* Identity: IMDS fail-fast and Cred order change in DAC (and Core support)
* Mac fix and cspell update
* Update unit test and clang-format
* Temporarily update samples to use AzCliCred until recordings are re-recorded
* Revert samples back to use DAC
* Remove SAS auth from Tables template
* Clang-format
* Add support for 'AZURE_POD_IDENTITY_AUTHORITY_HOST', override it for running samples in CI
* Add unit test for AZURE_POD_IDENTITY_AUTHORITY_HOST
* "in milliseconds"
Co-authored-by: Scott Addie <10702007+scottaddie@users.noreply.github.com>
* PR Feedback
* Named constant + comment
---------
Co-authored-by: Anton Kolesnyk <antkmsft@users.noreply.github.com>
Co-authored-by: Scott Addie <10702007+scottaddie@users.noreply.github.com>
* Identity: update Troubleshooting.md with all the credentials
* </li></ul>
---------
Co-authored-by: Anton Kolesnyk <antkmsft@users.noreply.github.com>
* Update Identity root README to align with the common format
* Update vcpkg link identifier in README
* Remove vcpkg installation instructions from README
---------
Co-authored-by: Anton Kolesnyk <antkmsft@users.noreply.github.com>
* Use TokenCredential *const* everywhere
* Use left const where the surrounding code also uses it
* Use left const everywhere
* Clang-format
* More clang-format
* typos
* Clang-format
---------
Co-authored-by: Anton Kolesnyk <antkmsft@users.noreply.github.com>
* Identity: Log Client ID used in ManagedIdentityCredential
* Clang-format
* [&]
---------
Co-authored-by: Anton Kolesnyk <antkmsft@users.noreply.github.com>
* Identity: Add AzureCliCredentialOptions::Subscription
* Clang-format
* Id => ID
* Fix typo
* Apply suggestions from code review
Co-authored-by: Larry Osterman <LarryOsterman@users.noreply.github.com>
* Replace `decltype` with `auto` in test file
* + "If this is the name of a subscription, use its ID instead."
---------
Co-authored-by: Anton Kolesnyk <antkmsft@users.noreply.github.com>
Co-authored-by: Larry Osterman <LarryOsterman@users.noreply.github.com>
The SONAME currently written to shared libraries is unversioned, e.g.
libazure-core.so. The SDK's ABI is unstable, so replacing these .so
files with newer versions will immediately break any consumers.
Setting the VERSION property results in libazure-core.so being a symlink
that is used at build time to point to the versioned library, e.g.
libazure-core.so.1.14.0. Consumers point directly to the versioned
library and continue to work against the older version when the library
is upgraded. Once rebuilt, they then point to the newer version instead.
It is more common to use an ABI version that is separate to the library
version, but it makes sense to use the latter when the ABI is unstable.
The Boost libraries do exactly this.
This change has no effect on static libraries, which is the more common
use case. See the CMake documentation for its wider effects.
https://cmake.org/cmake/help/latest/prop_tgt/VERSION.html
* Remove support for customizing the IMDS endpoint within ManagedIdentityCredential using an env var
* Remove test after merge.
* Revert "Remove test after merge."
This reverts commit 0d1a4fb8ca5c34bc253e999a86d337bbcddea63e.
* Only remove the test, after merge.
* Move imds endpoint url to a named const string and add doc link
* Use a static factory method
* Update tests and samples.
* Remove unnecessary std::move and update the samples in readme.
* Address PR feedback - use more real values for resourceIDs in tests.
* Update tests and samples to use resourceID strings with the expected prefix.
* Fix test assert.
* In ClientCertificateCredential, add the x5c parameter of the JWT token as a JSON array rather than a JSON string.
* Update sdk/identity/azure-identity/src/client_certificate_credential.cpp
Co-authored-by: Ray Luo <rayluo.mba@gmail.com>
---------
Co-authored-by: Ray Luo <rayluo.mba@gmail.com>
* Use code snippets from managed identity credential samples in identity readme doc.
* Generate readme from snippets.
* Update snippet generation script to remove unnecessary indentation and extra new line at eof.
* Update Snippet Generation doc to show a concrete example on how to run it.
* Update other repo READMEs with the generation fixes.
* Fix KeyVault Secrets sample and use the snippets in its README
* Use the added sample snippet.
* Add a readme section for user and system assigned managed identity for
MICredential.
* Update the README to reflect new API surface and add section about Object ID.
* Mention object ID in the intro.
* Reorder the list of IDs mentioned to match the section order.
* Updated the request header sent to the OIDC endpoint in so it doesn't result in a redirect response when an invalid system access token is provided.
* Add comment on what X-TFS-FedAuthRedirect does.
* Allow x-vss-e2eid response header to be logged in AzurePipelinesCredential for diagnostics.
* Dont redact the x-msedge-ref header either.
* Add the necessary response headers to the exception message.
* Update cspell.
* Update CL
* Fix size_t comparison
* Use std::array to get the size() method.
* Add the <array> include directive to be explicit.
* Accept base64 (PEM) encoded certificate as std::string instead of vector<uint8_t>
* Fix unix implementation and remove use of privacy enhance mail in comments, in favor of PEM
* Add support for passing in the x509 certificate and its corresponding private key directly to , rather than reading from a pem file.
* Move the x509 and pkey objects
* Add basic test.
* Fix doc comment due to merge.
* Fix merge, add back the bool
* Pass in bool in other locations
* Fix finding pem cert content from memory and add tests with send chain true.
* Use d2i_PrivateKey_bio instead of PEM_read_bio_PrivateKey since the private key isn't in pem format.
* Fix doc comments to match the type name rather than copy/paste typo from client secret cred.
* Make options optional and add invalid content tests.
* Disable cspell in some places within tests.
* Make exception message consistent between platforms when reading a file.
* Add public surface area to support sending a chain of certs.
* Add x5c param to the JWT token.
* Simplify test.
* Address PR feedback and fix typo.
* Fix typo.
* Move the ResourceIdentifier type from Identity to Azure::Core.
* Fix the namespace in the source cpp file.
* Fix managed identity credential tests.
* Fix clang format.
* Add support for providing an object ID to ManagedIdentityCredential.
* Update cspell checks.
* Add support for creating a Uuid from a string, and use that as the
MICred overload for objectId.
* Add a remark comment to make it clear that object and client ids are not interchangeable.
* Remove the non-const ToString() as that isn't required.
* Update tests to use valid hex Uuid values.
* Use a discriminated union design approach with a ManagedIdentityType
object and ManagedIdentityIdType enum.
* Fix typo and remove Uuid CreateFromString.
* Address PR feedback.
* Update doc comment.
* Update comments and exception message to consistently use hyphens
between user/system and assigned.
