pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

azure integration. methods to authenticate and set/get value in keyvault

Browse Source
This commit is contained in:
Philip Kalinsky 2020-01-20 14:17:01 -05:00 committed by tomdds
parent 67842748b8
commit becc3630c2
3 changed files with 152 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Pipfile
View File

@ -35,6 +35,7 @@ azure-mgmt-resource = "*"
transitions = "*" transitions = "*"
azure-mgmt-consumption = "*" azure-mgmt-consumption = "*"
adal = "*" adal = "*"
azure-identity = "*"
[dev-packages] [dev-packages]
bandit = "*" bandit = "*"

73
Pipfile.lock generated
View File

@ -1,7 +1,7 @@
{ {
"_meta": { "_meta": {
"hash": { "hash": {
"sha256": "a127b88e6c64842786f1868cb93bb1cdc828aa78040ea8ba4079bb3de0316dab" "sha256": "3760f0b1df1156211d671afa2eb417b7bf980aa33d2f74d390e8eed6a3ce8c8b"
}, },
"pipfile-spec": 6, "pipfile-spec": 6,
"requires": { "requires": {
@ -45,6 +45,13 @@
], ],
"version": "==1.1.24" "version": "==1.1.24"
}, },
"azure-core": {
"hashes": [
"sha256:b8ccbd901d085048e4e3e72627b066923c5bd3780e4c43cf9cf9948aee9bdf9e",
"sha256:e2cd99f0c0aef12c168d498cb5bc47a3a45c8ab08112183e3ec97e4dcb33ceb9"
],
"version": "==1.2.1"
},
"azure-graphrbac": { "azure-graphrbac": {
"hashes": [ "hashes": [
"sha256:53e98ae2ca7c19b349e9e9bb1b6a824aeae8dcfcbe17190d20fe69c0f185b2e2", "sha256:53e98ae2ca7c19b349e9e9bb1b6a824aeae8dcfcbe17190d20fe69c0f185b2e2",
@ -53,6 +60,14 @@
"index": "pypi", "index": "pypi",
"version": "==0.61.1" "version": "==0.61.1"
}, },
"azure-identity": {
"hashes": [
"sha256:4ce65058461c277991763ed3f121efc6b9eb9c2edefb62c414dfa85c814690d3",
"sha256:b32acd1cdb6202bfe10d9a0858dc463d8960295da70ae18097eb3b85ab12cb91"
],
"index": "pypi",
"version": "==1.2.0"
},
"azure-mgmt-authorization": { "azure-mgmt-authorization": {
"hashes": [ "hashes": [
"sha256:31e875a34ac2c5d6fefe77b4a8079a8b2bdbe9edb957e47e8b44222fb212d6a7", "sha256:31e875a34ac2c5d6fefe77b4a8079a8b2bdbe9edb957e47e8b44222fb212d6a7",
@ -354,6 +369,20 @@
], ],
"version": "==8.1.0" "version": "==8.1.0"
}, },
"msal": {
"hashes": [
"sha256:c944b833bf686dfbc973e9affdef94b77e616cb52ab397e76cde82e26b8a3373",
"sha256:ecbe3f5ac77facad16abf08eb9d8562af3bc7184be5d4d90c9ef4db5bde26340"
],
"version": "==1.0.0"
},
"msal-extensions": {
"hashes": [
"sha256:59e171a9a4baacdbf001c66915efeaef372fb424421f1a4397115a3ddd6205dc",
"sha256:c5a32b8e1dce1c67733dcdf8aa8bebcff5ab123e779ef7bc14e416bd0da90037"
],
"version": "==0.1.3"
},
"msrest": { "msrest": {
"hashes": [ "hashes": [
"sha256:56b8b5b4556fb2a92cac640df267d560889bdc9e2921187772d4691d97bc4e8d", "sha256:56b8b5b4556fb2a92cac640df267d560889bdc9e2921187772d4691d97bc4e8d",
@ -388,6 +417,13 @@
"index": "pypi", "index": "pypi",
"version": "==2.0.5" "version": "==2.0.5"
}, },
"portalocker": {
"hashes": [
"sha256:6f57aabb25ba176462dc7c63b86c42ad6a9b5bd3d679a9d776d0536bfb803d54",
"sha256:dac62e53e5670cb40d2ee4cdc785e6b829665932c3ee75307ad677cf5f7d2e9f"
],
"version": "==1.5.2"
},
"psycopg2-binary": { "psycopg2-binary": {
"hashes": [ "hashes": [
"sha256:040234f8a4a8dfd692662a8308d78f63f31a97e1c42d2480e5e6810c48966a29", "sha256:040234f8a4a8dfd692662a8308d78f63f31a97e1c42d2480e5e6810c48966a29",
@ -453,6 +489,9 @@
"version": "==1.3" "version": "==1.3"
}, },
"pyjwt": { "pyjwt": {
"extras": [
"crypto"
],
"hashes": [ "hashes": [
"sha256:5c6eca3c2940464d106b99ba83b00c6add741c9becaec087fb7ccdefea71350e", "sha256:5c6eca3c2940464d106b99ba83b00c6add741c9becaec087fb7ccdefea71350e",
