-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[QUERY] Why is scope not automatically set for requests to storage endpoint? #39561
Comments
Thank you for your feedback. Tagging and routing to the team member best able to assist. |
The reason top of my mind, is that SDK itself does not send any request to storage account endpoint. Hence there is no need to build the scope to storage account endpoint. You can see the azure-storage-blob dependency is only in test |
Ok, but the same applies to, for example, keyvault (immediately above in your link). Keyvault is handled in Either way, |
KeyVault is because SDK do create the client (sharing the same pipeline) to access KeyVault endpoint |
If you need to share the pipeline with other applications (e.g. those need access StorageAcount), you may want to plugin a slightly different The code in SDK that building the pipeline is here. You can duplicate the code and replace the |
Yes, that's what we've already done, but we hoped that was a temporary workaround and that this would be handled in the SDK by default instead. |
OK, we will take a look, but probably not at high priority as it not affect most customers. One may not really need to share the HttpPipeline. The usual suggestion is to share a HttpClient (and the TokenCredential instance), as connection pool (that's most resource allocated for an app using http client) belongs to the HttpClient. HttpPipeline is mostly just code over HttpClient. |
@freva 2.39.0 will be released this week. |
Hi @freva , 2.39.0 released with storage auth scope supported. |
Hi @freva. Thank you for opening this issue and giving us the opportunity to assist. We believe that this has been addressed. If you feel that further discussion is needed, please add a comment with the text "/unresolve" to remove the "issue-addressed" label and continue the conversation. |
Query/Question
We create a single
HttpPipeline
instance with all the policies we require, from this we create multiple clients, e.g.ComputeManagementClient
,DnsManagementClient
,BlobContainerClient
. We are not setting any scope because this pipeline is used by multiple clients. Azure SDK already has handling for setting correct default scope if none is set, depending on which endpoint the request is for (viaResourceManagerUtils::getDefaultScopeFromUrl
).Question: Is there any reason for not handling storage endpoint in there as well?
AzureEnvironment
already hasstorageEndpointSuffix
, though no correspondingAzureEnvironment.Endpoint
is defined.Why is this not a Bug or a feature Request?
Could be a bug/oversight, or maybe there's something I'm missing about the storage endpoint authentication (e.g. if there are some APIs that require a different scope?).
Setup (please complete the following information if applicable):
com.azure.resourcemanager:azure-resourcemanager-resources:2.37.0
Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report
The text was updated successfully, but these errors were encountered: