Search in sources :

Example 1 with DefaultAzureCredentialBuilder

use of com.azure.identity.DefaultAzureCredentialBuilder in project DataSpaceConnector by eclipse-dataspaceconnector.

the class AzureResourceManagerExtension method initialize.

@Override
public void initialize(ServiceExtensionContext context) {
    var tenantId = requiredSetting(context, "edc.azure.tenant.id");
    var subscriptionId = requiredSetting(context, "edc.azure.subscription.id");
    // Detect credential source based on runtime environment, e.g. Azure CLI, environment variables
    var credential = new DefaultAzureCredentialBuilder().build();
    var azure = AzureEnvironment.AZURE;
    var profile = new AzureProfile(tenantId, subscriptionId, azure);
    var resourceManager = AzureResourceManager.authenticate(credential, profile).withSubscription(subscriptionId);
    context.registerService(AzureEnvironment.class, azure);
    context.registerService(TokenCredential.class, credential);
    context.registerService(AzureProfile.class, profile);
    context.registerService(AzureResourceManager.class, resourceManager);
}
Also used : DefaultAzureCredentialBuilder(com.azure.identity.DefaultAzureCredentialBuilder) AzureProfile(com.azure.core.management.profile.AzureProfile)

Example 2 with DefaultAzureCredentialBuilder

use of com.azure.identity.DefaultAzureCredentialBuilder in project DataSpaceConnector by eclipse-dataspaceconnector.

the class DataPlaneAzureDataFactoryExtension method initialize.

@Override
public void initialize(ServiceExtensionContext context) {
    var monitor = context.getMonitor();
    var dataFactoryId = requiredSetting(context, RESOURCE_ID);
    var keyVaultId = requiredSetting(context, KEY_VAULT_RESOURCE_ID);
    var keyVaultLinkedService = context.getSetting(KEY_VAULT_LINKED_SERVICE_NAME, "AzureKeyVault");
    var dataFactoryManager = DataFactoryManager.authenticate(credential, profile);
    var factory = resourceManager.genericResources().getById(dataFactoryId);
    var vault = resourceManager.vaults().getById(keyVaultId);
    var secretClient = new SecretClientBuilder().vaultUrl(vault.vaultUri()).credential(new DefaultAzureCredentialBuilder().build()).buildClient();
    var maxDuration = Duration.ofHours(1);
    var dataFactoryClient = new DataFactoryClient(dataFactoryManager, factory.resourceGroupName(), factory.name());
    var keyVaultClient = new KeyVaultClient(secretClient);
    var validator = new AzureDataFactoryTransferRequestValidator();
    var pipelineFactory = new DataFactoryPipelineFactory(keyVaultLinkedService, keyVaultClient, dataFactoryClient, context.getTypeManager());
    var pollDelay = Duration.ofMillis(context.getSetting(DATA_FACTORY_POLL_DELAY, 5000L));
    var transferManager = new AzureDataFactoryTransferManager(monitor, dataFactoryClient, pipelineFactory, maxDuration, clock, blobStoreApi, context.getTypeManager(), keyVaultClient, pollDelay);
    var transferService = new AzureDataFactoryTransferService(validator, transferManager);
    registry.registerTransferService(transferService);
}
Also used : DefaultAzureCredentialBuilder(com.azure.identity.DefaultAzureCredentialBuilder) SecretClientBuilder(com.azure.security.keyvault.secrets.SecretClientBuilder)

Example 3 with DefaultAzureCredentialBuilder

use of com.azure.identity.DefaultAzureCredentialBuilder in project vividus by vividus-framework.

the class CredentialFactoryTests method shouldCreateTokenCredential.

@Test
void shouldCreateTokenCredential() {
    DefaultAzureCredential defaultAzureCredential = mock(DefaultAzureCredential.class);
    try (MockedConstruction<DefaultAzureCredentialBuilder> credentialsBuilder = mockConstruction(DefaultAzureCredentialBuilder.class, (mock, context) -> when(mock.build()).thenReturn(defaultAzureCredential))) {
        assertEquals(defaultAzureCredential, CredentialFactory.createTokenCredential());
        assertThat(credentialsBuilder.constructed(), hasSize(1));
    }
}
Also used : DefaultAzureCredentialBuilder(com.azure.identity.DefaultAzureCredentialBuilder) DefaultAzureCredential(com.azure.identity.DefaultAzureCredential) Test(org.junit.jupiter.api.Test)

Example 4 with DefaultAzureCredentialBuilder

use of com.azure.identity.DefaultAzureCredentialBuilder in project MinimumViableDataspace by agera-edc.

the class BlobTransferIntegrationTest method getBlobServiceClient.

