Search in sources :

Example 1 with ManagedIdentityCredentialBuilder

use of com.azure.identity.ManagedIdentityCredentialBuilder in project azure-credentials-plugin by jenkinsci.

the class AzureCredentials method getSystemCredentialById.

/**
 * Only checks the system provider for credentials.
 * Use if you need to bypass other providers, e.g. in a credential provider.
 */
public static TokenCredential getSystemCredentialById(String credentialID) {
    if (StringUtils.isEmpty(credentialID)) {
        return null;
    }
    SystemCredentialsProvider systemCredentialsProvider = SystemCredentialsProvider.getInstance();
    List<AzureImdsCredentials> azureImdsCredentials = DomainCredentials.getCredentials(systemCredentialsProvider.getDomainCredentialsMap(), AzureImdsCredentials.class, Collections.emptyList(), CredentialsMatchers.withId(credentialID));
    if (!azureImdsCredentials.isEmpty()) {
        return new ManagedIdentityCredentialBuilder().build();
    }
    List<AzureCredentials> azureCredentials = DomainCredentials.getCredentials(systemCredentialsProvider.getDomainCredentialsMap(), AzureCredentials.class, Collections.emptyList(), CredentialsMatchers.withId(credentialID));
    ClientSecretCredential credential = null;
    if (!azureCredentials.isEmpty()) {
        AzureCredentials azureCredential = azureCredentials.get(0);
        credential = new ClientSecretCredentialBuilder().clientId(azureCredential.getClientId()).clientSecret(azureCredential.getPlainClientSecret()).httpClient(HttpClientRetriever.get()).tenantId(azureCredential.getTenant()).build();
    }
    if (credential == null) {
        throw new RuntimeException(String.format("Credential: %s was not found for supported credentials " + "type.", credentialID));
    }
    return credential;
}
Also used : SystemCredentialsProvider(com.cloudbees.plugins.credentials.SystemCredentialsProvider) ClientSecretCredentialBuilder(com.azure.identity.ClientSecretCredentialBuilder) ClientSecretCredential(com.azure.identity.ClientSecretCredential) ManagedIdentityCredentialBuilder(com.azure.identity.ManagedIdentityCredentialBuilder)

Example 2 with ManagedIdentityCredentialBuilder

use of com.azure.identity.ManagedIdentityCredentialBuilder in project azure-keyvault-plugin by jenkinsci.

the class AzureKeyVaultCredentialRetriever method getCredentialById.

@CheckForNull
public static TokenCredential getCredentialById(String credentialID, Run<?, ?> build) {
    TokenCredential credential;
    AzureBaseCredentials cred = CredentialsProvider.findCredentialById(credentialID, AzureBaseCredentials.class, build);
    if (cred == null) {
        throw new AzureKeyVaultException(String.format("Credential: %s was not found", credentialID));
    }
    if (cred instanceof AzureCredentials) {
        LOGGER.log(Level.FINE, format("Fetched %s as AzureCredentials", credentialID));
        CredentialsProvider.track(build, cred);
        AzureCredentials azureCredentials = (AzureCredentials) cred;
        credential = new ClientSecretCredentialBuilder().clientId(azureCredentials.getClientId()).clientSecret(azureCredentials.getPlainClientSecret()).httpClient(HttpClientRetriever.get()).tenantId(azureCredentials.getTenant()).build();
    } else if (cred instanceof AzureImdsCredentials) {
        credential = new ManagedIdentityCredentialBuilder().build();
    } else {
        throw new AzureKeyVaultException("Could not determine the type for Secret id " + credentialID + " only 'Azure Service Principal' and 'Azure Managed Identity' are supported");
    }
    return credential;
}
Also used : AzureCredentials(com.microsoft.azure.util.AzureCredentials) ClientSecretCredentialBuilder(com.azure.identity.ClientSecretCredentialBuilder) AzureBaseCredentials(com.microsoft.azure.util.AzureBaseCredentials) AzureImdsCredentials(com.microsoft.azure.util.AzureImdsCredentials) TokenCredential(com.azure.core.credential.TokenCredential) ManagedIdentityCredentialBuilder(com.azure.identity.ManagedIdentityCredentialBuilder) CheckForNull(javax.annotation.CheckForNull)

