Revert "Support AZURE_AUTH_LOCATION (#9312)" (#9829)

This reverts commit 324fdf9. There is ongoing discussion about the best way to surface this support, either in Azure.Identity itself, as a standalone sample or some other way.
Azure · Feb 6, 2020 · 18b3b24 · 18b3b24
1 parent 6616b68
commit 18b3b24
Show file tree

Hide file tree

Showing 10 changed files with 11 additions and 294 deletions.
diff --git a/sdk/identity/Azure.Identity/CHANGELOG.md b/sdk/identity/Azure.Identity/CHANGELOG.md
@@ -4,8 +4,6 @@
 
 ### Fixes and improvements
 - Fix `UsernamePasswordCredential` constructor parameter mishandling
-- Add `AuthFileCredential` which allows using an auth file produced by the Azure CLI to authenticate
-- Add support for `AZURE_AUTH_LOCATION` to `EnvironmentCredential`, which uses the newly added `AuthFileCredential`
 
 ## 1.1.0
 

diff --git a/sdk/identity/Azure.Identity/api/Azure.Identity.netstandard2.0.cs b/sdk/identity/Azure.Identity/api/Azure.Identity.netstandard2.0.cs
@@ -5,13 +5,6 @@ public partial class AuthenticationFailedException : System.Exception
         public AuthenticationFailedException(string message) { }
         public AuthenticationFailedException(string message, System.Exception innerException) { }
     }
-    public partial class AuthFileCredential : Azure.Core.TokenCredential
-    {
-        public AuthFileCredential(string filePath) { }
-        public AuthFileCredential(string pathToFile, Azure.Identity.TokenCredentialOptions options) { }
-        public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken) { throw null; }
-        public override System.Threading.Tasks.ValueTask<Azure.Core.AccessToken> GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken) { throw null; }
-    }
     public partial class AuthorizationCodeCredential : Azure.Core.TokenCredential
     {
         protected AuthorizationCodeCredential() { }

diff --git a/sdk/identity/Azure.Identity/src/AuthFileCredential.cs b/sdk/identity/Azure.Identity/src/AuthFileCredential.cs
diff --git a/sdk/identity/Azure.Identity/src/CredentialPipeline.cs b/sdk/identity/Azure.Identity/src/CredentialPipeline.cs
@@ -23,13 +23,6 @@ private CredentialPipeline(TokenCredentialOptions options)
             Diagnostics = new ClientDiagnostics(options);
         }
 
-        private CredentialPipeline(Uri authorityHost, HttpPipeline httpPipeline, ClientDiagnostics diagnostics)
-        {
-            AuthorityHost = authorityHost ?? throw new ArgumentNullException(nameof(authorityHost));
-            HttpPipeline = httpPipeline ?? throw new ArgumentNullException(nameof(httpPipeline));
-            Diagnostics = diagnostics ?? throw new ArgumentNullException(nameof(diagnostics));
-        }
-
         public static CredentialPipeline GetInstance(TokenCredentialOptions options)
         {
             return (options is null) ? s_Singleton.Value : new CredentialPipeline(options);
@@ -62,15 +55,6 @@ public CredentialDiagnosticScope StartGetTokenScope(string fullyQualifiedMethod,
             return scope;
         }
 
-        /// <summary>
-        /// Creates a new CredentialPipeline from an existing pipeline while replacing the AuthorityHost with a new value.
-        /// </summary>
-        /// <returns></returns>
-        public CredentialPipeline WithAuthorityHost(Uri authorityHost)
-        {
-            return new CredentialPipeline(authorityHost, HttpPipeline, Diagnostics);
-        }
-
         private class CredentialResponseClassifier : ResponseClassifier
         {
             public override bool IsRetriableResponse(HttpMessage message)

diff --git a/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs b/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs
@@ -19,10 +19,10 @@ namespace Azure.Identity
     /// <item><term>AZURE_CLIENT_SECRET</term><description>A client secret that was generated for the App Registration.</description></item>
     /// <item><term>AZURE_USERNAME</term><description>The username, also known as upn, of an Azure Active Directory user account.</description></item>
     /// <item><term>AZURE_PASSWORD</term><description>The password of the Azure Active Directory user account. Note this does not support accounts with MFA enabled.</description></item>
-    /// <item><term>AZURE_AUTH_LOCATION</term><description>The path to an SDK Auth file which contains configuration information.</description></item>
     /// </list>
-    /// This credential ultimately uses a <see cref="ClientSecretCredential"/>, <see cref="UsernamePasswordCredential"/> or <see cref="AuthFileCredential"/>
-    /// perform the authentication using these details. Please consult the documentation of that class for more details.
+    /// This credential ultimately uses a <see cref="ClientSecretCredential"/> or <see cref="UsernamePasswordCredential"/> to
+    /// perform the authentication using these details. Please consult the
+    /// documentation of that class for more details.
     /// </summary>
     public class EnvironmentCredential : TokenCredential, IExtendedTokenCredential
     {
@@ -32,7 +32,7 @@ public class EnvironmentCredential : TokenCredential, IExtendedTokenCredential
 