"sha256:8d59a976fb773f3e6a39c85636357c4f0e242707394cadadd9814f5cbaa20e96" "sha256:8d59a976fb773f3e6a39c85636357c4f0e242707394cadadd9814f5cbaa20e96"
@ -538,10 +577,10 @@
}, },
"six": { "six": {
"hashes": [ "hashes": [
"sha256:1f1b7d42e254082a9db6279deae68afb421ceba6158efa6131de7b3003ee93fd", "sha256:236bdbdce46e6e6a3d61a337c0f8b763ca1e8717c03b369e87a7ec7ce1319c0a",
"sha256:30f610279e8b2578cab6db20741130331735c781b56053c59c4076da27f06b66" "sha256:8f3cd2e254d8f793e7f3d6d9df77b92252b52637291d0f0da013c76ea2724b6c"
], ],
"version": "==1.13.0" "version": "==1.14.0"
}, },
"sqlalchemy": { "sqlalchemy": {
"hashes": [ "hashes": [
@ -618,10 +657,10 @@
}, },
"zipp": { "zipp": {
"hashes": [ "hashes": [
"sha256:8dda78f06bd1674bd8720df8a50bb47b6e1233c503a4eed8e7810686bde37656", "sha256:57147f6b0403b59f33fd357f169f860e031303415aeb7d04ede4839d23905ab8",
"sha256:d38fbe01bbf7a3593a32bc35a9c4453c32bc42b98c377f9bff7e9f8da157786c" "sha256:7ae5ccaca427bafa9760ac3cd8f8c244bfc259794b5b6bb9db4dda2241575d09"
], ],
"version": "==1.0.0" "version": "==2.0.0"
} }
}, },
"develop": { "develop": {
@ -632,14 +671,6 @@
], ],
"version": "==1.4.3" "version": "==1.4.3"
}, },
"appnope": {
"hashes": [
"sha256:5b26757dc6f79a3b7dc9fab95359328d5747fcb2409d331ea66d0272b90ab2a0",
"sha256:8b995ffe925347a2138d7ac0fe77155e4311a0ea6d6da4f5128fe4b3cbe5ed71"
],
"markers": "sys_platform == 'darwin'",
"version": "==0.1.0"
},
"argh": { "argh": {
"hashes": [ "hashes": [
"sha256:a9b3aaa1904eeb78e32394cd46c6f37ac0fb4af6dc488daa58971bdc7d7fcaf3", "sha256:a9b3aaa1904eeb78e32394cd46c6f37ac0fb4af6dc488daa58971bdc7d7fcaf3",
@ -1210,10 +1241,10 @@
}, },
"six": { "six": {
"hashes": [ "hashes": [
"sha256:1f1b7d42e254082a9db6279deae68afb421ceba6158efa6131de7b3003ee93fd", "sha256:236bdbdce46e6e6a3d61a337c0f8b763ca1e8717c03b369e87a7ec7ce1319c0a",
"sha256:30f610279e8b2578cab6db20741130331735c781b56053c59c4076da27f06b66" "sha256:8f3cd2e254d8f793e7f3d6d9df77b92252b52637291d0f0da013c76ea2724b6c"
], ],
"version": "==1.13.0" "version": "==1.14.0"
}, },
"smmap2": { "smmap2": {
"hashes": [ "hashes": [
@ -1328,10 +1359,10 @@
}, },
"zipp": { "zipp": {
"hashes": [ "hashes": [
"sha256:8dda78f06bd1674bd8720df8a50bb47b6e1233c503a4eed8e7810686bde37656", "sha256:57147f6b0403b59f33fd357f169f860e031303415aeb7d04ede4839d23905ab8",
"sha256:d38fbe01bbf7a3593a32bc35a9c4453c32bc42b98c377f9bff7e9f8da157786c" "sha256:7ae5ccaca427bafa9760ac3cd8f8c244bfc259794b5b6bb9db4dda2241575d09"
], ],
"version": "==1.0.0" "version": "==2.0.0"
} }
} }
} }

149
atst/domain/csp/cloud.py
View File

@ -207,9 +207,10 @@ class TenantCSPResult(AliasModel):
return { return {
"tenant_admin_username": self.tenant_admin_username, "tenant_admin_username": self.tenant_admin_username,
"tenant_admin_password": self.tenant_admin_password, "tenant_admin_password": self.tenant_admin_password,
"tenant_id": self.tenant_id "tenant_id": self.tenant_id,
} }
class BillingProfileAddress(AliasModel): class BillingProfileAddress(AliasModel):
company_name: str company_name: str
address_line_1: str address_line_1: str
@ -248,9 +249,7 @@ class BillingProfileCSPPayload(BaseCSPPayload):
return v or [] return v or []
class Config: class Config:
fields = { fields = {"billing_profile_display_name": "displayName"}
"billing_profile_display_name": "displayName"
}
class BillingProfileCreateCSPResult(AliasModel): class BillingProfileCreateCSPResult(AliasModel):
@ -258,7 +257,10 @@ class BillingProfileCreateCSPResult(AliasModel):
retry_after: int retry_after: int
class Config: class Config:
