@Override public String getToken(String tokenAudience) throws IOException { if (this.tokenSource == MSITokenSource.MSI_EXTENSION) { return this.getTokenFromMSIExtension(tokenAudience == null ? this.resource : tokenAudience); } else { return this.getTokenFromIMDSEndpoint(tokenAudience == null ? this.resource : tokenAudience); } }
LOG.debug("Will use MSI credentials for VMs with specified clientId"); final String clientId = getProperty(this.environment, Constants.AZURE_KEYVAULT_CLIENT_ID); return new MSICredentials(AzureEnvironment.AZURE).withClientId(clientId); return new MSICredentials(AzureEnvironment.AZURE);
/** * Get Authenticated object using authentication file from Azure CLI 2.0 * * Note: The integrated Azure CLI in Azure Cloud Shell does not have the accessToken.json, * so we need to use MSI to authenticate in the Cloud Shell. * * @return Authenticated object if Azure CLI 2.0 is logged in correctly; otherwise return null. */ protected Authenticated getAuthObjFromAzureCli() { try { final Azure.Configurable azureConfigurable = azureConfigure(); final Authenticated auth; if (isInCloudShell()) { getLog().info(AUTH_WITH_MSI); auth = azureConfigurable.authenticate(new MSICredentials()); } else { getLog().info(AUTH_WITH_AZURE_CLI); auth = azureConfigurable.authenticate(AzureCliCredentials.create()); } return auth; } catch (Exception e) { getLog().debug(AZURE_CLI_AUTH_FAIL); getLog().debug(e); } return null; }
break; } else { sleep(retryTimeoutInMs);
private String getTokenFromIMDSEndpoint(String tokenAudience) { MSIToken token = cache.get(tokenAudience); if (token != null && !token.isExpired()) { return token.accessToken(); } lock.lock(); try { token = cache.get(tokenAudience); if (token != null && !token.isExpired()) { return token.accessToken(); } try { token = retrieveTokenFromIDMSWithRetry(tokenAudience); if (token != null) { cache.put(tokenAudience, token); } } catch (IOException exception) { throw new RuntimeException(exception); } return token.accessToken(); } finally { lock.unlock(); } }
LOG.debug("Will use MSI credentials for VMs with specified clientId"); final String clientId = getProperty(this.environment, Constants.AZURE_KEYVAULT_CLIENT_ID); return new MSICredentials(AzureEnvironment.AZURE).withClientId(clientId); return new MSICredentials(AzureEnvironment.AZURE);
/** * Get Authenticated object using authentication file from Azure CLI 2.0 * * Note: The integrated Azure CLI in Azure Cloud Shell does not have the accessToken.json, * so we need to use MSI to authenticate in the Cloud Shell. * * @return Authenticated object if Azure CLI 2.0 is logged in correctly; otherwise return null. */ protected Authenticated getAuthObjFromAzureCli() { try { final Azure.Configurable azureConfigurable = azureConfigure(); final Authenticated auth; if (isInCloudShell()) { getLog().info(AUTH_WITH_MSI); auth = azureConfigurable.authenticate(new MSICredentials()); } else { getLog().info(AUTH_WITH_AZURE_CLI); auth = azureConfigurable.authenticate(AzureCliCredentials.create()); } return auth; } catch (Exception e) { getLog().debug(AZURE_CLI_AUTH_FAIL); getLog().debug(e); } return null; }