Reset changes to the patch version.

Azure · May 1, 2023 · 17fcc71 · 17fcc71
1 parent b043e00
commit 17fcc71
Show file tree

Hide file tree

Showing 70 changed files with 482 additions and 3,506 deletions.
diff --git a/sdk/identity/azure-identity/CHANGELOG.md b/sdk/identity/azure-identity/CHANGELOG.md
@@ -1,69 +1,29 @@
 # Release History
 
-## 1.9.0-beta.4 (Unreleased)
-
-### Features Added
-
-### Breaking Changes
-
-### Bugs Fixed
-
-### Other Changes
-- renamed `disableInstanceDiscovery` to `disableAuthorityValidationAndInstanceDiscovery`.
-- renamed `DefaultAzureCredential.processTimeout` to `credentialProcessTimeout`.
-
-#### Dependency Updates
-- Upgraded `msal4j` from `1.13.7` to version `1.13.8`.
-- Upgraded `msal4j-persistence-extension` from `1.1.0` to `1.2.0`
-
-
-## 1.9.0-beta.3 (2023-04-13)
-
-### Bugs Fixed
-- Add `disableInstanceDiscovery` to `DefaultAzureCredentialBuilder`
-
-### Other Changes
-- Removed feature from previous betas to compute refresh values for managed identity tokens.
-
 ## 1.8.2 (2023-04-10)
 
 ### Bugs Fixed
 
 - Fixed a bug in managed identity not properly URLEncoding a value. [#34375](https://github.com/Azure/azure-sdk-for-java/pull/34375)
 
-### Other Changes	### Other Changes
-
-#### Dependency Updates	#### Dependency Updates
-- Upgraded `azure-core` from `1.37.0` to version `1.38.0`.	- Upgraded `azure-core` from `1.37.0` to version `1.38.0`.
-- Upgraded `azure-core-http-netty` from `1.13.1` to version `1.13.2`.	- Upgraded `azure-core-http-netty` from `1.13.1` to version `1.13.2`.
-- Upgraded `msal4j` from `1.13.5` to version `1.13.7`.	- Upgraded `msal4j` from `1.13.5` to version `1.13.7`.
-g
-- 
-## 1.9.0-beta.2 (2023-03-16)
+### Other Changes
 
-### Features Added
-- Added CAE support to service principal authentication.
-- Pass more detailed refresh policy for managed identity tokens to MSAL.
-- Add configurable timeout for developer credentials (Azure CLI, Azure Developer CLI)
+#### Dependency Updates
 
-### Bugs Fixed
-- Fixed detection logic for az/azd.
+- Upgraded `azure-core` from `1.37.0` to version `1.38.0`.
+- Upgraded `azure-core-http-netty` from `1.13.1` to version `1.13.2`.
+- Upgraded `msal4j` from `1.13.5` to version `1.13.7`.
 
 ## 1.8.1 (2023-03-06)
 
+### Other Changes
+
 #### Dependency Updates
 
 - Upgraded `azure-core` from `1.36.0` to version `1.37.0`.
 - Upgraded `azure-core-http-netty` from `1.13.0` to version `1.13.1`.
 - Upgraded `msal4j` from `1.13.4` to version `1.13.5`.
 
-## 1.9.0-beta.1 (2023-02-08)
-
-### Features Added
-- [[#32527]](https://github.com/Azure/azure-sdk-for-java/pull/32527) Added Azure Developer CLI Credential.
-- Added support to disable instance discovery on AAD credentials.
-- `WorkloadIdentityCredential` and `DefaultAzureCredential` support Workload Identity Federation on Kubernetes. `DefaultAzureCredential` support requires environment variable configuration as set by the Workload Identity webhook.
-
 ## 1.8.0 (2023-02-03)
 
 ### Features Added
@@ -77,12 +37,10 @@ g
 - Upgraded `azure-core-http-netty` from `1.12.8` to version `1.13.0`.
 - Upgraded `msal4j` from `1.13.3` to version `1.13.4`.
 
-
 ## 1.8.0-beta.1 (2023-01-20)
 
 ### Features Added
 - Added support to configure `clientOptions`, `httpLogOptions`, `retryPolicy`, `retryOptions` and `addPolicy` on Identity credentials.
-- Added support to disable instance discovery on AAD credentials.
 
 ## 1.7.3 (2023-01-06)
 

diff --git a/sdk/identity/azure-identity/README.md b/sdk/identity/azure-identity/README.md
@@ -41,12 +41,12 @@ Then include the direct dependency in the `dependencies` section without the ver
 
 To take dependency on a particular version of the library that isn't present in the BOM, add the direct dependency to your project as follows:
 
-[//]: # ({x-version-update-start;com.azure:azure-identity;dependency})
+[//]: # ({x-version-update-start;com.azure:azure-identity;current})
 ```xml
 <dependency>
     <groupId>com.azure</groupId>
     <artifactId>azure-identity</artifactId>
-    <version>1.8.2</version>
+    <version>1.8.1</version>
 </dependency>
 ```
 [//]: # ({x-version-update-end})
@@ -86,15 +86,13 @@ The `DefaultAzureCredential` is appropriate for most scenarios where the applica
 
 The `DefaultAzureCredential` will attempt to authenticate via the following mechanisms in order.
 
-![DefaultAzureCredential authentication flow](images/mermaidjs/DefaultAzureCredentialAuthFlow.svg)
+![DefaultAzureCredential authentication flow](https://github.com/Azure/azure-sdk-for-java/raw/main/sdk/identity/azure-identity/images/mermaidjs/DefaultAzureCredentialAuthFlow.svg)
 
 1. **Environment** - The `DefaultAzureCredential` will read account information specified via [environment variables](#environment-variables) and use it to authenticate.
-2. **Workload Identity** - If the app is deployed on Kubernetes with environment variables set by the workload identity webhook, `DefaultAzureCredential` will authenticate the configured identity.
-3. **Managed Identity** - If the application is deployed to an Azure host with Managed Identity enabled, the `DefaultAzureCredential` will authenticate with that account.
-4. **Azure Developer CLI** - If the developer has authenticated an account via the Azure Developer CLI `azd auth login` command, the `DefaultAzureCredential` will authenticate with that account.
-5. **IntelliJ** - If the developer has authenticated via Azure Toolkit for IntelliJ, the `DefaultAzureCredential` will authenticate with that account.
-6. **Azure CLI** - If the developer has authenticated an account via the Azure CLI `az login` command, the `DefaultAzureCredential` will authenticate with that account.
-7. **Azure PowerShell** - If the developer has authenticated an account via the Azure PowerShell `Connect-AzAccount` command, the `DefaultAzureCredential` will authenticate with that account.
+1. **Managed Identity** - If the application is deployed to an Azure host with Managed Identity enabled, the `DefaultAzureCredential` will authenticate with that account.
+1. **IntelliJ** - If the developer has authenticated via Azure Toolkit for IntelliJ, the `DefaultAzureCredential` will authenticate with that account.
+1. **Azure CLI** - If the developer has authenticated an account via the Azure CLI `az login` command, the `DefaultAzureCredential` will authenticate with that account.
+1. **Azure PowerShell** - If the developer has authenticated an account via the Azure PowerShell `Connect-AzAccount` command, the `DefaultAzureCredential` will authenticate with that account.
 
 #### Note about `VisualStudioCodeCredential`
 
@@ -329,7 +327,7 @@ Not all credentials require this configuration. Credentials that authenticate th
       <td><a href="https://learn.microsoft.com/azure/active-directory/develop/app-objects-and-service-principals">Service principal authentication</a></td>
     </tr>
     <tr>
-      <td><code><a href="https://learn.microsoft.com/java/api/com.azure.identity.clientsecretcredential?view=azure-java-stable">ClientSecretCredential</a></code></td>
+      <td><code><a href="https://docs.microsoft.com/java/api/com.azure.identity.clientsecretcredential?view=azure-java-stable">ClientSecretCredential</a></code></td>
       <td>authenticates a service principal using a secret</td>
       <td><a href="https://github.com/Azure/azure-sdk-for-java/wiki/Azure-Identity-Examples#authenticating-a-service-principal-with-a-client-secret">example</a></td>
       <td><a href="https://learn.microsoft.com/azure/active-directory/develop/app-objects-and-service-principals">Service principal authentication</a></td>
@@ -396,13 +394,6 @@ Not all credentials require this configuration. Credentials that authenticate th
     </tr>
   </thead>
   <tbody>
-    <tr>
-      <td><code>AzureDeveloperCliCredential</code></td>
-      <td>Authenticate in a development environment with the enabled user or service principal in Azure Developer CLI</td>
-      <!-- Example and Reference for azd is WIP -->
-      <td></td>  
-      <td><a href="https://learn.microsoft.com/azure/developer/azure-developer-cli/reference">Azure Developer CLI Reference</a></td>
-    </tr>
     <tr>
       <td><code><a href="https://learn.microsoft.com/java/api/com.azure.identity.azureclicredential?view=azure-java-stable">AzureCliCredential</a></code></td>
       <td>Authenticate in a development environment with the enabled user or service principal in Azure CLI</td>
@@ -430,8 +421,6 @@ Not all credentials require this configuration. Credentials that authenticate th
   </tbody>
 </table>
 
-> __Note:__ `AzureDeveloperCliCredential` is in beta and its name may change before the stable release.
-
 > __Note:__ All credential implementations in the Azure Identity library are threadsafe, and a single credential instance can be used to create multiple service clients.
 
