-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Azure.Identity.AuthenticationFailedException : AzurePowerShellCredential authentication failed: String '14-7-2021 06:36:10 +00:00' was not recognized as a valid DateTime #22638
Comments
Thank you for your feedback. Tagging and routing to the team members best able to assist. |
@christothes this update was merged to identity 1.4.1 is that correct? I seem to have some further reports of this when using: get-culture
LCID Name DisplayName
---- ---- -----------
8192 en-DK English (Denmark)
|
@brwilkinson No, It was merged in 1.5.0 beta 3 or beta 4. |
@dcanamares thank you. |
@brwilkinson I was testing 1.5.0 and now I've got an exception (only happens with 1.5.0 not with 1.4.0), I've just created a new issue #24688 |
Pretty sure that this fix is what broke culture invariant mode in .NET apps. Please address or revert as you broke a HUGE portion of .net apps that use docker as a result of this. |
@JohnGalt1717 - do you have any details on the issue you are referring to? Please provide a stack trace and any relevant details. If this is not the same issue and stack as described in the original description for this issue, please open a new issue and we'll take a look. |
@christothes Azure/azure-storage-net#1050 What I'm saying is that when you fixed this issue you broke essentially all docker containers. This needs to be reverted and you need to find a better way that doesn't require use of cultures to format this. |
I'd like to help, but I'm not following how all docker containers were broken by having the It would be helpful if you could provide specific information about the break that now occurs because of this fix including environment details and ideally repro steps. |
Because the default for all .net containers is invariant culture only, and if you don't do this, you increase the size of your containers by 30-40%. (aside from breaking it) And of course you then have to install the dependencies in your container which are intentionally left out by the .net containers for this very reason. All of azure storage (like just about everything else azure, depends on Azure Identity. So when you added this parsing based on culture, you broke everything that uses Azure Identity authentication to get a token. |
Hi @JohnGalt1717 - However, You'll find references to Culture in many places besides this specific fix https://grep.app/search?q=CultureInfo.CurrentCulture&filter[repo][0]=Azure/azure-sdk-for-net&filter[path][0]=sdk/ so reverting this won't be of much help if your environment requires strict invariant culture. |
@christothes well the #1 issue you guys have is that there are about a billion libraries all getting maintained for everything Azure and you don't even note in the nuget release what their status is. So there's that. But by using culture in your stuff you're making all Docker-based (and thus K8s) use massively more memory and storage for no reason. I'd strongly advise that you fix your libraries and eliminate the need for culture references. Specifically, in Azure.Identity, culture should be irrelevant as you should be returning UTC and ICT dates and times, not things that are culture specific. This use of culture in these is harming .NET's adoption specifically because you're making it bloat for no reason on Docker and K8s which is the defacto standard at this point for any serious, scaling system. |
Describe the bug
I'm running some integration tests on Azure Pipelines, it was working fine until 13 of July (code was released at the beginning of July). These tests connect to an azure subscription to get some values from an Azure KeyVault. I don't send any datetime and I didn't see any way to send a date or a specific format. The issue happens running the tests in the pipeline but it doesn't happen running the tests on a local machine.
I ran a Get-Culture command and the value is:
LCID Name DisplayName
1043 nl-NL Dutch (Netherlands)
Expected behavior
Connect to key vault and retrieve the secrets.
Actual behavior (include Exception or Stack Trace)
From day 1 to day 12 of a month pipeline can connect to Azure keyvault and gets the secrets stored, from day 13 to 31 of a month pipelines throws and exception because the format of the date is dd-MM-yyyy.
Error Message:
Azure.Identity.AuthenticationFailedException : AzurePowerShellCredential authentication failed: String '14-7-2021 06:36:10 +00:00' was not recognized as a valid DateTime.
---- System.FormatException : String '14-7-2021 06:36:10 +00:00' was not recognized as a valid DateTime.
Stack Trace:
at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex)
at Azure.Identity.AzurePowerShellCredential.GetTokenImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
at Azure.Identity.AzurePowerShellCredential.GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
at Azure.Identity.DefaultAzureCredential.GetTokenFromSourcesAsync(TokenCredential[] sources, TokenRequestContext requestContext, Boolean async, CancellationToken cancellationToken)
at Azure.Identity.DefaultAzureCredential.GetTokenImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex)
at Azure.Identity.DefaultAzureCredential.GetTokenImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
at Azure.Identity.DefaultAzureCredential.GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.AccessTokenCache.GetHeaderValueFromCredentialAsync(TokenRequestContext context, Boolean async, CancellationToken cancellationToken)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.AccessTokenCache.GetHeaderValueAsync(HttpMessage message, TokenRequestContext context, Boolean async)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.AccessTokenCache.GetHeaderValueAsync(HttpMessage message, TokenRequestContext context, Boolean async)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.AuthenticateAndAuthorizeRequestAsync(HttpMessage message, TokenRequestContext context)
at Azure.Security.KeyVault.ChallengeBasedAuthenticationPolicy.AuthorizeRequestOnChallengeAsyncInternal(HttpMessage message, Boolean async)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory
1 pipeline, Boolean async) at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory
1 pipeline, Boolean async)at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory
1 pipeline, Boolean async) at Azure.Core.Pipeline.HttpPipeline.SendRequestAsync(Request request, CancellationToken cancellationToken) at Azure.Security.KeyVault.KeyVaultPipeline.SendRequestAsync(Request request, CancellationToken cancellationToken) at Azure.Security.KeyVault.KeyVaultPipeline.GetPageAsync[T](Uri firstPageUri, String nextLink, Func
1 itemFactory, String operationName, CancellationToken cancellationToken)at Azure.Core.PageResponseEnumerator.FuncAsyncPageable
1.AsPages(String continuationToken, Nullable
1 pageSizeHint)at System.Threading.Tasks.Sources.ManualResetValueTaskSourceCore
1.GetResult(Int16 token) at Azure.AsyncPageable
1.GetAsyncEnumerator(CancellationToken cancellationToken)at Azure.AsyncPageable
1.GetAsyncEnumerator(CancellationToken cancellationToken) at System.Threading.Tasks.Sources.ManualResetValueTaskSourceCore
1.GetResult(Int16 token)at Azure.Extensions.AspNetCore.Configuration.Secrets.AzureKeyVaultConfigurationProvider.LoadAsync()
at Azure.Extensions.AspNetCore.Configuration.Secrets.AzureKeyVaultConfigurationProvider.LoadAsync()
at Azure.Extensions.AspNetCore.Configuration.Secrets.AzureKeyVaultConfigurationProvider.Load()
at Microsoft.Extensions.Configuration.ConfigurationRoot..ctor(IList`1 providers)
at Microsoft.Extensions.Configuration.ConfigurationBuilder.Build()
To Reproduce
Configuration :
To get a secret:
var secret= Configuration["secret_key"]
Environment:
The text was updated successfully, but these errors were encountered: