Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Weird error on login - 'dict' object cannot be interpreted as an integer #2800

Closed
colemickens opened this issue Apr 7, 2017 · 4 comments

Comments

@colemickens
Copy link
Contributor

commented Apr 7, 2017

Environment summary

Install Method: How did you install the CLI? (e.g. pip, interactive script, apt-get, Docker, MSI, nightly)

        rm -rf $HOME/.local/lib/python3.6
        mkdir $HOME/.local/lib/python3.6/site-packages
        pip install --no-cache-dir --user --upgrade --pre azure-cli --extra-index-url https://azureclinightly.blob.core.windows.net/packages
        pip install --user --upgrade --pre azure-cli-acr azure-cli-keyvault --extra-index-url https://azureclinightly.blob.core.windows.net/packages

CLI Version: What version of the CLI and modules are installed? (Use az --version)

azure-cli (2.0.2+1.dev20170406)

acr (2.0.0+1.dev20170406)
acs (2.0.2+1.dev20170406)
appservice (0.1.2+1.dev20170406)
batch (2.0.0+1.dev20170406)
cloud (2.0.0+1.dev20170406)
component (2.0.0+1.dev20170406)
configure (2.0.2+1.dev20170406)
container (0.1.2+1.dev20170406)
core (2.0.2+1.dev20170406)
documentdb (0.1.2+1.dev20170406)
feedback (2.0.0+1.dev20170406)
find (0.1.2rc1+1.dev20170312)
iot (0.1.2+1.dev20170406)
keyvault (2.0.0+1.dev20170406)
lab (0.0.1+1.dev20170406)
monitor (0.0.1+1.dev20170406)
network (2.0.2+1.dev20170406)
nspkg (2.0.0+1.dev20170406)
profile (2.0.2+1.dev20170406)
redis (0.1.1b3+1.dev20170406)
resource (2.0.2+1.dev20170406)
role (2.0.1+1.dev20170406)
sql (2.0.0+1.dev20170406)
storage (2.0.2+1.dev20170406)
vm (2.0.2+1.dev20170406)

Python (Linux) 3.6.1 (default, Mar 27 2017, 00:27:06)
[GCC 6.3.1 20170306]

OS Version: What OS and version are you using?
Arch Linux, up to date

Shell Type: What shell are you using? (e.g. bash, cmd.exe, Bash on Windows)
zsh


Description

$ az login --service-principal --username xxx --password xxx --tenant xxx
'dict' object cannot be interpreted as an integer
Traceback (most recent call last):
  File "/home/cole/.local/lib/python3.6/site-packages/azure/cli/main.py", line 37, in main
    cmd_result = APPLICATION.execute(args)
  File "/home/cole/.local/lib/python3.6/site-packages/azure/cli/core/application.py", line 157, in execute
    result = expanded_arg.func(params)
  File "/home/cole/.local/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 367, in _execute_command
    raise ex
  File "/home/cole/.local/lib/python3.6/site-packages/azure/cli/core/commands/__init__.py", line 362, in _execute_command
    result = op(client, **kwargs) if client else op(**kwargs)
  File "/home/cole/.local/lib/python3.6/site-packages/azure/cli/command_modules/profile/custom.py", line 79, in login
    tenant)
  File "/home/cole/.local/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 135, in find_subscriptions_on_login
    tenant))
  File "/home/cole/.local/lib/python3.6/site-packages/azure/cli/core/_profile.py", line 500, in save_service_principal_cred
    self._service_principal_creds.pop(matched[0])
TypeError: 'dict' object cannot be interpreted as an integer

If I rm -rf ~/.azure first, it goes away. Maybe a bug in merging stuff together?

Also, weird though, since my script sets AZURE_CONFIG_DIR to a temp dir, so it should be like new every time... I wasn't properly exporting it, when I do, I avoid this issue since each script run gets its own config directory.

@colemickens

This comment has been minimized.

Copy link
Contributor Author

commented Apr 7, 2017

Updated the post, when I set AZURE_CONFIG_DIR properly, I avoid this issue, so again, I think it's a result of the code that merges the new accounts into the existing json files when logging in after the first time.

@derekbekoe

This comment has been minimized.

Copy link
Member

commented Apr 7, 2017

Related to #2760 (comment).
It appeared in tests but this is the first bug report that shows it affects the product as well.

@msleal

This comment has been minimized.

Copy link

commented Apr 10, 2017

Hi, I could reproduce this...
Everytime I need to use the Azure CLI (e.g.: az login) using the serviceprincipal, I need to delete the .azure directory to the login work (Login interactive works without removing the .azure directory).
I have not identified which file causes the error (maybe az.sess??)...

A last note: the file .azure/accessTokens.json holds the credentials in clear, that is how it is supposed to be? I mean, it has just read permissions for my user, but seems to be a security risk. The Azure CLI uses this to re-validate the session or something?

Thank you!

@yugangw-msft

This comment has been minimized.

Copy link
Contributor

commented Apr 12, 2017

@msleal, @colemickens, I am fixing this bug. Do apologize for the inconvenience.

the file .azure/accessTokens.json holds the credentials in clear

We cache the SP secret, because the token issued for SP carries no refresh token. It is not reasonable for CLI to prompt you for creds every one hour, and actually it is not even possible as the token can expire in the middle of the command session.
CLI sets the file permission at 600, meaning other users will not be able to read it. I can't say the plain file has no security risk but it is still reasonably secure . Also we don't persist user's creds at all.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.