 Credentials can be chained together to be tried in turn until one succeeds using the `ChainedTokenCredential`; see [chaining credentials](#define-a-custom-authentication-flow-with-the-chainedtokencredential) for details.

diff --git a/sdk/identity/azure-identity/TROUBLESHOOTING.md b/sdk/identity/azure-identity/TROUBLESHOOTING.md
@@ -19,9 +19,7 @@ This troubleshooting guide covers failure investigation techniques, common error
     - [Azure App Service and Azure Functions Managed Identity](#azure-app-service-and-azure-functions-managed-identity)
 - [Troubleshoot VisualStudioCodeCredential authentication issues](#troubleshoot-visualstudiocodecredential-authentication-issues)
 - [Troubleshoot AzureCliCredential authentication issues](#troubleshoot-azureclicredential-authentication-issues)
-- [Troubleshoot AzureDeveloperCliCredential authentication issues](#troubleshoot-azuredeveloperclicredential-authentication-issues)
 - [Troubleshoot AzurePowerShellCredential authentication issues](#troubleshoot-azurepowershellcredential-authentication-issues)
-- [Troubleshoot WorkloadIdentityCredential authentication issues](#troubleshoot-workloadidentitycredential-authentication-issues)
 - [Get additional help](#get-additional-help)
 
 ## Handle Azure Identity exceptions
@@ -212,31 +210,6 @@ az account get-access-token --output json --resource https://management.core.win
 ```
 >Note that output of this command will contain a valid access token, and SHOULD NOT BE SHARED to avoid compromising account security.
 
-
-## Troubleshoot `AzureDeveloperCliCredential` authentication issues
-
-`CredentialUnavailableException`
-
-| Error Message |Description| Mitigation |
-|---|---|---|
-|Azure Developer CLI not installed|The Azure Developer CLI isn't installed or couldn't be found.|<ul><li>Ensure the Azure Developer CLI is properly installed. Installation instructions can be found [here](https://learn.microsoft.com/azure/developer/azure-developer-cli/install-azd).</li><li>Validate the installation location has been added to the `PATH` environment variable.</li></ul>|
-|Please run 'azd auth login' to set up account|No account is currently logged into the Azure Developer CLI, or the login has expired.|<ul><li>Log into the Azure Developer CLI using the `azd auth login` command.</li><li>Validate that the Azure Developer CLI can obtain tokens. See [below](#verify-the-azure-developer-cli-can-obtain-tokens) for instructions.</li></ul>|
-
-#### Verify the Azure Developer CLI can obtain tokens
-
-You can manually verify that the Azure Developer CLI is properly authenticated, and can obtain tokens. First use the `config` command to verify the account which is currently logged in to the Azure Developer CLI.
-
-```bash
-azd config list
-```
-
-Once you've verified the Azure Developer CLI is using correct account, you can validate that it's able to obtain tokens for this account.
-
-```bash
-azd auth token --output json --scope https://management.core.windows.net/.default
-```
->Note that output of this command will contain a valid access token, and SHOULD NOT BE SHARED to avoid compromising account security.
-
 ## Troubleshoot `AzurePowerShellCredential` authentication issues
 
 `CredentialUnavailableException`
@@ -266,13 +239,6 @@ Get-AzAccessToken -ResourceUrl "https://management.core.windows.net"
 ```
 >Note that output of this command will contain a valid access token, and SHOULD NOT BE SHARED to avoid compromising account security.
 