         /// <summary>
         /// Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables.
-        /// If the expected environment variables are not found at this time, the GetToken method will throw <see cref="CredentialUnavailableException"/>.
+        /// If the expected environment variables are not found at this time, the GetToken method will return the default <see cref="AccessToken"/> when invoked.
         /// </summary>
         public EnvironmentCredential()
             : this(CredentialPipeline.GetInstance(null))
@@ -41,7 +41,7 @@ public EnvironmentCredential()
 
         /// <summary>
         /// Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables.
-        /// If the expected environment variables are not found at this time, the GetToken method will throw <see cref="CredentialUnavailableException"/>.
+        /// If the expected environment variables are not found at this time, the GetToken method will return the default <see cref="AccessToken"/> when invoked.
         /// </summary>
         /// <param name="options">Options that allow to configure the management of the requests sent to the Azure Active Directory service.</param>
         public EnvironmentCredential(TokenCredentialOptions options)
@@ -58,7 +58,6 @@ internal EnvironmentCredential(CredentialPipeline pipeline)
             string clientSecret = EnvironmentVariables.ClientSecret;
             string username = EnvironmentVariables.Username;
             string password = EnvironmentVariables.Password;
-            string sdkAuthLocation = EnvironmentVariables.SdkAuthLocation;
 
             if (tenantId != null && clientId != null)
             {
@@ -72,14 +71,9 @@ internal EnvironmentCredential(CredentialPipeline pipeline)
                 }
             }
 
-            if (_credential is null && sdkAuthLocation != null)
-            {
-                _credential = new AuthFileCredential(sdkAuthLocation);
-            }
-
             if (_credential is null)
             {
-                StringBuilder builder = new StringBuilder("Environment variables not fully configured. AZURE_TENANT_ID and AZURE_CLIENT_ID must be set, along with either AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD. Alternately, AZURE_AUTH_LOCATION ca be set.  Currently set variables [");
+                StringBuilder builder = new StringBuilder("Environment variables not fully configured. AZURE_TENANT_ID and AZURE_CLIENT_ID must be set, along with either AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD. Currently set variables [ ");
 
                 if (tenantId != null)
                 {
@@ -106,11 +100,6 @@ internal EnvironmentCredential(CredentialPipeline pipeline)
                     builder.Append(" AZURE_PASSWORD");
                 }
 
-                if (sdkAuthLocation != null)
-                {
-                    builder.Append(" AZURE_AUTH_LOCATION");
-                }
-
                 _unavailbleErrorMessage = builder.Append(" ]").ToString();
             }
         }
@@ -124,13 +113,11 @@ internal EnvironmentCredential(CredentialPipeline pipeline, TokenCredential cred
 
         /// <summary>
         /// Obtains a token from the Azure Active Directory service, using the specified client details specified in the environment variables
-        /// AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD to authenticate. Alternately,
-        /// if AZURE_AUTH_LOCATION is set, that information is used.
+        /// AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD to authenticate.
         /// This method is called by Azure SDK clients. It isn't intended for use in application code.
         /// </summary>
         /// <remarks>
-        /// If the environment variables AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET or AZURE_AUTH_LOCATION are not specified,
-        /// this method throws <see cref="CredentialUnavailableException"/>.
+        /// If the environment variables AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET are not specified, the default <see cref="AccessToken"/>
         /// </remarks>
         /// <param name="requestContext">The details of the authentication request.</param>
         /// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param>
@@ -142,13 +129,11 @@ public override AccessToken GetToken(TokenRequestContext requestContext, Cancell
 
         /// <summary>
         /// Obtains a token from the Azure Active Directory service, using the specified client details specified in the environment variables
-        /// AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD to authenticate. Alternately,
-        /// if AZURE_AUTH_LOCATION is set, that information is used.
+        /// AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD to authenticate.
         /// This method is called by Azure SDK clients. It isn't intended for use in application code.
         /// </summary>
         /// <remarks>
-        /// If the environment variables AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET or AZURE_AUTH_LOCATION are not specified,
-        /// this method throws <see cref="CredentialUnavailableException"/>.
+        /// If the environment variables AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET are not specifeid, the default <see cref="AccessToken"/>
         /// </remarks>
         /// <param name="requestContext">The details of the authentication request.</param>
         /// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param>

diff --git a/sdk/identity/Azure.Identity/src/EnvironmentVariables.cs b/sdk/identity/Azure.Identity/src/EnvironmentVariables.cs
@@ -12,7 +12,6 @@ internal class EnvironmentVariables
         public static string TenantId => Environment.GetEnvironmentVariable("AZURE_TENANT_ID");
         public static string ClientId => Environment.GetEnvironmentVariable("AZURE_CLIENT_ID");
         public static string ClientSecret => Environment.GetEnvironmentVariable("AZURE_CLIENT_SECRET");
-        public static string SdkAuthLocation => Environment.GetEnvironmentVariable("AZURE_AUTH_LOCATION");
 
         public static string MsiEndpoint => Environment.GetEnvironmentVariable("MSI_ENDPOINT");
         public static string MsiSecret => Environment.GetEnvironmentVariable("MSI_SECRET");