kou commented on code in PR #40325:
URL: https://github.com/apache/arrow/pull/40325#discussion_r1515330819
##########
cpp/src/arrow/filesystem/azurefs.cc:
##########
@@ -65,6 +65,133 @@ AzureOptions::AzureOptions() = default;
AzureOptions::~AzureOptions() = default;
+Result<AzureOptions> AzureOptions::FromUri(const arrow::internal::Uri& uri,
+ std::string* out_path) {
+ AzureOptions options;
+ const auto host = uri.host();
+ std::string container;
+ std::string path;
+ if (arrow::internal::EndsWith(host, options.blob_storage_authority)) {
+ options.account_name =
+ host.substr(0, host.size() - options.blob_storage_authority.size());
+ auto components = internal::SplitAbstractPath(uri.path());
+ if (!components.empty()) {
+ container = components[0];
+ path = internal::JoinAbstractPath(components.begin() + 1,
components.end());
+ }
+ } else if (arrow::internal::EndsWith(host, options.dfs_storage_authority)) {
+ options.account_name =
+ host.substr(0, host.size() - options.dfs_storage_authority.size());
+ container = uri.username();
+ path = uri.path();
+ } else {
+ options.account_name = uri.username();
+ std::string host_port = host;
+ const auto port_text = uri.port_text();
+ if (!port_text.empty()) {
+ host_port += ":" + port_text;
+ }
+ options.blob_storage_authority = host_port;
+ options.dfs_storage_authority = host_port;
+ if (uri.scheme() == "abfs") {
+ options.blob_storage_scheme = "http";
+ options.dfs_storage_scheme = "http";
+ }
+ auto components = internal::SplitAbstractPath(uri.path());
+ if (!components.empty()) {
+ container = components[0];
+ path = internal::JoinAbstractPath(components.begin() + 1,
components.end());
+ }
+ }
+ const auto account_key = uri.password();
+
+ if (container.empty()) {
+ return Status::Invalid("Missing container name in Azure Blob File System
URI");
+ }
+ if (out_path != nullptr) {
+ *out_path = std::string(internal::ConcatAbstractPath(container, path));
+ }
+
+ std::unordered_map<std::string, std::string> options_map;
+ ARROW_ASSIGN_OR_RAISE(const auto options_items, uri.query_items());
+ for (const auto& kv : options_items) {
+ options_map.emplace(kv.first, kv.second);
+ }
+
+ CredentialKind credential_kind = options.account_name.empty()
+ ? CredentialKind::kAnonymous
+ : CredentialKind::kDefault;
+ std::string tenant_id;
+ std::string client_id;
+ std::string client_secret;
+ for (const auto& kv : options_map) {
+ if (kv.first == "blob_storage_authority") {
+ options.blob_storage_authority = kv.second;
+ } else if (kv.first == "dfs_storage_authority") {
+ options.dfs_storage_authority = kv.second;
+ } else if (kv.first == "blob_storage_scheme") {
+ options.blob_storage_scheme = kv.second;
+ } else if (kv.first == "dfs_storage_scheme") {
+ options.dfs_storage_scheme = kv.second;
+ } else if (kv.first == "credential_kind") {
Review Comment:
`?anonymous` and `?use_workaround_identity` are conflicted parameters. (We
can't specify both of them at once.) I think that it's better that we use the
same parameter name for the type (`XXX={anonymous,workload_identity}`). If we
use it, users can't specify both of them at once. (I know that URI spec accepts
`XXX=anonymous&XXX=workload_identity`.)
How about accepting only (`default`, ) `anonymous` and
`use_workload_identity` as valid `credential_kind` parameter?
- nothing (use default auth chain) -> nothing or `?credential_kind=default`
- `?anonymous` -> `?credential_kind=anonymous`
- `?use_workload_identity` -> `?credential_kind=workload_identity`
- `?account_key=<ACCOUNT_KEY>` -> not changed
(`?credential_kind=storage_shared_key` is invalid)
-
`?tenant_id=<TENANT_ID>&client_id=<CLIENT_ID>&client_secret=<CLIENT_SECRET>` ->
not changed (`?credential_kind=client_secret` is invalid)
- `?client_id=<CLIENT_ID>` (client_id alone means managed identity
credential) -> not changed (`?credential_kind=managed_identity` is invalid)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
