequestsTransport(**kwargs) policies = [ HeadersPolicy(), credential_policy, ContentDecodePolicy(response_encoding="utf-8")] return Pipeline(transport, policies=policies)
def _build_pipeline(self, config=None, policies=None, transport=None, **kwargs): config = config or self._create_config(**kwargs) policies = policies or [ ContentDecodePolicy(), config.retry_policy, config.logging_policy, DistributedTracingPolicy(), ] if not transport: transport = RequestsTransport(**kwargs) return Pipeline(transport=transport, policies=policies)
def __init__(self, config=None, **kwargs): # type: (Optional[Configuration], Dict[str, Any]) -> None config = config or self.create_config(**kwargs) policies = [ ContentDecodePolicy(), config.retry_policy, config.logging_policy ] endpoint = os.environ.get(MSI_ENDPOINT) if not endpoint: raise ValueError( "expected environment variable {} has no value".format( MSI_ENDPOINT)) self._client = AuthnClient(endpoint, config, policies, **kwargs)
def __init__(self, configuration=None, **kwargs): config = configuration or FooServiceClient.create_config(**kwargs) transport = kwargs.get('transport', RequestsTransport(**kwargs)) policies = [ config.user_agent_policy, config.headers_policy, config.authentication_policy, ContentDecodePolicy(), config.redirect_policy, config.retry_policy, config.logging_policy, ] self._pipeline = Pipeline(transport, policies=policies)
def __init__(self, auth_url, config=None, policies=None, transport=None, **kwargs): # type: (str, Optional[Configuration], Optional[Iterable[HTTPPolicy]], Optional[HttpTransport], Mapping[str, Any]) -> None config = config or self._create_config(**kwargs) policies = policies or [ ContentDecodePolicy(), config.retry_policy, config.logging_policy, DistributedTracingPolicy(), ] if not transport: transport = RequestsTransport(**kwargs) self._pipeline = Pipeline(transport=transport, policies=policies) super(AuthnClient, self).__init__(auth_url, **kwargs)
async def test_policies_configurable(): policy = Mock(spec_set=SansIOHTTPPolicy, on_request=Mock()) async def send(*_, **__): return mock_response(json_payload=build_aad_response(access_token="**")) credential = CertificateCredential( "tenant-id", "client-id", PEM_CERT_PATH, policies=[ContentDecodePolicy(), policy], transport=Mock(send=send) ) await credential.get_token("scope") assert policy.on_request.called
def __init__(self, endpoint, client_cls, config=None, client_id=None, **kwargs): # type: (str, Type, Optional[Configuration], Optional[str], Any) -> None self._client_id = client_id config = config or self._create_config(**kwargs) policies = [ ContentDecodePolicy(), config.headers_policy, config.retry_policy, config.logging_policy ] self._client = client_cls(endpoint, config, policies, **kwargs)
def __init__(self, auth_url: str, config: Optional[Configuration] = None, policies: Optional[Iterable[HTTPPolicy]] = None, transport: Optional[AsyncHttpTransport] = None, **kwargs: Mapping[str, Any]) -> None: config = config or self.create_config(**kwargs) policies = policies or [ ContentDecodePolicy(), config.logging_policy, config.retry_policy ] if not transport: transport = AsyncioRequestsTransport(configuration=config) self._pipeline = AsyncPipeline(transport=transport, policies=policies) super(AsyncAuthnClient, self).__init__(auth_url, **kwargs)
def test_policies_configurable(): policy = Mock(spec_set=SansIOHTTPPolicy, on_request=Mock()) transport = msal_validating_transport( requests=[Request()], responses=[mock_response(json_payload=build_aad_response(access_token="**"))] ) credential = CertificateCredential( "tenant-id", "client-id", CERT_PATH, policies=[ContentDecodePolicy(), policy], transport=transport ) credential.get_token("scope") assert policy.on_request.called
def _configure_policies(self, **kwargs): return [ RequestIdPolicy(**kwargs), StorageHeadersPolicy(**kwargs), UserAgentPolicy(sdk_moniker=SDK_MONIKER, **kwargs), ProxyPolicy(**kwargs), self._credential_policy, ContentDecodePolicy(response_encoding="utf-8"), RedirectPolicy(**kwargs), StorageHosts(**kwargs), TablesRetryPolicy(**kwargs), CustomHookPolicy(**kwargs), NetworkTraceLoggingPolicy(**kwargs), DistributedTracingPolicy(**kwargs), HttpLoggingPolicy(**kwargs), ]
def _get_policies(config, **kwargs): logging_policy = HttpLoggingPolicy(**kwargs) logging_policy.allowed_header_names.add("x-ms-keyvault-network-info") return [ config.headers_policy, UserAgentPolicy(base_user_agent=USER_AGENT, **kwargs), config.proxy_policy, ContentDecodePolicy(), config.redirect_policy, config.retry_policy, config.authentication_policy, config.logging_policy, DistributedTracingPolicy(**kwargs), logging_policy, ]
