beam-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pabl...@apache.org
Subject [beam] branch master updated: Revert "Merge pull request #12647 from [BEAM-10378] Deserializing Azure Credentials"
Date Tue, 26 Jan 2021 02:12:28 GMT
This is an automated email from the ASF dual-hosted git repository.

pabloem pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/beam.git


The following commit(s) were added to refs/heads/master by this push:
     new efc35c5  Revert "Merge pull request #12647 from [BEAM-10378] Deserializing Azure
Credentials"
     new 15e2ad8  Merge pull request #13807 from pabloem/fix-azure
efc35c5 is described below

commit efc35c589f3788e59d0445827266245810a218d6
Author: Pablo Estrada <pabloem@apache.org>
AuthorDate: Mon Jan 25 17:21:58 2021 -0800

    Revert "Merge pull request #12647 from [BEAM-10378] Deserializing Azure Credentials"
    
    This reverts commit e1b42bfb432d14682fe9e3d61d3f30a3e050a65b.
---
 .../DefaultBlobstoreClientBuilderFactory.java      |   8 +-
 .../beam/sdk/io/azure/options/AzureModule.java     | 165 ---------------------
 .../sdk/io/azure/options/BlobstoreOptions.java     |  24 +--
 3 files changed, 18 insertions(+), 179 deletions(-)

diff --git a/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/blobstore/DefaultBlobstoreClientBuilderFactory.java
b/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/blobstore/DefaultBlobstoreClientBuilderFactory.java
index b68fcc2..707e73b 100644
--- a/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/blobstore/DefaultBlobstoreClientBuilderFactory.java
+++ b/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/blobstore/DefaultBlobstoreClientBuilderFactory.java
@@ -37,8 +37,12 @@ public class DefaultBlobstoreClientBuilderFactory implements BlobstoreClientBuil
       builder = builder.connectionString(blobstoreOptions.getAzureConnectionString());
     }
 
-    if (blobstoreOptions.getAzureCredentialsProvider() != null) {
-      builder = builder.credential(blobstoreOptions.getAzureCredentialsProvider());
+    if (blobstoreOptions.getSharedKeyCredential() != null) {
+      builder = builder.credential(blobstoreOptions.getSharedKeyCredential());
+    }
+
+    if (blobstoreOptions.getTokenCredential() != null) {
+      builder = builder.credential(blobstoreOptions.getTokenCredential());
     }
 