@NotNull
private BlobServiceClient getBlobServiceClient(String keyVaultName) {
    var credential = new DefaultAzureCredentialBuilder().build();
    var vault = new SecretClientBuilder().vaultUrl(format(KEY_VAULT_ENDPOINT_TEMPLATE, keyVaultName)).credential(credential).buildClient();
    // Find the first account with a key in the key vault
    var accountKeySecret = vault.listPropertiesOfSecrets().stream().filter(s -> s.getName().endsWith("-key1")).findFirst().orElseThrow(() -> new AssertionError("Key vault " + keyVaultName + " should contain the storage account key"));
    var accountKey = vault.getSecret(accountKeySecret.getName());
    var accountName = accountKeySecret.getName().replaceFirst("-key1$", "");
    var blobServiceClient = new BlobServiceClientBuilder().endpoint(format(BLOB_STORE_ENDPOINT_TEMPLATE, accountName)).credential(new StorageSharedKeyCredential(accountName, accountKey.getValue())).buildClient();
    return blobServiceClient;
}
Also used : DefaultAzureCredentialBuilder(com.azure.identity.DefaultAzureCredentialBuilder) SecretClientBuilder(com.azure.security.keyvault.secrets.SecretClientBuilder) BlobServiceClientBuilder(com.azure.storage.blob.BlobServiceClientBuilder) StorageSharedKeyCredential(com.azure.storage.common.StorageSharedKeyCredential) NotNull(org.jetbrains.annotations.NotNull)

Example 5 with DefaultAzureCredentialBuilder

use of com.azure.identity.DefaultAzureCredentialBuilder in project tessera by ConsenSys.

the class AzureKeyVaultServiceFactory method create.

@Override
public KeyVaultService create(Config config, EnvironmentVariableProvider envProvider) {
    Objects.requireNonNull(config);
    final KeyVaultConfig keyVaultConfig = Optional.ofNullable(config.getKeys()).flatMap(k -> k.getKeyVaultConfig(KeyVaultType.AZURE)).orElseThrow(() -> new ConfigException(new RuntimeException("Trying to create Azure key vault connection but no Azure configuration provided")));
    final String url = keyVaultConfig.getProperty("url").orElseThrow(() -> new ConfigException(new RuntimeException("No Azure Key Vault url provided")));
    final SecretClient secretClient = new SecretClientBuilder().vaultUrl(url).httpLogOptions(new HttpLogOptions().setLogLevel(HttpLogDetailLevel.BODY_AND_HEADERS)).credential(new DefaultAzureCredentialBuilder().build()).buildClient();
    return new AzureKeyVaultService(secretClient);
}
Also used : KeyVaultType(com.quorum.tessera.config.KeyVaultType) KeyVaultConfig(com.quorum.tessera.config.KeyVaultConfig) DefaultAzureCredentialBuilder(com.azure.identity.DefaultAzureCredentialBuilder) HttpLogOptions(com.azure.core.http.policy.HttpLogOptions) SecretClientBuilder(com.azure.security.keyvault.secrets.SecretClientBuilder) KeyVaultService(com.quorum.tessera.key.vault.KeyVaultService) KeyVaultServiceFactory(com.quorum.tessera.key.vault.KeyVaultServiceFactory) Objects(java.util.Objects) ConfigException(com.quorum.tessera.config.ConfigException) Optional(java.util.Optional) SecretClient(com.azure.security.keyvault.secrets.SecretClient) Config(com.quorum.tessera.config.Config) EnvironmentVariableProvider(com.quorum.tessera.config.util.EnvironmentVariableProvider) HttpLogDetailLevel(com.azure.core.http.policy.HttpLogDetailLevel) DefaultAzureCredentialBuilder(com.azure.identity.DefaultAzureCredentialBuilder) SecretClientBuilder(com.azure.security.keyvault.secrets.SecretClientBuilder) KeyVaultConfig(com.quorum.tessera.config.KeyVaultConfig) ConfigException(com.quorum.tessera.config.ConfigException) HttpLogOptions(com.azure.core.http.policy.HttpLogOptions) SecretClient(com.azure.security.keyvault.secrets.SecretClient)

Aggregations

DefaultAzureCredentialBuilder (com.azure.identity.DefaultAzureCredentialBuilder)5 SecretClientBuilder (com.azure.security.keyvault.secrets.SecretClientBuilder)3 HttpLogDetailLevel (com.azure.core.http.policy.HttpLogDetailLevel)1 HttpLogOptions (com.azure.core.http.policy.HttpLogOptions)1 AzureProfile (com.azure.core.management.profile.AzureProfile)1 DefaultAzureCredential (com.azure.identity.DefaultAzureCredential)1 SecretClient (com.azure.security.keyvault.secrets.SecretClient)1 BlobServiceClientBuilder (com.azure.storage.blob.BlobServiceClientBuilder)1 StorageSharedKeyCredential (com.azure.storage.common.StorageSharedKeyCredential)1 Config (com.quorum.tessera.config.Config)1 ConfigException (com.quorum.tessera.config.ConfigException)1 KeyVaultConfig (com.quorum.tessera.config.KeyVaultConfig)1 KeyVaultType (com.quorum.tessera.config.KeyVaultType)1 EnvironmentVariableProvider (com.quorum.tessera.config.util.EnvironmentVariableProvider)1 KeyVaultService (com.quorum.tessera.key.vault.KeyVaultService)1 KeyVaultServiceFactory (com.quorum.tessera.key.vault.KeyVaultServiceFactory)1 Objects (java.util.Objects)1 Optional (java.util.Optional)1 NotNull (org.jetbrains.annotations.NotNull)1 Test (org.junit.jupiter.api.Test)1