Acasă Explorează Ajutor
Autentificare
akillibulut
/
cloudbridge
oglindă de https://github.com/CloudVE/cloudbridge
2
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Răsfoiți Sursa

Token-based access for Azure resources (#136)

* Token-based access for Azure blob storage.

* Parse the optional azure access token from config.

* Add argument name for the default usage of BlockBlobService.

* Add missing azure access token configuration.
Vahid 7 ani în urmă
părinte
f53da3fbca
comite
460e8eebcf
2 a modificat fișierele cu 15 adăugiri și 4 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 11 3
      cloudbridge/cloud/providers/azure/azure_client.py
  2. 4 1
      cloudbridge/cloud/providers/azure/provider.py

+ 11 - 3
cloudbridge/cloud/providers/azure/azure_client.py
Vizualizați fișierul 

@@ -12,6 +12,7 @@ from azure.mgmt.resource.subscriptions import SubscriptionClient
 
 from azure.mgmt.storage import StorageManagementClient
 
 from azure.storage.blob import BlobPermissions
 
 from azure.storage.blob import BlockBlobService
 
+from azure.storage.common import TokenCredential
 
 
 from cloudbridge.cloud.interfaces.exceptions import WaitStateException
 
 
@@ -157,6 +158,7 @@ class AzureClient(object):
 
             tenant=config.get('azure_tenant')
 
         )
 
 
+        self._access_token = config.get('azure_access_token')
 
         self._resource_client = None
 
         self._storage_client = None
 
         self._network_management_client = None
 
@@ -246,9 +248,15 @@ class AzureClient(object):
 
     @property
 
     def blob_service(self):
 
         if not self._block_blob_service:
 
-            self._block_blob_service = BlockBlobService(
 
-                self.storage_account,
 
-                self.access_key_result.keys[0].value)
 
+            if self._access_token:
 
+                token_credential = TokenCredential(self._access_token)
 
+                self._block_blob_service = BlockBlobService(
 
+                    account_name=self.storage_account,
 
+                    token_credential=token_credential)
 
+            else:
 
+                self._block_blob_service = BlockBlobService(
 
+                    account_name=self.storage_account,
 
+                    account_key=self.access_key_result.keys[0].value)
 
         return self._block_blob_service
 
 
     @property

+ 4 - 1
cloudbridge/cloud/providers/azure/provider.py
Vizualizați fișierul 

@@ -32,6 +32,8 @@ class AzureCloudProvider(BaseCloudProvider):
 
             'azure_tenant', os.environ.get('AZURE_TENANT', None))
 
 
         # optional config values
 
+        self.access_token = self._get_config_value(
 
+            'azure_access_token', os.environ.get('AZURE_ACCESS_TOKEN', None))
 
         self.region_name = self._get_config_value(
 
             'azure_region_name', os.environ.get('AZURE_REGION_NAME',
 
                                                 'eastus'))
 
@@ -98,7 +100,8 @@ class AzureCloudProvider(BaseCloudProvider):
 
                 'azure_resource_group': self.resource_group,
 
                 'azure_storage_account': self.storage_account,
 
                 'azure_public_key_storage_table_name':
 
-                    self.public_key_storage_table_name
 
+                    self.public_key_storage_table_name,
 
+                'azure_access_token': self.access_token
 
             }
 
 
             self._azure_client = AzureClient(provider_config)