Example 3 with ManagedIdentityCredentialBuilder

use of com.azure.identity.ManagedIdentityCredentialBuilder in project azure-credentials-plugin by jenkinsci.

the class AzureImdsCredentials method validate.

public boolean validate() throws AzureCredentials.ValidationException {
    try {
        final String credentialSubscriptionId = getSubscriptionId();
        AzureProfile profile = new AzureProfile(AzureEnvUtil.resolveAzureEnv(getAzureEnvName()));
        ManagedIdentityCredential credential = new ManagedIdentityCredentialBuilder().build();
        AzureResourceManager azure = AzureResourceManager.configure().withHttpClient(HttpClientRetriever.get()).authenticate(credential, profile).withSubscription(credentialSubscriptionId);
        PagedIterable<Subscription> subscriptions = azure.subscriptions().list();
        if (subscriptionId != null) {
            for (Subscription subscription : subscriptions) {
                if (subscription.subscriptionId().equalsIgnoreCase(credentialSubscriptionId)) {
                    return true;
                }
            }
        } else {
            return true;
        }
    } catch (Exception e) {
        throw new AzureCredentials.ValidationException(Messages.Azure_CantValidate() + ": " + e.getMessage(), e);
    }
    throw new AzureCredentials.ValidationException(Messages.Azure_Invalid_SubscriptionId());
}
Also used : AzureProfile(com.azure.core.management.profile.AzureProfile) ManagedIdentityCredential(com.azure.identity.ManagedIdentityCredential) AzureResourceManager(com.azure.resourcemanager.AzureResourceManager) Subscription(com.azure.resourcemanager.resources.models.Subscription) ManagedIdentityCredentialBuilder(com.azure.identity.ManagedIdentityCredentialBuilder)

Example 4 with ManagedIdentityCredentialBuilder

use of com.azure.identity.ManagedIdentityCredentialBuilder in project micronaut-azure by micronaut-projects.

the class AzureCredentialFactory method managedIdentityCredentialBuilder.

/**
 * Creates the {@link ManagedIdentityCredential} builder.
 *
 * @param configuration the configuration
 * @return the builder
 */
@Requires(property = AzureCredentialsConfiguration.ManagedIdentityCredentialConfiguration.ENABLED, notEquals = StringUtils.FALSE, defaultValue = StringUtils.FALSE)
@Singleton
public ManagedIdentityCredentialBuilder managedIdentityCredentialBuilder(AzureCredentialsConfiguration.ManagedIdentityCredentialConfiguration configuration) {
    final ManagedIdentityCredentialBuilder builder = new ManagedIdentityCredentialBuilder();
    configuration.getClientId().ifPresent(builder::clientId);
    return builder;
}
Also used : ManagedIdentityCredentialBuilder(com.azure.identity.ManagedIdentityCredentialBuilder) Requires(io.micronaut.context.annotation.Requires) Singleton(jakarta.inject.Singleton)

Aggregations

ManagedIdentityCredentialBuilder (com.azure.identity.ManagedIdentityCredentialBuilder)4 ClientSecretCredentialBuilder (com.azure.identity.ClientSecretCredentialBuilder)2 TokenCredential (com.azure.core.credential.TokenCredential)1 AzureProfile (com.azure.core.management.profile.AzureProfile)1 ClientSecretCredential (com.azure.identity.ClientSecretCredential)1 ManagedIdentityCredential (com.azure.identity.ManagedIdentityCredential)1 AzureResourceManager (com.azure.resourcemanager.AzureResourceManager)1 Subscription (com.azure.resourcemanager.resources.models.Subscription)1 SystemCredentialsProvider (com.cloudbees.plugins.credentials.SystemCredentialsProvider)1 AzureBaseCredentials (com.microsoft.azure.util.AzureBaseCredentials)1 AzureCredentials (com.microsoft.azure.util.AzureCredentials)1 AzureImdsCredentials (com.microsoft.azure.util.AzureImdsCredentials)1 Requires (io.micronaut.context.annotation.Requires)1 Singleton (jakarta.inject.Singleton)1 CheckForNull (javax.annotation.CheckForNull)1