fields = {"billing_profile_validate_url": "Location", "retry_after": "Retry-After"} fields = {
"billing_profile_validate_url": "Location",
"retry_after": "Retry-After",
}
class BillingProfileVerifyCSPPayload(BaseCSPPayload): class BillingProfileVerifyCSPPayload(BaseCSPPayload):
@ -279,9 +281,7 @@ class BillingProfileProperties(AliasModel):
invoice_sections: List[BillingInvoiceSection] invoice_sections: List[BillingInvoiceSection]
class Config: class Config:
fields = { fields = {"billing_profile_display_name": "displayName"}
"billing_profile_display_name": "displayName"
}
class BillingProfileCSPResult(AliasModel): class BillingProfileCSPResult(AliasModel):
@ -314,20 +314,27 @@ class BillingProfileTenantAccessCSPResult(AliasModel):
"billing_role_assignment_name": "name", "billing_role_assignment_name": "name",
} }
class TaskOrderBillingCSPPayload(BaseCSPPayload): class TaskOrderBillingCSPPayload(BaseCSPPayload):
billing_account_name: str billing_account_name: str
billing_profile_name: str billing_profile_name: str
class EnableTaskOrderBillingCSPResult(AliasModel): class EnableTaskOrderBillingCSPResult(AliasModel):
task_order_billing_validation_url: str task_order_billing_validation_url: str
retry_after: int retry_after: int
class Config: class Config:
fields = {"task_order_billing_validation_url": "Location", "retry_after": "Retry-After"} fields = {
"task_order_billing_validation_url": "Location",
"retry_after": "Retry-After",
}
class TaskOrderBillingCSPResult(BaseCSPPayload): class TaskOrderBillingCSPResult(BaseCSPPayload):
task_order_billing_validation_url: str task_order_billing_validation_url: str
class BillingProfileEnabledPlanDetails(AliasModel): class BillingProfileEnabledPlanDetails(AliasModel):
enabled_azure_plans: List[Dict] enabled_azure_plans: List[Dict]
@ -344,6 +351,7 @@ class TaskOrderBillingCSPResult(AliasModel):
"billing_profile_enabled_plan_details": "properties", "billing_profile_enabled_plan_details": "properties",
} }
class ReportCLINCSPPayload(BaseCSPPayload): class ReportCLINCSPPayload(BaseCSPPayload):
amount: float amount: float
start_date: str start_date: str
@ -353,6 +361,7 @@ class ReportCLINCSPPayload(BaseCSPPayload):
billing_account_name: str billing_account_name: str
billing_profile_name: str billing_profile_name: str
class ReportCLINCSPResult(AliasModel): class ReportCLINCSPResult(AliasModel):
reported_clin_name: str reported_clin_name: str
@ -361,7 +370,16 @@ class ReportCLINCSPResult(AliasModel):
"reported_clin_name": "name", "reported_clin_name": "name",
} }
class CloudProviderInterface: class CloudProviderInterface:
def set_secret(secret_key: str, secret_value: str):
raise NotImplementedError()
def get_secret(secret_key: str, secret_value: str):
raise NotImplementedError()
def root_creds(self) -> Dict: def root_creds(self) -> Dict:
raise NotImplementedError() raise NotImplementedError()
@ -563,7 +581,7 @@ class MockCloudProvider(CloudProviderInterface):
"user_id": response["userId"], "user_id": response["userId"],
"user_object_id": response["objectId"], "user_object_id": response["objectId"],
"tenant_admin_username": "test", "tenant_admin_username": "test",
"tenant_admin_password": "test" "tenant_admin_password": "test",
} }
def create_billing_profile(self, payload): def create_billing_profile(self, payload):
@ -608,33 +626,33 @@ class MockCloudProvider(CloudProviderInterface):
response = {"id": "string"} response = {"id": "string"}
# return {"billing_profile_id": response["id"]} # return {"billing_profile_id": response["id"]}
return { return {
