[
https://issues.apache.org/jira/browse/HADOOP-18542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17868299#comment-17868299
]
ASF GitHub Bot commented on HADOOP-18542:
-----------------------------------------
CLevasseur commented on code in PR #4262:
URL: https://github.com/apache/hadoop/pull/4262#discussion_r1689341481
##########
hadoop-tools/hadoop-azure/src/test/java/org/apache/hadoop/fs/azurebfs/TestAccountConfiguration.java:
##########
@@ -444,6 +439,30 @@ private static void testMissingConfigKey(final
AbfsConfiguration abfsConf,
() -> abfsConf.getTokenProvider().getClass().getTypeName())));
}
+ @Test
+ public void testClientAndTenantIdOptionalWhenUsingMsiTokenProvider() throws
Throwable {
+ final String accountName = "account";
+ final Configuration conf = new Configuration();
+ final AbfsConfiguration abfsConf = new AbfsConfiguration(conf,
accountName);
+
+ final String accountNameSuffix = "." + abfsConf.getAccountName();
+ String authKey = FS_AZURE_ACCOUNT_AUTH_TYPE_PROPERTY_NAME +
accountNameSuffix;
+ String providerClassKey = "";
+ String providerClassValue = "";
+
+ providerClassKey = FS_AZURE_ACCOUNT_TOKEN_PROVIDER_TYPE_PROPERTY_NAME +
accountNameSuffix;
+ providerClassValue = TEST_OAUTH_MSI_TOKEN_PROVIDER_CLASS_CONFIG;
+
+ abfsConf.set(authKey, AuthType.OAuth.toString());
+ abfsConf.set(providerClassKey, providerClassValue);
+
+ AccessTokenProvider tokenProviderTypeName = abfsConf.getTokenProvider();
+ // Test that we managed to instantiate an MsiTokenProvider without
having to define the tenant and client ID.
+ // Those 2 fields are optional as they can automatically be determined
by the Azure Metadata service when
+ // running on an Azure VM.
+
Assertions.assertThat(tokenProviderTypeName).isInstanceOf(MsiTokenProvider.class);
Review Comment:
done
> Azure Token provider requires tenant and client IDs despite being optional
> --------------------------------------------------------------------------
>
> Key: HADOOP-18542
> URL: https://issues.apache.org/jira/browse/HADOOP-18542
> Project: Hadoop Common
> Issue Type: Bug
> Components: fs/azure, hadoop-thirdparty
> Affects Versions: 3.3.2, 3.3.3, 3.3.4
> Reporter: Carl
> Priority: Major
> Labels: pull-request-available
>
> The `AbfsConfiguration` class requires that we provide a tenant and client ID
> when using the `MsiTokenProvider` class to fetch an authentication token. The
> bug is that those fields are not required by the Azure API, which can infer
> those fields when the call is made from an Azure instance.
> The fix is to make tenant and client ID optional when getting an Azure token
> from the Azure Metadata Service.
> A fix has been submitted here: [https://github.com/apache/hadoop/pull/4262]
> The bug was introduced with HADOOP-17725
> ([https://github.com/apache/hadoop/pull/3041/files])
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
