tupesanket1999 opened a new pull request, #19903:
URL: https://github.com/apache/camel/pull/19903
# Description
<!--
- Write a pull request description that is detailed enough to understand
what the pull request does, how, and why.
-->
This pull request adds support for Azure Identity authentication using
client credentials (Client ID, Client Secret, and Tenant ID) to the
camel-azure-storage-blob component.
What
The component currently supports Azure Identity authentication
(credentialType=AZURE_IDENTITY) but only through environment variables using
DefaultAzureCredential. This enhancement allows users to explicitly
provide Azure service principal credentials directly in the component
configuration, enabling
more flexible authentication scenarios without relying solely on
environment variables.
How
1. Added three new configuration properties to BlobConfiguration:
• azureClientId - Azure Client ID for authentication (marked as secret)
• azureClientSecret - Azure Client Secret for authentication (marked as
secret)
• azureTenantId - Azure Tenant ID for authentication
2. Enhanced `BlobClientFactory` to support client secret credentials:
• Added hasClientSecretCredentials() method to detect when all three
credentials are provided
• Added getClientSecretCredential() method to build
ClientSecretCredential using the provided credentials
• Modified client creation logic to use ClientSecretCredential when
credentials are provided, otherwise falls back to DefaultAzureCredential
(maintaining
backward compatibility)
3. Added validation logic in BlobComponent:
• Validates that if any client credential parameter is provided, all
three must be provided together
• Provides clear error messages when validation fails
4. Updated generated files:
• Component and endpoint configurers now support the new properties
• JSON metadata updated to include the new configuration options
• azureClientId and azureClientSecret properly marked as secret
properties in URI factory
Why
This enhancement provides users with more flexibility in how they
authenticate with Azure Storage Blob:
• Explicit configuration: Users can now provide credentials directly in
the component URI or configuration, making it easier to manage credentials in
different
environments
• CI/CD friendly: Enables easier credential management in CI/CD pipelines
where environment variables may not always be the preferred approach
• Backward compatible: Existing code using environment variables continues
to work without any changes
• Consistent with Azure SDK patterns: Aligns with Azure SDK's
ClientSecretCredential pattern for service principal authentication
# Target
- [x] I checked that the commit is targeting the correct branch (Camel 4
uses the `main` branch)
# Tracking
- [x] If this is a large change, bug fix, or code improvement, I checked
there is a [JIRA issue](https://issues.apache.org/jira/browse/CAMEL) filed for
the change (usually before you start working on it).
<!--
# *Note*: trivial changes like, typos, minor documentation fixes and other
small items do not require a JIRA issue. In this case your pull request should
address just this issue, without pulling in other changes.
-->
# Apache Camel coding standards and style
- [x] I checked that each commit in the pull request has a meaningful
subject line and body.
<!--
If you're unsure, you can format the pull request title like `[CAMEL-XXX]
Fixes bug in camel-file component`, where you replace `CAMEL-XXX` with the
appropriate JIRA issue.
-->
- [x] I have run `mvn clean install -DskipTests` locally from root folder
and I have committed all auto-generated changes.
<!--
You can run the aforementioned command in your module so that the build
auto-formats your code. This will also be verified as part of the checks and
your PR may be rejected if if there are uncommited changes after running `mvn
clean install -DskipTests`.
You can learn more about the contribution guidelines at
https://github.com/apache/camel/blob/main/CONTRIBUTING.md
-->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
