Example 1 with ManagedIdentityCredentialBuilder
use of com.azure.identity.ManagedIdentityCredentialBuilder in project azure-credentials-plugin by jenkinsci.
the class AzureCredentials method getSystemCredentialById.
/**
* Only checks the system provider for credentials.
* Use if you need to bypass other providers, e.g. in a credential provider.
*/
public static TokenCredential getSystemCredentialById(String credentialID) {
if (StringUtils.isEmpty(credentialID)) {
return null;
}
SystemCredentialsProvider systemCredentialsProvider = SystemCredentialsProvider.getInstance();
List<AzureImdsCredentials> azureImdsCredentials = DomainCredentials.getCredentials(systemCredentialsProvider.getDomainCredentialsMap(), AzureImdsCredentials.class, Collections.emptyList(), CredentialsMatchers.withId(credentialID));
if (!azureImdsCredentials.isEmpty()) {
return new ManagedIdentityCredentialBuilder().build();
}
List<AzureCredentials> azureCredentials = DomainCredentials.getCredentials(systemCredentialsProvider.getDomainCredentialsMap(), AzureCredentials.class, Collections.emptyList(), CredentialsMatchers.withId(credentialID));
ClientSecretCredential credential = null;
if (!azureCredentials.isEmpty()) {
AzureCredentials azureCredential = azureCredentials.get(0);
credential = new ClientSecretCredentialBuilder().clientId(azureCredential.getClientId()).clientSecret(azureCredential.getPlainClientSecret()).httpClient(HttpClientRetriever.get()).tenantId(azureCredential.getTenant()).build();
}
if (credential == null) {
throw new RuntimeException(String.format("Credential: %s was not found for supported credentials " + "type.", credentialID));
}
return credential;
}
Also used :
SystemCredentialsProvider(com.cloudbees.plugins.credentials.SystemCredentialsProvider)
ClientSecretCredentialBuilder(com.azure.identity.ClientSecretCredentialBuilder)
ClientSecretCredential(com.azure.identity.ClientSecretCredential)
ManagedIdentityCredentialBuilder(com.azure.identity.ManagedIdentityCredentialBuilder)
Example 2 with ManagedIdentityCredentialBuilder
use of com.azure.identity.ManagedIdentityCredentialBuilder in project azure-keyvault-plugin by jenkinsci.
the class AzureKeyVaultCredentialRetriever method getCredentialById.
@CheckForNull
public static TokenCredential getCredentialById(String credentialID, Run<?, ?> build) {
TokenCredential credential;
AzureBaseCredentials cred = CredentialsProvider.findCredentialById(credentialID, AzureBaseCredentials.class, build);
if (cred == null) {
throw new AzureKeyVaultException(String.format("Credential: %s was not found", credentialID));
}
if (cred instanceof AzureCredentials) {
LOGGER.log(Level.FINE, format("Fetched %s as AzureCredentials", credentialID));
CredentialsProvider.track(build, cred);
AzureCredentials azureCredentials = (AzureCredentials) cred;
credential = new ClientSecretCredentialBuilder().clientId(azureCredentials.getClientId()).clientSecret(azureCredentials.getPlainClientSecret()).httpClient(HttpClientRetriever.get()).tenantId(azureCredentials.getTenant()).build();
} else if (cred instanceof AzureImdsCredentials) {
credential = new ManagedIdentityCredentialBuilder().build();
} else {
throw new AzureKeyVaultException("Could not determine the type for Secret id " + credentialID + " only 'Azure Service Principal' and 'Azure Managed Identity' are supported");
}
return credential;
}
Also used :
AzureCredentials(com.microsoft.azure.util.AzureCredentials)
ClientSecretCredentialBuilder(com.azure.identity.ClientSecretCredentialBuilder)
AzureBaseCredentials(com.microsoft.azure.util.AzureBaseCredentials)
AzureImdsCredentials(com.microsoft.azure.util.AzureImdsCredentials)
TokenCredential(com.azure.core.credential.TokenCredential)
ManagedIdentityCredentialBuilder(com.azure.identity.ManagedIdentityCredentialBuilder)
CheckForNull(javax.annotation.CheckForNull)
Example 3 with ManagedIdentityCredentialBuilder
use of com.azure.identity.ManagedIdentityCredentialBuilder in project azure-credentials-plugin by jenkinsci.
the class AzureImdsCredentials method validate.
public boolean validate() throws AzureCredentials.ValidationException {
try {
final String credentialSubscriptionId = getSubscriptionId();
AzureProfile profile = new AzureProfile(AzureEnvUtil.resolveAzureEnv(getAzureEnvName()));
ManagedIdentityCredential credential = new ManagedIdentityCredentialBuilder().build();
AzureResourceManager azure = AzureResourceManager.configure().withHttpClient(HttpClientRetriever.get()).authenticate(credential, profile).withSubscription(credentialSubscriptionId);
PagedIterable<Subscription> subscriptions = azure.subscriptions().list();
if (subscriptionId != null) {
for (Subscription subscription : subscriptions) {
if (subscription.subscriptionId().equalsIgnoreCase(credentialSubscriptionId)) {
return true;
}
}
} else {
return true;
}
} catch (Exception e) {
throw new AzureCredentials.ValidationException(Messages.Azure_CantValidate() + ": " + e.getMessage(), e);
}
throw new AzureCredentials.ValidationException(Messages.Azure_Invalid_SubscriptionId());
}
Also used :
AzureProfile(com.azure.core.management.profile.AzureProfile)
ManagedIdentityCredential(com.azure.identity.ManagedIdentityCredential)
AzureResourceManager(com.azure.resourcemanager.AzureResourceManager)
Subscription(com.azure.resourcemanager.resources.models.Subscription)
ManagedIdentityCredentialBuilder(com.azure.identity.ManagedIdentityCredentialBuilder)
Example 4 with ManagedIdentityCredentialBuilder
use of com.azure.identity.ManagedIdentityCredentialBuilder in project micronaut-azure by micronaut-projects.
the class AzureCredentialFactory method managedIdentityCredentialBuilder.
/**
* Creates the {@link ManagedIdentityCredential} builder.
*
* @param configuration the configuration
* @return the builder
*/
@Requires(property = AzureCredentialsConfiguration.ManagedIdentityCredentialConfiguration.ENABLED, notEquals = StringUtils.FALSE, defaultValue = StringUtils.FALSE)
@Singleton
public ManagedIdentityCredentialBuilder managedIdentityCredentialBuilder(AzureCredentialsConfiguration.ManagedIdentityCredentialConfiguration configuration) {
final ManagedIdentityCredentialBuilder builder = new ManagedIdentityCredentialBuilder();
configuration.getClientId().ifPresent(builder::clientId);
return builder;
}
Also used :
ManagedIdentityCredentialBuilder(com.azure.identity.ManagedIdentityCredentialBuilder)
Requires(io.micronaut.context.annotation.Requires)
Singleton(jakarta.inject.Singleton)
Aggregations
ManagedIdentityCredentialBuilder (com.azure.identity.ManagedIdentityCredentialBuilder)4
ClientSecretCredentialBuilder (com.azure.identity.ClientSecretCredentialBuilder)2
TokenCredential (com.azure.core.credential.TokenCredential)1
AzureProfile (com.azure.core.management.profile.AzureProfile)1
ClientSecretCredential (com.azure.identity.ClientSecretCredential)1
ManagedIdentityCredential (com.azure.identity.ManagedIdentityCredential)1
AzureResourceManager (com.azure.resourcemanager.AzureResourceManager)1
Subscription (com.azure.resourcemanager.resources.models.Subscription)1
SystemCredentialsProvider (com.cloudbees.plugins.credentials.SystemCredentialsProvider)1
AzureBaseCredentials (com.microsoft.azure.util.AzureBaseCredentials)1
AzureCredentials (com.microsoft.azure.util.AzureCredentials)1
AzureImdsCredentials (com.microsoft.azure.util.AzureImdsCredentials)1
Requires (io.micronaut.context.annotation.Requires)1
Singleton (jakarta.inject.Singleton)1
CheckForNull (javax.annotation.CheckForNull)1
