Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OSOE-598: Add entra authentication for live metrics #85

Merged
merged 32 commits into from
Jun 14, 2024
Merged

OSOE-598: Add entra authentication for live metrics #85

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
91ea3f6
Add entra authentication for live metrics
AydinE May 22, 2024
6301d5b
Merge branch 'dev' into issue/OSOE-598
AydinE May 22, 2024
15d3773
Update Readme.md
AydinE May 23, 2024
69b61c9
Update Readme.md
AydinE May 23, 2024
e64a501
Update Readme.md
AydinE May 23, 2024
22bec38
Update Lombiq.Hosting.Azure.ApplicationInsights/ApplicationInsightsOp…
AydinE May 23, 2024
f74854c
Support local development
AydinE May 23, 2024
6edc181
Merge branch 'issue/OSOE-598' of https://github.com/Lombiq/Orchard-Az…
AydinE May 23, 2024
11ed4b7
Update Readme.md
AydinE May 23, 2024
ef8e256
Update ApplicationInsightsInitializerExtensions.cs
AydinE May 23, 2024
d676e19
Update nuget package version
AydinE May 23, 2024
0db85a0
Update readme and local development
AydinE Jun 3, 2024
b8b1f45
Update Readme.md
AydinE Jun 5, 2024
6bd71d5
Update Readme.md
AydinE Jun 5, 2024
b05ab16
Update Readme.md
AydinE Jun 5, 2024
8a73ae7
Update Readme.md
AydinE Jun 5, 2024
dd956de
Use service principal for local development
AydinE Jun 5, 2024
dddcdfe
Update ApplicationInsightsOptions.cs
AydinE Jun 5, 2024
48865d7
Update Lombiq.Hosting.Azure.ApplicationInsights/ApplicationInsightsOp…
AydinE Jun 6, 2024
492dacd
Update Lombiq.Hosting.Azure.ApplicationInsights/ApplicationInsightsOp…
AydinE Jun 6, 2024
22b5f9f
Update Lombiq.Hosting.Azure.ApplicationInsights/ApplicationInsightsOp…
AydinE Jun 6, 2024
6538e0a
Try to clear up some confusion
AydinE Jun 6, 2024
1bfda11
Add option to use entra
AydinE Jun 7, 2024
390846e
Update Readme.md
AydinE Jun 7, 2024
c066760
Add validation check
AydinE Jun 7, 2024
7009f63
Change options to use Enum
AydinE Jun 10, 2024
3452b80
Grammar
Piedone Jun 10, 2024
cbf2623
JSON syntax fix
Piedone Jun 10, 2024
8fc4bb9
Clarifying docs
Piedone Jun 10, 2024
c5b1d31
Merge branch 'dev' into issue/OSOE-598
AydinE Jun 12, 2024
bac69f0
Not sending QuickPulseTelemetryModuleAuthenticationApiKey if Entra au…
Piedone Jun 13, 2024
2b480d1
Docs
Piedone Jun 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion Lombiq.Hosting.Azure.ApplicationInsights/ApplicationInsightsOptions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ public class ApplicationInsightsOptions
/// documentation for more info: <see
/// href="https://docs.microsoft.com/en-us/azure/azure-monitor/app/live-stream#secure-the-control-channel"/>.
/// </summary>
[Obsolete("Microsoft Entra authentication is the only supported method from September 30, 2025. API key authentication will be removed")]
[Obsolete("Microsoft Entra authentication is the only supported method from 30 September 2025. API key authentication will be removed.")]
public string QuickPulseTelemetryModuleAuthenticationApiKey { get; set; }

/// <summary>
Expand Down Expand Up @@ -70,6 +70,14 @@ public class ApplicationInsightsOptions
/// </summary>
public bool EnableClientSideTracking { get; set; } = true;

/// <summary>
/// Gets or sets a value indicating whether local development is enabled where telemetry is sent to
/// Azure Application Insights from the local instance.
/// Will only work if local authentication is enabled in the properties of the Applications Insights resource
/// which should only be the case during development and testing.
Piedone marked this conversation as resolved.
Show resolved Hide resolved
/// </summary>
public bool EnableLocalDevelopment { get; set; }

/// <summary>
/// Gets or sets a value indicating whether to work in kind of a debug mode completely offline. Telemetry will still
/// show up in the Debug window.
Expand Down
21 changes: 14 additions & 7 deletions ....Hosting.Azure.ApplicationInsights/Extensions/ApplicationInsightsInitializerExtensions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,6 @@ public static class ApplicationInsightsInitializerExtensions
IConfiguration configurationManager)
{
var services = builder.ApplicationServices;

services.Configure<TelemetryConfiguration>(config =>
{
var credential = new ManagedIdentityCredential();
config.SetAzureTokenCredential(credential);
});

services.AddApplicationInsightsTelemetry(configurationManager);

