[POC] AAD: Configuring ServerTelemetryChannel and QuickPulseServiceClient#2220
Closed
TimothyMothra wants to merge 116 commits intodevelopfrom
Closed
[POC] AAD: Configuring ServerTelemetryChannel and QuickPulseServiceClient#2220TimothyMothra wants to merge 116 commits intodevelopfrom
TimothyMothra wants to merge 116 commits intodevelopfrom
Conversation
added 30 commits
March 11, 2021 15:32
change reflection to use a compiled expression.
…annels and QuickPulseModule. Need to write tests.
cijothomas
reviewed
May 28, 2021
|
|
||
| if (aadToken == null) | ||
| { | ||
| // TODO: DO NOT SEND. RETURN FAILURE AND LET CHANNEL DECIDE WHEN TO RETRY. |
Contributor
There was a problem hiding this comment.
this will be considered a client side failure, and data would not be retried by default.
Its probably a complex part to decide if we want to store items for later retry, if the AAD is down..
cijothomas
reviewed
May 28, 2021
| } | ||
|
|
||
| // The AAD token is an optional feature. Only include if it is provided. | ||
| if (!string.IsNullOrEmpty(aadToken)) |
Contributor
There was a problem hiding this comment.
is this intentionally optional for QP? elsewhere, in the regular channel, its like mandatory, if user has set tc.settokencred.
Author
There was a problem hiding this comment.
oh good catch. i need to rethink this
added 2 commits
May 28, 2021 13:40
4 tasks
added 13 commits
May 28, 2021 14:01
This was referenced May 29, 2021
Merged
pharring
reviewed
May 31, 2021
|
|
||
| /// <summary> | ||
| /// Gets or sets the <see cref="CredentialEnvelope"/> which is used for AAD. | ||
| /// FOR INTERNAL USE. Customers should use <see cref="TelemetryConfiguration.SetAzureTokenCredential"/> instead. |
Member
There was a problem hiding this comment.
We don't really need this comment anymore since ISupportCredentialEnvelope is, itself, internal.
pharring
reviewed
May 31, 2021
| } | ||
|
|
||
| /// <summary> | ||
| /// Gets or sets the <see cref="CredentialEnvelope"/> which is used for AAD. |
Member
There was a problem hiding this comment.
Instead of "AAD", suggest "authorization" or "auth-token acquisition".
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Consuming CredentialEnvelope within TelemetryChannels and QuickPulseServiceClient
For more information see the parent item: #2190.
Introduction
This PR demonstrates an approach to handling the configuration of the CredentialEnvelope.
TODO: Need to write unit tests to validate possible configuration scenarios.
TelemetryConfiguration
TelemetryConfigurationhas a methodSetAzureTokenCredentialfor a user to provide the TokenCredential.This method could be called either before or after the user has set the
TelemetryChannel.To deal with this, both setting a credential and setting a TelemetryChannel will invoke
TelemetryConfiguration.SetTelemetryChannelCredentialEnvelope.ISupportCredentialEnvelope
To simplify passing the CredentialEnvelope to the TelemetryChannels, I've introduced a new interface
ISupportCredentialEnvelope.This ensures that the
TelemetryConfigurationcan set eitherInMemoryChannelorServerTelemetryChannel.TelemetryChannels
Each TelemetryChannel must provide the CredentialEnvelope on their respective internal classes.
TelemetryItems ultimately end up stored in a
Transmissionobject. This object can be serialized for file storage. I've confirmed that the Credential object will not be serialized.Tokens themselves will expire and therefore are not set on the Transmission object until just before invoking
Transmission.SendAsync. If aTransmissionneeds to be retried, it will receive a new token.InMemoryChannel
InMemoryChannel.CredentialEnvelopesetsInMemoryTransmitter.CredentialEnvelopewhich is used to setTransmission.CredentialEnvelopejust before callingTransmission.SendAsync.ServerTelemetryChannel
ServerTelemetryChannel.CredentialEnvelopesetsTransmitter.CredentialEnvelopeand then setsTransmissionSender.CredentialEnvelopewhich is used to setTransmission.CredentialEnvelopejust before callingTransmission.SendAsync.