-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AppConfiguration can't auth in Germany West Central cloud using connection string? #23917
Comments
Hi @antkmsft , thanks for reaching us! |
Hi, we're sending this friendly reminder because we haven't heard back from you in a while. We need more information about this issue to help address it. Please be sure to give us your input within the next 7 days. If we don't hear back from you within 14 days of this comment the issue will be automatically closed. Thank you! |
This was reproing in Germany West Central back in April. Now it no longer repros, both |
No, sorry, my bad, it still reproes. |
Thanks @antkmsft , I'll try to reproduce the problem asap. |
EventGridv2 TypeSpec Api Preview (Azure#23204) * start typespec * adding eventgrid typespec for api w/ TODOs * update eventgrid typespec with latest eventgrid v2 operations * don't require content-type if there is no body * Update specification/eventgrid/typespec/main.tsp Co-authored-by: JoshLove-msft <[email protected]> * Update specification/eventgrid/typespec/main.tsp Co-authored-by: JoshLove-msft <[email protected]> * changing naming of cloudevent and added in data_base64 * openapi.json * Update specification/eventgrid/typespec/main.tsp Co-authored-by: Libba Lawrence <[email protected]> * Update specification/eventgrid/typespec/main.tsp Co-authored-by: Libba Lawrence <[email protected]> * Update specification/eventgrid/typespec/main.tsp Co-authored-by: Libba Lawrence <[email protected]> * lockTokens format, updated json, optional? params * address code review comments * name_change * add @internal for python * Update specification/eventgrid/Azure.Messaging.EventGrid/main.tsp Co-authored-by: JoshLove-msft <[email protected]> * move @internal to client.tsp (Azure#23538) * rename (Azure#23565) * [EventGrid Typespec] breaking changes with april release of typespec (Azure#23539) * breaking changes with april release of typespec * unknown type * [EG Typespec] Update Release behavior (Azure#23699) * update behavior * just behavior * Add tspconfig and remove AAD auth (Azure#23717) * add tspconfig * add namespace * remove oauth * [EG TypeSpec] Archboard Comments (Azure#23696) * refactoring off of apiview * keep as int * no duration * aligning ack and release * remove behavioral change * ack to release * initial naming changes * Update ReleaseResult doc Co-authored-by: JoshLove-msft <[email protected]> * Update AckResult doc Co-authored-by: JoshLove-msft <[email protected]> * versioning twice-- remove one instance --------- Co-authored-by: JoshLove-msft <[email protected]> * Address couple of stewardship team feedback. These include: 1. Rename CloudEventEvent to simply CloudEvent, 2. Add more description to the operations including the possible erorr codes, 3. Add PublishResult with empty Json object as successful response for the Publish operation, 4. Others. * Add support for missing Reject operation + adding deliveryAttemptCount to BrokerProperties + Adding query parameter for release operation for deliveryDelayInSeconds * Update failedTokens/SuccessfulTokens Description to address code review comments * Update to match service behavior (Azure#23754) * Update to match service behavior * remove locktoken * [EGv2] Editing unused variables (Azure#23917) * event delivery delay not in preview * remove from url comment * [EGv2] Version dependency on Azure.Core (Azure#23936) * verioning fix * spacing mishap? * [EventGrid] Deliveryattempt change (Azure#23960) * deliveryCount 5/1 * small typo * [EventGrid] Remove internal (Azure#23995) * remove internal * remove client.tsp * remove waitWaitTime (Azure#24078) * move location of json file (Azure#24076) * [Egv2] Encode param (Azure#24080) * encode * remove num default on duration --------- Co-authored-by: Laurent Mazuel <[email protected]> * [EGv2] Fix pipeline (Azure#24098) * regen off new commit for encode * reference preview tag * ignore word * update readme to have both apis * update with next autorest * change format to int32 --------- Co-authored-by: Ashraf Hamad <[email protected]> Co-authored-by: Laurent Mazuel <[email protected]> Co-authored-by: JoshLove-msft <[email protected]> Co-authored-by: Ashraf Hamad <[email protected]>
Hi @antkmsft, we deeply appreciate your input into this project. Regrettably, this issue has remained inactive for over 2 years, leading us to the decision to close it. We've implemented this policy to maintain the relevance of our issue queue and facilitate easier navigation for new contributors. If you still believe this topic requires attention, please feel free to create a new issue, referencing this one. Thank you for your understanding and ongoing support. |
There was a bug reported for Go SDK, when AppConfig client couldn't authorize in Germany West Central cloud using the connection string: Azure/azure-sdk-for-go#17424
The fix is to use and sign
Date
header instead ofx-ms-date
(the Go PR is linked in the Go issue, it is a 2-line change).I searched your code base for
"SignedHeaders"
to easily find the place that handles HMAC auth, and it looks like you're also usingx-ms-date
header instead ofDate
(and that's what the AppConfig docs currently say you should do - https://docs.microsoft.com/en-us/azure/azure-app-configuration/rest-api-authentication-hmac, so if it is confirmed that your SDK is affected, we need to get the doc updated as well).Java and .NET SDKs are currently using
Date
header instead ofx-ms-date
for AppConfiguration auth.I am sorry that at this moment I cannot tell you for sure that you are affected by this, but I have reasons to think that you should be, based on the code, and the fix that I am making for the Go SDK. Maybe I will be able to confirm it some time later, or maybe you can give it a try, if you have your dev environment set up. The only thing you need is to create an azure app configuration in German cloud, get the connection string for it, then write a code to create AppConfig client, and try to create or read configuration setting, it should fail. But if you do the same for App Configuration deployed to West US, all will work fine.
https://github.com/Azure/azure-sdk-for-python/blob/c8291ac6cb0dbd865da03a88dd2bcb9279e2c4a6/sdk/appconfiguration/azure-appconfiguration/azure/appconfiguration/_azure_appconfiguration_requests.py
The text was updated successfully, but these errors were encountered: