use of com.azure.identity.ManagedIdentityCredentialBuilder in project azure-credentials-plugin by jenkinsci.
the class AzureCredentials method getSystemCredentialById.
/**
* Only checks the system provider for credentials.
* Use if you need to bypass other providers, e.g. in a credential provider.
*/
public static TokenCredential getSystemCredentialById(String credentialID) {
if (StringUtils.isEmpty(credentialID)) {
return null;
}
SystemCredentialsProvider systemCredentialsProvider = SystemCredentialsProvider.getInstance();
List<AzureImdsCredentials> azureImdsCredentials = DomainCredentials.getCredentials(systemCredentialsProvider.getDomainCredentialsMap(), AzureImdsCredentials.class, Collections.emptyList(), CredentialsMatchers.withId(credentialID));
if (!azureImdsCredentials.isEmpty()) {
return new ManagedIdentityCredentialBuilder().build();
}
List<AzureCredentials> azureCredentials = DomainCredentials.getCredentials(systemCredentialsProvider.getDomainCredentialsMap(), AzureCredentials.class, Collections.emptyList(), CredentialsMatchers.withId(credentialID));
ClientSecretCredential credential = null;
if (!azureCredentials.isEmpty()) {
AzureCredentials azureCredential = azureCredentials.get(0);
credential = new ClientSecretCredentialBuilder().clientId(azureCredential.getClientId()).clientSecret(azureCredential.getPlainClientSecret()).httpClient(HttpClientRetriever.get()).tenantId(azureCredential.getTenant()).build();
}
if (credential == null) {
throw new RuntimeException(String.format("Credential: %s was not found for supported credentials " + "type.", credentialID));
}
return credential;
}
use of com.azure.identity.ManagedIdentityCredentialBuilder in project azure-keyvault-plugin by jenkinsci.
the class AzureKeyVaultCredentialRetriever method getCredentialById.
@CheckForNull
public static TokenCredential getCredentialById(String credentialID, Run<?, ?> build) {
TokenCredential credential;
AzureBaseCredentials cred = CredentialsProvider.findCredentialById(credentialID, AzureBaseCredentials.class, build);
if (cred == null) {
throw new AzureKeyVaultException(String.format("Credential: %s was not found", credentialID));
}
if (cred instanceof AzureCredentials) {
LOGGER.log(Level.FINE, format("Fetched %s as AzureCredentials", credentialID));
CredentialsProvider.track(build, cred);
AzureCredentials azureCredentials = (AzureCredentials) cred;
credential = new ClientSecretCredentialBuilder().clientId(azureCredentials.getClientId()).clientSecret(azureCredentials.getPlainClientSecret()).httpClient(HttpClientRetriever.get()).tenantId(azureCredentials.getTenant()).build();
} else if (cred instanceof AzureImdsCredentials) {
credential = new ManagedIdentityCredentialBuilder().build();
} else {
throw new AzureKeyVaultException("Could not determine the type for Secret id " + credentialID + " only 'Azure Service Principal' and 'Azure Managed Identity' are supported");
}
return credential;
}
use of com.azure.identity.ManagedIdentityCredentialBuilder in project azure-credentials-plugin by jenkinsci.
the class AzureImdsCredentials method validate.
public boolean validate() throws AzureCredentials.ValidationException {
try {
final String credentialSubscriptionId = getSubscriptionId();
AzureProfile profile = new AzureProfile(AzureEnvUtil.resolveAzureEnv(getAzureEnvName()));
ManagedIdentityCredential credential = new ManagedIdentityCredentialBuilder().build();
AzureResourceManager azure = AzureResourceManager.configure().withHttpClient(HttpClientRetriever.get()).authenticate(credential, profile).withSubscription(credentialSubscriptionId);
PagedIterable<Subscription> subscriptions = azure.subscriptions().list();
if (subscriptionId != null) {
for (Subscription subscription : subscriptions) {
if (subscription.subscriptionId().equalsIgnoreCase(credentialSubscriptionId)) {
return true;
}
}
} else {
return true;
}
} catch (Exception e) {
throw new AzureCredentials.ValidationException(Messages.Azure_CantValidate() + ": " + e.getMessage(), e);
}
throw new AzureCredentials.ValidationException(Messages.Azure_Invalid_SubscriptionId());
}
use of com.azure.identity.ManagedIdentityCredentialBuilder in project micronaut-azure by micronaut-projects.
the class AzureCredentialFactory method managedIdentityCredentialBuilder.
/**
* Creates the {@link ManagedIdentityCredential} builder.
*
* @param configuration the configuration
* @return the builder
*/
@Requires(property = AzureCredentialsConfiguration.ManagedIdentityCredentialConfiguration.ENABLED, notEquals = StringUtils.FALSE, defaultValue = StringUtils.FALSE)
@Singleton
public ManagedIdentityCredentialBuilder managedIdentityCredentialBuilder(AzureCredentialsConfiguration.ManagedIdentityCredentialConfiguration configuration) {
final ManagedIdentityCredentialBuilder builder = new ManagedIdentityCredentialBuilder();
configuration.getClientId().ifPresent(builder::clientId);
return builder;
}
Aggregations