     if (!Strings.isNullOrEmpty(blobstoreOptions.getSasToken())) {
diff --git a/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/options/AzureModule.java
b/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/options/AzureModule.java
deleted file mode 100644
index 9dccf5c..0000000
--- a/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/options/AzureModule.java
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.beam.sdk.io.azure.options;
-
-import com.azure.core.credential.TokenCredential;
-import com.azure.identity.ClientCertificateCredential;
-import com.azure.identity.ClientCertificateCredentialBuilder;
-import com.azure.identity.ClientSecretCredential;
-import com.azure.identity.ClientSecretCredentialBuilder;
-import com.azure.identity.DefaultAzureCredential;
-import com.azure.identity.DefaultAzureCredentialBuilder;
-import com.azure.identity.EnvironmentCredential;
-import com.azure.identity.EnvironmentCredentialBuilder;
-import com.azure.identity.ManagedIdentityCredential;
-import com.azure.identity.ManagedIdentityCredentialBuilder;
-import com.azure.identity.UsernamePasswordCredential;
-import com.azure.identity.UsernamePasswordCredentialBuilder;
-import com.fasterxml.jackson.annotation.JsonTypeInfo;
-import com.fasterxml.jackson.core.JsonGenerator;
-import com.fasterxml.jackson.core.JsonParser;
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.DeserializationContext;
-import com.fasterxml.jackson.databind.JsonDeserializer;
-import com.fasterxml.jackson.databind.JsonSerializer;
-import com.fasterxml.jackson.databind.Module;
-import com.fasterxml.jackson.databind.SerializerProvider;
-import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
-import com.fasterxml.jackson.databind.annotation.JsonSerialize;
-import com.fasterxml.jackson.databind.jsontype.TypeDeserializer;
-import com.fasterxml.jackson.databind.jsontype.TypeSerializer;
-import com.fasterxml.jackson.databind.module.SimpleModule;
-import com.google.auto.service.AutoService;
-import java.io.IOException;
-import java.util.Map;
-import org.apache.beam.vendor.guava.v26_0_jre.com.google.common.collect.ImmutableSet;
-
-/**
- * A Jackson {@link Module} that registers a {@link JsonSerializer} and {@link JsonDeserializer}
for
- * Azure credential providers. The serialized form is a JSON map.
- */
-@AutoService(Module.class)
-public class AzureModule extends SimpleModule {
-
-  private static final String AZURE_CLIENT_ID = "azureClientId";
-  private static final String AZURE_TENANT_ID = "azureTenantId";
-  private static final String AZURE_CLIENT_SECRET = "azureClientSecret";
-  private static final String AZURE_CLIENT_CERTIFICATE_PATH = "azureClientCertificatePath";
-  private static final String AZURE_USERNAME = "azureUsername";
-  private static final String AZURE_PASSWORD = "azurePassword";
-  private static final String AZURE_PFX_CERTIFICATE_PATH = "azurePfxCertificatePath";
-  private static final String AZURE_PFX_CERTIFICATE_PASSWORD = "azurePfxCertificatePassword";
-
-  public AzureModule() {
-    super("AzureModule");
-    setMixInAnnotation(TokenCredential.class, TokenCredentialMixin.class);
-  }
-
-  /** A mixin to add Jackson annotations to {@link TokenCredential}. */
-  @JsonDeserialize(using = TokenCredentialDeserializer.class)
-  @JsonSerialize(using = TokenCredentialSerializer.class)
-  @JsonTypeInfo(use = JsonTypeInfo.Id.NAME, include = JsonTypeInfo.As.PROPERTY)
-  private static class TokenCredentialMixin {}
-
-  private static class TokenCredentialDeserializer extends JsonDeserializer<TokenCredential>
{
-
-    @Override
-    public TokenCredential deserialize(JsonParser jsonParser, DeserializationContext context)
-        throws IOException {
-      return context.readValue(jsonParser, TokenCredential.class);
-    }
-
-    @Override
-    public TokenCredential deserializeWithType(
-        JsonParser jsonParser, DeserializationContext context, TypeDeserializer typeDeserializer)
-        throws IOException {
-      Map<String, String> asMap =
-          jsonParser.readValueAs(new TypeReference<Map<String, String>>() {});
-
-      String typeNameKey = typeDeserializer.getPropertyName();
-      String typeName = asMap.get(typeNameKey);
-      if (typeName == null) {
-        throw new IOException(
-            String.format("Azure credentials provider type name key '%s' not found", typeNameKey));
-      }
-
-      if (typeName.equals(DefaultAzureCredential.class.getSimpleName())) {
-        return new DefaultAzureCredentialBuilder().build();
-      } else if (typeName.equals(ClientSecretCredential.class.getSimpleName())) {
-        return new ClientSecretCredentialBuilder()
-            .clientId(asMap.get(AZURE_CLIENT_ID))
-            .clientSecret(asMap.get(AZURE_CLIENT_SECRET))
-            .tenantId(asMap.get(AZURE_TENANT_ID))
-            .build();
-      } else if (typeName.equals(ManagedIdentityCredential.class.getSimpleName())) {
-        return new ManagedIdentityCredentialBuilder().clientId(asMap.get(AZURE_CLIENT_ID)).build();
-      } else if (typeName.equals(EnvironmentCredential.class.getSimpleName())) {
-        return new EnvironmentCredentialBuilder().build();
-      } else if (typeName.equals(ClientCertificateCredential.class.getSimpleName())) {
-        if (asMap.containsKey(AZURE_CLIENT_CERTIFICATE_PATH)) {
-          return new ClientCertificateCredentialBuilder()
-              .clientId(asMap.get(AZURE_CLIENT_ID))
-              .pemCertificate(asMap.get(AZURE_CLIENT_CERTIFICATE_PATH))
-              .tenantId(asMap.get(AZURE_TENANT_ID))
-              .build();
-        } else {
-          return new ClientCertificateCredentialBuilder()
-              .clientId(asMap.get(AZURE_CLIENT_ID))
-              .pfxCertificate(
-                  asMap.get(AZURE_PFX_CERTIFICATE_PATH), asMap.get(AZURE_PFX_CERTIFICATE_PASSWORD))
-              .tenantId(asMap.get(AZURE_TENANT_ID))
-              .build();
-        }
-      } else if (typeName.equals(UsernamePasswordCredential.class.getSimpleName())) {
-        return new UsernamePasswordCredentialBuilder()
-            .clientId(asMap.get(AZURE_CLIENT_ID))
-            .username(asMap.get(AZURE_USERNAME))
-            .password(asMap.get(AZURE_PASSWORD))
-            .build();
-      } else {
-        throw new IOException(
-            String.format("Azure credential provider type '%s' is not supported", typeName));
-      }
-    }
-  }
-
-  // TODO: Write this class
-  private static class TokenCredentialSerializer extends JsonSerializer<TokenCredential>
{
-    // These providers are singletons, so don't require any serialization, other than type.
-    // add any singleton credentials...
-    private static final ImmutableSet<Object> SINGLETON_CREDENTIAL_PROVIDERS = ImmutableSet.of();
-
-    @Override
-    public void serialize(
-        TokenCredential tokenCredential,
-        JsonGenerator jsonGenerator,
-        SerializerProvider serializers)
-        throws IOException {
-      serializers.defaultSerializeValue(tokenCredential, jsonGenerator);
-    }
-
-    @Override
-    public void serializeWithType(
-        TokenCredential tokenCredential,
-        JsonGenerator jsonGenerator,
-        SerializerProvider serializers,
-        TypeSerializer typeSerializer) {
-      throw new UnsupportedOperationException();
-    }
-  }
-}
diff --git a/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/options/BlobstoreOptions.java
b/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/options/BlobstoreOptions.java
index 0e704ab..108cb0c 100644
--- a/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/options/BlobstoreOptions.java
+++ b/sdks/java/io/azure/src/main/java/org/apache/beam/sdk/io/azure/options/BlobstoreOptions.java
@@ -23,6 +23,7 @@ import com.azure.core.http.HttpPipeline;
 import com.azure.core.http.policy.HttpPipelinePolicy;
 import com.azure.identity.DefaultAzureCredentialBuilder;
 import com.azure.storage.blob.models.CustomerProvidedKey;
+import com.azure.storage.common.StorageSharedKeyCredential;
 import org.apache.beam.sdk.annotations.Experimental;
 import org.apache.beam.sdk.annotations.Experimental.Kind;
 import org.apache.beam.sdk.io.azure.blobstore.DefaultBlobstoreClientBuilderFactory;
@@ -58,6 +59,16 @@ public interface BlobstoreOptions extends PipelineOptions {
 