'id': '/providers/Microsoft.Billing/billingAccounts/7c89b735-b22b-55c0-ab5a-c624843e8bf6:de4416ce-acc6-44b1-8122-c87c4e903c91_2019-05-31/billingProfiles/KQWI-W2SU-BG7-TGB', "id": "/providers/Microsoft.Billing/billingAccounts/7c89b735-b22b-55c0-ab5a-c624843e8bf6:de4416ce-acc6-44b1-8122-c87c4e903c91_2019-05-31/billingProfiles/KQWI-W2SU-BG7-TGB",
'name': 'KQWI-W2SU-BG7-TGB', "name": "KQWI-W2SU-BG7-TGB",
'properties': { "properties": {
'address': { "address": {
'addressLine1': '123 S Broad Street, Suite 2400', "addressLine1": "123 S Broad Street, Suite 2400",
'city': 'Philadelphia', "city": "Philadelphia",
'companyName': 'Promptworks', "companyName": "Promptworks",
'country': 'US', "country": "US",
'postalCode': '19109', "postalCode": "19109",
'region': 'PA' "region": "PA",
}, },
'currency': 'USD', "currency": "USD",
'displayName': 'Test Billing Profile', "displayName": "Test Billing Profile",
'enabledAzurePlans': [], "enabledAzurePlans": [],
'hasReadAccess': True, "hasReadAccess": True,
'invoiceDay': 5, "invoiceDay": 5,
'invoiceEmailOptIn': False, "invoiceEmailOptIn": False,
'invoiceSections': [{ "invoiceSections": [
'id': '/providers/Microsoft.Billing/billingAccounts/7c89b735-b22b-55c0-ab5a-c624843e8bf6:de4416ce-acc6-44b1-8122-c87c4e903c91_2019-05-31/billingProfiles/KQWI-W2SU-BG7-TGB/invoiceSections/CHCO-BAAR-PJA-TGB', {
'name': 'CHCO-BAAR-PJA-TGB', "id": "/providers/Microsoft.Billing/billingAccounts/7c89b735-b22b-55c0-ab5a-c624843e8bf6:de4416ce-acc6-44b1-8122-c87c4e903c91_2019-05-31/billingProfiles/KQWI-W2SU-BG7-TGB/invoiceSections/CHCO-BAAR-PJA-TGB",
'properties': { "name": "CHCO-BAAR-PJA-TGB",
'displayName': 'Test Billing Profile' "properties": {"displayName": "Test Billing Profile"},
}, "type": "Microsoft.Billing/billingAccounts/billingProfiles/invoiceSections",
'type': 'Microsoft.Billing/billingAccounts/billingProfiles/invoiceSections' }
}] ],
}, },
'type': 'Microsoft.Billing/billingAccounts/billingProfiles' "type": "Microsoft.Billing/billingAccounts/billingProfiles",
} }
def create_billing_profile_tenant_access(self, payload): def create_billing_profile_tenant_access(self, payload):
@ -651,9 +669,9 @@ class MockCloudProvider(CloudProviderInterface):
"principalId": "0a5f4926-e3ee-4f47-a6e3-8b0a30a40e3d", "principalId": "0a5f4926-e3ee-4f47-a6e3-8b0a30a40e3d",
"principalTenantId": "60ff9d34-82bf-4f21-b565-308ef0533435", "principalTenantId": "60ff9d34-82bf-4f21-b565-308ef0533435",
"roleDefinitionId": "/providers/Microsoft.Billing/billingAccounts/7c89b735-b22b-55c0-ab5a-c624843e8bf6:de4416ce-acc6-44b1-8122-c87c4e903c91_2019-05-31/billingProfiles/KQWI-W2SU-BG7-TGB/billingRoleDefinitions/40000000-aaaa-bbbb-cccc-100000000000", "roleDefinitionId": "/providers/Microsoft.Billing/billingAccounts/7c89b735-b22b-55c0-ab5a-c624843e8bf6:de4416ce-acc6-44b1-8122-c87c4e903c91_2019-05-31/billingProfiles/KQWI-W2SU-BG7-TGB/billingRoleDefinitions/40000000-aaaa-bbbb-cccc-100000000000",
"scope": "/providers/Microsoft.Billing/billingAccounts/7c89b735-b22b-55c0-ab5a-c624843e8bf6:de4416ce-acc6-44b1-8122-c87c4e903c91_2019-05-31/billingProfiles/KQWI-W2SU-BG7-TGB" "scope": "/providers/Microsoft.Billing/billingAccounts/7c89b735-b22b-55c0-ab5a-c624843e8bf6:de4416ce-acc6-44b1-8122-c87c4e903c91_2019-05-31/billingProfiles/KQWI-W2SU-BG7-TGB",
}, },
"type": "Microsoft.Billing/billingRoleAssignments" "type": "Microsoft.Billing/billingRoleAssignments",
} }
def create_or_update_user(self, auth_credentials, user_info, csp_role_id): def create_or_update_user(self, auth_credentials, user_info, csp_role_id):
@ -735,6 +753,9 @@ class AzureSDKProvider(object):
from azure.mgmt import subscription, authorization from azure.mgmt import subscription, authorization
import azure.graphrbac as graphrbac import azure.graphrbac as graphrbac
import azure.common.credentials as credentials import azure.common.credentials as credentials
import azure.identity as identity
from azure.keyvault import secrets import secrets
from msrestazure.azure_cloud import AZURE_PUBLIC_CLOUD from msrestazure.azure_cloud import AZURE_PUBLIC_CLOUD
import adal import adal
import requests import requests
@ -744,6 +765,8 @@ class AzureSDKProvider(object):
self.adal = adal self.adal = adal
self.graphrbac = graphrbac self.graphrbac = graphrbac
self.credentials = credentials self.credentials = credentials
self.identity = identity
self.secrets = secrets
self.requests = requests self.requests = requests
# may change to a JEDI cloud # may change to a JEDI cloud
self.cloud = AZURE_PUBLIC_CLOUD self.cloud = AZURE_PUBLIC_CLOUD
@ -756,12 +779,29 @@ class AzureCloudProvider(CloudProviderInterface):
self.client_id = config["AZURE_CLIENT_ID"] self.client_id = config["AZURE_CLIENT_ID"]
self.secret_key = config["AZURE_SECRET_KEY"] self.secret_key = config["AZURE_SECRET_KEY"]
self.tenant_id = config["AZURE_TENANT_ID"] self.tenant_id = config["AZURE_TENANT_ID"]
self.vault_url = config["AZURE_VAULT_URL"]
if azure_sdk_provider is None: if azure_sdk_provider is None:
self.sdk = AzureSDKProvider() self.sdk = AzureSDKProvider()
else: else:
self.sdk = azure_sdk_provider self.sdk = azure_sdk_provider
def set_secret(secret_key, secret_value):
credential = self._get_client_secret_credential_obj()
secret_client = self.secrets.SecretClient(
vault_url=self.vault_url,
credential=credential,
)
return secret_client.set_secret(secret_key, secret_value)
def get_secret(secret_key)
credential = self._get_client_secret_credential_obj()
secret_client = self.secrets.SecretClient(
vault_url=self.vault_url,
credential=credential,
)
return secret_client.get_secret(secret_key).value
def create_environment( def create_environment(
self, auth_credentials: Dict, user: User, environment: Environment self, auth_credentials: Dict, user: User, environment: Environment
): ):
@ -856,7 +896,7 @@ class AzureCloudProvider(CloudProviderInterface):
headers=create_tenant_headers, headers=create_tenant_headers,
) )
print('create tenant result') print("create tenant result")
print(result.json()) print(result.json())
if result.status_code == 200: if result.status_code == 200:
@ -907,7 +947,9 @@ class AzureCloudProvider(CloudProviderInterface):
"Authorization": f"Bearer {sp_token}", "Authorization": f"Bearer {sp_token}",
} }
result = self.sdk.requests.get(payload.billing_profile_validate_url, headers=auth_header) result = self.sdk.requests.get(
payload.billing_profile_validate_url, headers=auth_header
)
if result.status_code == 202: if result.status_code == 202:
# 202 has location/retry after headers # 202 has location/retry after headers
@ -917,7 +959,9 @@ class AzureCloudProvider(CloudProviderInterface):
else: else:
return self._error(result.json()) return self._error(result.json())
def create_billing_profile_tenant_access(self, payload: BillingProfileTenantAccessCSPPayload): def create_billing_profile_tenant_access(
self, payload: BillingProfileTenantAccessCSPPayload
):
sp_token = self._get_sp_token(payload.creds) sp_token = self._get_sp_token(payload.creds)