-
-## Troubleshoot `WorkloadIdentityCredential` authentication issues
-
-| Error |Description| Mitigation                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |  
-|---|---|---|  
-|`CredentialUnavailableException` raised with message. "WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured."|The `WorkloadIdentityCredential` requires `clientId`, `tenantId` and `tokenFilePath` to authenticate with Azure Active Directory.| <ul><li>If using `DefaultAzureCredential` then:</li><ul><li>Ensure client ID is specified via `workloadIdentityClientId` setter or `AZURE_CLIENT_ID` env variable.</li><li>Ensure tenant ID is specified via `AZURE_TENANT_ID` env variable.</li><li>Ensure token file path is specified via `AZURE_FEDERATED_TOKEN_FILE` env variable.</li><li>Ensure authority host is specified via `AZURE_AUTHORITY_HOST` env variable.</ul><li>If using `WorkloadIdentityCredential` then:</li><ul><li>Ensure tenant ID is specified via `tenantId` setter on credential builder or `AZURE_TENANT_ID` env variable.</li><li>Ensure client ID is specified via `clientId` setter on the credential builder or `AZURE_CLIENT_ID` env variable.</li><li>Ensure token file path is specified via `tokenFilePath` setter on the credential builder or `AZURE_FEDERATED_TOKEN_FILE` environment variable. </li></ul></li><li>Consult the [product troubleshooting guide](https://azure.github.io/azure-workload-identity/docs/troubleshooting.html) for other issues.</li></ul>
-
 ## Troubleshoot multi-tenant authentication issues
 `ClientAuthenticationException`
 

diff --git a/sdk/identity/azure-identity/images/mermaidjs/DefaultAzureCredentialAuthFlow.md b/sdk/identity/azure-identity/images/mermaidjs/DefaultAzureCredentialAuthFlow.md
@@ -2,27 +2,27 @@
 %% STEPS TO GENERATE IMAGE
 %% =======================
 %% 1. Install mermaid CLI (see https://github.com/mermaid-js/mermaid-cli/blob/master/README.md)
-%%    v10.0.2 is known good for our process. npm install -g @mermaid-js/mermaid-cli@10.0.2
 %% 2. Run command: mmdc -i DefaultAzureCredentialAuthFlow.md -o DefaultAzureCredentialAuthFlow.svg
 
 flowchart LR;
-    A(Environment):::deployed --> B(Workload Identity):::deployed --> C(Managed Identity):::deployed --> D(Azure Developer CLI):::developer --> E(IntelliJ):::developer --> F(Azure CLI):::developer --> G(Azure PowerShell):::developer;
+    A(Environment):::deployed ==> B(Managed Identity):::deployed ==> C(IntelliJ):::developer ==> D(Azure CLI):::developer ==> E(Azure PowerShell):::developer;
 
     subgraph CREDENTIAL TYPES;
         direction LR;
-        Deployed(Deployed service):::deployed ~~~ Developer(Developer):::developer;
+        Deployed(Deployed service):::deployed ==> Developer(Developer):::developer;
+
+        %% Hide links between boxes in the legend by setting width to 0. The integers after "linkStyle" represent link indices.
+        linkStyle 4 stroke-width:0px;
     end;
 
     %% Define styles for credential type boxes
     classDef deployed fill:#95C37E, stroke:#71AD4C;
     classDef developer fill:#F5AF6F, stroke:#EB7C39;
 
     %% Add API ref links to credential type boxes
-    click A "https://learn.microsoft.com/java/api/com.azure.identity.environmentcredential?view=azure-java-stable" _blank;
-    click B "https://learn.microsoft.com/java/api/com.azure.identity.workloadidentitycredential?view=azure-java-stable" _blank;
-    click C "https://learn.microsoft.com/java/api/com.azure.identity.managedidentitycredential?view=azure-java-stable" _blank;
-    click D "https://learn.microsoft.com/java/api/com.azure.identity.azuredeveloperclicredential?view=azure-java-stable" _blank;
-    click E "https://learn.microsoft.com/java/api/com.azure.identity.intellijcredential?view=azure-java-stable" _blank;
-    click F "https://learn.microsoft.com/java/api/com.azure.identity.azureclicredential?view=azure-java-stable" _blank;
-    click G "https://learn.microsoft.com/java/api/com.azure.identity.azurepowershellcredential?view=azure-java-stable" _blank;
+    click A "https://docs.microsoft.com/java/api/com.azure.identity.environmentcredential?view=azure-java-stable" _blank;
+    click B "https://docs.microsoft.com/java/api/com.azure.identity.managedidentitycredential?view=azure-java-stable" _blank;
+    click C "https://docs.microsoft.com/java/api/com.azure.identity.intellijcredential?view=azure-java-stable" _blank;
+    click E "https://docs.microsoft.com/java/api/com.azure.identity.azureclicredential?view=azure-java-stable" _blank;
+    click F "https://docs.microsoft.com/java/api/com.azure.identity.azurepowershellcredential?view=azure-java-stable" _blank;
 ```