def __init__(self, config: "Optional[Configuration]" = None, policies: "Optional[Iterable[HTTPPolicy]]" = None, transport: "Optional[AsyncHttpTransport]" = None, **kwargs: "Any") -> None: config = config or self._create_config(**kwargs) policies = policies or [ ContentDecodePolicy(), config.retry_policy, config.logging_policy, DistributedTracingPolicy(), ] if not transport: transport = AsyncioRequestsTransport(**kwargs) self._pipeline = AsyncPipeline(transport=transport, policies=policies) super().__init__(**kwargs)
def _default_policies(config, **kwargs): return [ RequestIdPolicy(**kwargs), ARMAutoResourceProviderRegistrationPolicy(), config.headers_policy, config.user_agent_policy, config.proxy_policy, ContentDecodePolicy(**kwargs), config.redirect_policy, config.retry_policy, config.authentication_policy, config.custom_hook_policy, config.logging_policy, DistributedTracingPolicy(**kwargs), ARMHttpLoggingPolicy(**kwargs), ]
def _create_pipeline(self, credential, **kwargs): # type: (Any, **Any) -> Tuple[Configuration, Pipeline] self._credential_policy = None if hasattr(credential, 'get_token'): self._credential_policy = AsyncBearerTokenCredentialPolicy( credential, STORAGE_OAUTH_SCOPE) elif isinstance(credential, SharedKeyCredentialPolicy): self._credential_policy = credential elif isinstance(credential, AzureSasCredential): self._credential_policy = AzureSasCredentialPolicy(credential) elif credential is not None: raise TypeError("Unsupported credential: {}".format(credential)) config = kwargs.get('_configuration') or create_configuration(**kwargs) if kwargs.get('_pipeline'): return config, kwargs['_pipeline'] config.transport = kwargs.get('transport') # type: ignore kwargs.setdefault("connection_timeout", CONNECTION_TIMEOUT) kwargs.setdefault("read_timeout", READ_TIMEOUT) if not config.transport: try: from azure.core.pipeline.transport import AioHttpTransport except ImportError: raise ImportError( "Unable to create async transport. Please check aiohttp is installed." ) config.transport = AioHttpTransport(**kwargs) policies = [ QueueMessagePolicy(), config.headers_policy, config.proxy_policy, config.user_agent_policy, StorageContentValidation(), StorageRequestHook(**kwargs), self._credential_policy, ContentDecodePolicy(response_encoding="utf-8"), AsyncRedirectPolicy(**kwargs), StorageHosts(hosts=self._hosts, **kwargs), # type: ignore config.retry_policy, config.logging_policy, AsyncStorageResponseHook(**kwargs), DistributedTracingPolicy(**kwargs), HttpLoggingPolicy(**kwargs), ] if kwargs.get("_additional_pipeline_policies"): policies = policies + kwargs.get("_additional_pipeline_policies") return config, AsyncPipeline(config.transport, policies=policies)
def __init__(self, **kwargs: Any) -> None: """Azure Monitor base exporter for OpenTelemetry. :keyword str api_version: The service API version used. Defaults to latest. :rtype: None """ parsed_connection_string = ConnectionStringParser( kwargs.get('connection_string')) self._instrumentation_key = parsed_connection_string.instrumentation_key self._timeout = 10.0 # networking timeout in seconds self._api_version = kwargs.get('api_version') or _SERVICE_API_LATEST self._consecutive_redirects = 0 # To prevent circular redirects temp_suffix = self._instrumentation_key or "" default_storage_path = os.path.join(tempfile.gettempdir(), _TEMPDIR_PREFIX + temp_suffix) config = AzureMonitorClientConfiguration( parsed_connection_string.endpoint, **kwargs) policies = [ RequestIdPolicy(**kwargs), config.headers_policy, config.user_agent_policy, config.proxy_policy, ContentDecodePolicy(**kwargs), # Handle redirects in exporter, set new endpoint if redirected RedirectPolicy(permit_redirects=False), config.retry_policy, config.authentication_policy, config.custom_hook_policy, config.logging_policy, # Explicitly disabling to avoid infinite loop of Span creation when data is exported # DistributedTracingPolicy(**kwargs), config.http_logging_policy or HttpLoggingPolicy(**kwargs) ] self.client = AzureMonitorClient( host=parsed_connection_string.endpoint, connection_timeout=self._timeout, policies=policies, **kwargs) self.storage = LocalFileStorage( path=default_storage_path, max_size=50 * 1024 * 1024, # Maximum size in bytes. maintenance_period=60, # Maintenance interval in seconds. retention_period=7 * 24 * 60 * 60, # Retention period in seconds )