   void setAzureConnectionString(String connectionString);
 
+  @Description("Sets a StorageSharedKeyCredential used to authorize requests sent to the
service.")
+  StorageSharedKeyCredential getSharedKeyCredential();
+
+  void setSharedKeyCredential(StorageSharedKeyCredential sharedKeyCredential);
+
+  @Description("Sets a TokenCredential used to authorize requests sent to the service.")
+  TokenCredential getTokenCredential();
+
+  void setTokenCredential(TokenCredential tokenCredential);
+
   @Description("Sets the SAS token used to authorize requests sent to the service.")
   String getSasToken();
 
@@ -99,25 +110,14 @@ public interface BlobstoreOptions extends PipelineOptions {
 
   void setHttpPipeline(HttpPipeline httpPipeline);
 
-  /* Refer to {@link DefaultAWSCredentialsProviderChain} Javadoc for usage help. */
-
   /**
    * The credential instance that should be used to authenticate against Azure services.
The option
    * value must contain a "@type" field and an Azure credentials provider class as the field
value.
-   *
-   * <p>For example, to specify the Azure client id, tenant id, and client secret,
specify the
-   * following: <code>
-   *     {"@type" : "ClientSecretCredential", "azureClientId": "client_id_value",
-   *     "azureTenantId": "tenant_id_value", "azureClientSecret": "client_secret_value"}
-   * </code>
    */
   @Description(
       "The credential instance that should be used to authenticate "
           + "against Azure services. The option value must contain \"@type\" field "
-          + "and an Azure credentials provider class name as the field value. "
-          + " For example, to specify the Azure client id, tenant id, and client secret,
specify the following: "
-          + "{\"@type\" : \"ClientSecretCredential\", \"azureClientId\": \"client_id_value\",
"
-          + "\"azureTenantId\": \"tenant_id_value\", \"azureClientSecret\": \"client_secret_value\"}")
+          + "and an Azure credentials provider class name as the field value.")
   @Default.InstanceFactory(AzureUserCredentialsFactory.class)
   TokenCredential getAzureCredentialsProvider();
 


Mime
View raw message