// Create a temporary ServiceProvider to configure ApplicationInsightsServiceOptions.
Expand All @@ -43,6 +36,20 @@ public static class ApplicationInsightsInitializerExtensions
.GetSection("OrchardCore:Lombiq_Hosting_Azure_ApplicationInsights");
applicationInsightsConfigSection.Bind(applicationInsightsOptions);

services.Configure<TelemetryConfiguration>(config =>
{
if (applicationInsightsOptions.EnableLocalDevelopment)
{
var credential = new DefaultAzureCredential();
Piedone marked this conversation as resolved.
Show resolved Hide resolved
config.SetAzureTokenCredential(credential);
Piedone marked this conversation as resolved.
Show resolved Hide resolved
}
else
{
var credential = new ManagedIdentityCredential();
config.SetAzureTokenCredential(credential);
}
});

if (string.IsNullOrEmpty(applicationInsightsServiceOptions?.ConnectionString) &&
#pragma warning disable CS0618 // Type or member is obsolete
string.IsNullOrEmpty(applicationInsightsServiceOptions?.InstrumentationKey) &&
Expand Down
2 changes: 1 addition & 1 deletion Lombiq.Hosting.Azure.ApplicationInsights/Lombiq.Hosting.Azure.ApplicationInsights.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
</ItemGroup>

<ItemGroup>
<PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.21.0" />
<PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.22.0" />
<PackageReference Include="OrchardCore.Media.Azure" Version="1.8.0" />
<PackageReference Include="OrchardCore.Module.Targets" Version="1.8.0" />
<PackageReference Include="OrchardCore.ContentManagement" Version="1.8.0" />
Expand Down
22 changes: 18 additions & 4 deletions Readme.md
View file
Open in desktop
Piedone marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
Expand Up @@ -86,15 +86,15 @@ The module has its own configuration for further options. These need to come fro
},
"OrchardCore": {
"Lombiq_Hosting_Azure_ApplicationInsights": {
// Deprecated, do not use in new projects
// Deprecated, do not use in new projects.
"QuickPulseTelemetryModuleAuthenticationApiKey": "your API key here"
}
}
}

```

> ⚠ Use of QuickPulseTelemetryModuleAuthenticationApiKey is deprecated and will be officially unsupported starting September 30, 2025. See [Entra Authentication](#entra-authentication) for more information.
> ⚠ Use of QuickPulseTelemetryModuleAuthenticationApiKey is deprecated and will be officially unsupported starting 30 September 2025. See [Entra Authentication](#entra-authentication) for more information.

See the [`ApplicationInsightsOptions` class](Lombiq.Hosting.Azure.ApplicationInsights/ApplicationInsightsOptions.cs) for all options and details.

Expand All @@ -104,11 +104,25 @@ If you use the security defaults from [Lombiq Helpful Libraries - Orchard Core L

### Entra Authentication
AydinE marked this conversation as resolved.
Show resolved Hide resolved

Starting September 30, 2025, authentication using API keys is no longer supported. Instead, you'll have to set up Entra Authentication.
Starting 30 September 2025, authentication using API keys is no longer supported. Instead, you'll have to set up Entra Authentication.
AydinE marked this conversation as resolved.
Show resolved Hide resolved

To set up Entra Authentication follow the steps that most closely match your situation over at [Microsoft Entra authentication for Application Insights](https://learn.microsoft.com/en-us/azure/azure-monitor/app/azure-ad-authentication?tabs=net)

Once Entra Authentication is set up and the ConnectionString has been properly set, live metrics should be flowing in.
Once Entra Authentication is set up and the `ConnectionString` has been properly set, live metrics should be flowing in.

If you want to stream local metrics to Application Insights, you should set the `EnableLocalDevelopment` option to `true` in the `Lombiq_Hosting_Azure_ApplicationInsights` section of your configuration.

```json5
{
"OrchardCore": {
"Lombiq_Hosting_Azure_ApplicationInsights": {
"EnableLocalDevelopment": true
}
}
}
```

> ⚠ Logging local metrics to Application Insights is only recommended for development purposes. And only works when local development is enabled on the Application Insights resource in Azure. Once you are ready to deploy to staging/production environments, you should disable local development.

### Using collected data

Expand Down