request_body = { request_body = {
"properties": { "properties": {
@ -945,11 +989,7 @@ class AzureCloudProvider(CloudProviderInterface):
{ {
"op": "replace", "op": "replace",
"path": "/enabledAzurePlans", "path": "/enabledAzurePlans",
"value": [ "value": [{"skuId": "0001"}],
{
"skuId": "0001"
}
]
} }
] ]
@ -959,7 +999,9 @@ class AzureCloudProvider(CloudProviderInterface):
url = f"https://management.azure.com/providers/Microsoft.Billing/billingAccounts/{payload.billing_account_name}/billingProfiles/{payload.billing_profile_name}?api-version=2019-10-01-preview" url = f"https://management.azure.com/providers/Microsoft.Billing/billingAccounts/{payload.billing_account_name}/billingProfiles/{payload.billing_profile_name}?api-version=2019-10-01-preview"
result = self.sdk.requests.patch(url, headers=request_headers, json=request_body) result = self.sdk.requests.patch(
url, headers=request_headers, json=request_body
)
if result.status_code == 202: if result.status_code == 202:
# 202 has location/retry after headers # 202 has location/retry after headers
@ -969,7 +1011,7 @@ class AzureCloudProvider(CloudProviderInterface):
else: else:
return self._error(result.json()) return self._error(result.json())
def validate_task_order_billing_enabled(self, payload: VerifyTaskOrderBillingCSPPayload): def validate_task_order_billing_enabled(self, payload: TaskOrderBillingCSPPayload):
sp_token = self._get_sp_token(payload.creds) sp_token = self._get_sp_token(payload.creds)
if sp_token is None: if sp_token is None:
raise AuthenticationException( raise AuthenticationException(
@ -980,7 +1022,9 @@ class AzureCloudProvider(CloudProviderInterface):
"Authorization": f"Bearer {sp_token}", "Authorization": f"Bearer {sp_token}",
} }
result = self.sdk.requests.get(payload.task_order_billing_validation_url, headers=auth_header) result = self.sdk.requests.get(
payload.task_order_billing_validation_url, headers=auth_header
)
if result.status_code == 202: if result.status_code == 202:
# 202 has location/retry after headers # 202 has location/retry after headers
@ -1001,7 +1045,7 @@ class AzureCloudProvider(CloudProviderInterface):
"properties": { "properties": {
"amount": payload.amount, "amount": payload.amount,
"startDate": payload.start_date, "startDate": payload.start_date,
"endDate": payload.end_date "endDate": payload.end_date,
} }
} }
@ -1125,7 +1169,6 @@ class AzureCloudProvider(CloudProviderInterface):
return token_response.get("accessToken", None) return token_response.get("accessToken", None)
def _get_credential_obj(self, creds, resource=None): def _get_credential_obj(self, creds, resource=None):
return self.sdk.credentials.ServicePrincipalCredentials( return self.sdk.credentials.ServicePrincipalCredentials(
client_id=creds.get("client_id"), client_id=creds.get("client_id"),
secret=creds.get("secret_key"), secret=creds.get("secret_key"),
@ -1133,6 +1176,12 @@ class AzureCloudProvider(CloudProviderInterface):
resource=resource, resource=resource,
cloud_environment=self.sdk.cloud, cloud_environment=self.sdk.cloud,
) )
def _get_client_secret_credential_obj():
return self.sdk.identity.ClientSecretCredential(
tenant_id=creds.get("tenant_id"),
client_id =creds.get("client_id"),
client_secret = creds.get("secret_key"),
)
def _make_tenant_admin_cred_obj(self, username, password): def _make_tenant_admin_cred_obj(self, username, password):
return self.sdk.credentials.UserPassCredentials(username, password) return self.sdk.credentials.UserPassCredentials(username, password)