def __init__(self, **kwargs: Any) -> None: """Azure Monitor base exporter for OpenTelemetry. :param options: Exporter configuration options. :type options: ~azure.opentelemetry.exporter.azuremonitor.options.ExporterOptions :keyword str connection_string: The connection string to be used for authentication :rtype: None """ options = ExporterOptions(**kwargs) parsed_connection_string = ConnectionStringParser( options.connection_string) self._instrumentation_key = parsed_connection_string.instrumentation_key self._timeout = 10.0 # networking timeout in seconds temp_suffix = self._instrumentation_key or "" default_storage_path = os.path.join(tempfile.gettempdir(), TEMPDIR_PREFIX + temp_suffix) config = AzureMonitorClientConfiguration( parsed_connection_string.endpoint, **kwargs) policies = [ RequestIdPolicy(**kwargs), config.headers_policy, config.user_agent_policy, config.proxy_policy, ContentDecodePolicy(**kwargs), config.redirect_policy, config.retry_policy, config.authentication_policy, config.custom_hook_policy, config.logging_policy, # Explicitly disabling to avoid infinite loop of Span creation when data is exported # DistributedTracingPolicy(**kwargs), config.http_logging_policy or HttpLoggingPolicy(**kwargs) ] self.client = AzureMonitorClient( host=parsed_connection_string.endpoint, connection_timeout=self._timeout, policies=policies, **kwargs) self.storage = LocalFileStorage( path=default_storage_path, max_size=50 * 1024 * 1024, # Maximum size in bytes. maintenance_period=60, # Maintenance interval in seconds. retention_period=7 * 24 * 60 * 60, # Retention period in seconds )
def _build_pipeline(config=None, policies=None, transport=None, **kwargs): # type: (Optional[Configuration], Optional[PolicyList], Optional[HttpTransport], **Any) -> Pipeline config = config or _create_config(**kwargs) if policies is None: # [] is a valid policy list policies = [ ContentDecodePolicy(), config.user_agent_policy, config.proxy_policy, config.retry_policy, config.logging_policy, DistributedTracingPolicy(**kwargs), HttpLoggingPolicy(**kwargs), ] if not transport: transport = RequestsTransport(**kwargs) return Pipeline(transport=transport, policies=policies)
def _policies(credential, **kwargs): # type: (Union[AzureKeyCredential, EventGridSharedAccessSignatureCredential], Any) -> List[Any] auth_policy = _get_authentication_policy(credential) sdk_moniker = 'eventgrid/{}'.format(VERSION) policies = [ RequestIdPolicy(**kwargs), HeadersPolicy(**kwargs), UserAgentPolicy(sdk_moniker=sdk_moniker, **kwargs), ProxyPolicy(**kwargs), ContentDecodePolicy(**kwargs), RedirectPolicy(**kwargs), RetryPolicy(**kwargs), auth_policy, CustomHookPolicy(**kwargs), NetworkTraceLoggingPolicy(**kwargs), DistributedTracingPolicy(**kwargs), CloudEventDistributedTracingPolicy(), HttpLoggingPolicy(**kwargs) ] return policies
def __init__( self, config=None, # type: Optional[Configuration] policies=None, # type: Optional[Iterable[HTTPPolicy]] transport=None, # type: Optional[HttpTransport] **kwargs # type: Any ): # type: (...) -> None config = config or self._create_config(**kwargs) policies = policies or [ ContentDecodePolicy(), config.retry_policy, config.logging_policy, DistributedTracingPolicy(), ] if not transport: transport = RequestsTransport(**kwargs) self._pipeline = Pipeline(transport=transport, policies=policies) super(AuthnClient, self).__init__(**kwargs)
def _policies(credential: Union[AzureKeyCredential, AzureSasCredential], **kwargs: Any) -> List[Any]: auth_policy = _get_authentication_policy(credential) sdk_moniker = 'eventgridpublisherclient/{}'.format(VERSION) policies = [ RequestIdPolicy(**kwargs), HeadersPolicy(**kwargs), UserAgentPolicy(sdk_moniker=sdk_moniker, **kwargs), ProxyPolicy(**kwargs), ContentDecodePolicy(**kwargs), AsyncRedirectPolicy(**kwargs), AsyncRetryPolicy(**kwargs), auth_policy, CustomHookPolicy(**kwargs), NetworkTraceLoggingPolicy(**kwargs), DistributedTracingPolicy(**kwargs), CloudEventDistributedTracingPolicy(), HttpLoggingPolicy(**kwargs) ] return policies
async def test_cloud_shell_live(cloud_shell): credential = ManagedIdentityCredential() token = credential.get_token("https://vault.azure.net") # Validate the token by sending a request to the Key Vault. The request is manual because azure-keyvault-secrets # can't authenticate in Cloud Shell; the MSI endpoint there doesn't support AADv2 scopes. policies = [ ContentDecodePolicy(), AsyncRedirectPolicy(), AsyncRetryPolicy(), HttpLoggingPolicy() ] client = AsyncPipelineClient(cloud_shell["vault_url"], policies=policies) list_secrets = client.get( "secrets", headers={"Authorization": "Bearer " + token.token}, params={"api-version": "7.0"}) async with client: await client._pipeline.run(list_secrets)