Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

python example not working with latest package versions #1395

Open
zadigus opened this issue Jun 25, 2024 · 1 comment
Open

python example not working with latest package versions #1395

zadigus opened this issue Jun 25, 2024 · 1 comment
Labels
enhancement New feature or request

Comments

@zadigus
Copy link

zadigus commented Jun 25, 2024

Is your feature request related to a problem? Please describe.

I was looking to make this example working with the latest package versions for msal and azure-keyvault-secrets. Unfortunately, when I do so, I get the following error:

[...]
  File "/venv/lib/python3.12/site-packages/azure/core/tracing/decorator.py", line 94, in wrapper_use_tracer
    return func(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/keyvault/secrets/_client.py", line 64, in get_secret
    bundle = self._client.get_secret(
             ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/core/tracing/decorator.py", line 94, in wrapper_use_tracer
    return func(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/keyvault/secrets/_generated/_operations/_operations.py", line 751, in get_secret
    pipeline_response: PipelineResponse = self._client._pipeline.run(  # pylint: disable=protected-access
                                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/core/pipeline/_base.py", line 229, in run
    return first_node.send(pipeline_request)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/core/pipeline/_base.py", line 86, in send
    response = self.next.send(request)
               ^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/core/pipeline/_base.py", line 86, in send
    response = self.next.send(request)
               ^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/core/pipeline/_base.py", line 86, in send
    response = self.next.send(request)
               ^^^^^^^^^^^^^^^^^^^^^^^
  [Previous line repeated 2 more times]
  File "/venv/lib/python3.12/site-packages/azure/core/pipeline/policies/_redirect.py", line 197, in send
    response = self.next.send(request)
               ^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/core/pipeline/policies/_retry.py", line 532, in send
    response = self.next.send(request)
               ^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/core/pipeline/policies/_authentication.py", line 135, in send
    request_authorized = self.on_challenge(request, response)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/azure/keyvault/secrets/_shared/challenge_auth_policy.py", line 137, in on_challenge
    self.authorize_request(request, scope, tenant_id=challenge.tenant_id)
  File "/venv/lib/python3.12/site-packages/azure/core/pipeline/policies/_authentication.py", line 113, in authorize_request
    self._token = self._credential.get_token(*scopes, **kwargs)
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/mdl_client_auth/_vault/_custom_token_credential.py", line 34, in get_token
    token = self._app.acquire_token_for_client(scopes)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/msal/application.py", line 2050, in acquire_token_for_client
    return _clean_up(self._acquire_token_silent_with_error(
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/venv/lib/python3.12/site-packages/msal/application.py", line 1286, in _acquire_token_silent_with_error
    assert isinstance(scopes, list), "Invalid parameter type"
           ^^^^^^^^^^^^^^^^^^^^^^^^
AssertionError: Invalid parameter type

Describe the solution you'd like

I would like to know what changes I should make to your example so that it works with the latest versions of the azure-keyvault-secrets and msal libraries.

Describe alternatives you've considered

Keeping those versions pinned, but then I have conflicts with other packages I am using.

Additional context
@zadigus zadigus added the enhancement New feature or request label Jun 25, 2024
@zadigus
Copy link
Author

zadigus commented Jun 25, 2024

Ok so apparently it's enough to change your MyClientAssertionCredential.get_token method in file token_credential.py like this

def get_token(self, *scopes, **kwargs):
        # get the token using the application
        # this is the change!
        token = self.app.acquire_token_for_client(list(scopes))
        if 'error' in token:
            raise Exception(token['error_description'])
        expires_on = time.time() + token['expires_in']
        # return an access token with the token string and expiration time
        return AccessToken(token['access_token'], int(expires_on))

@zadigus zadigus mentioned this issue Jun 25, 2024
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zadigus