Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
apacheGH-39343: [C++][FS][Azure] Add client secret auth configuration (
Browse files Browse the repository at this point in the history
…apache#39346)

### Rationale for this change
Client is a useful Azure authentication

### What changes are included in this PR?
Implement `AzureOptions::ConfigureClientSecretCredential`

### Are these changes tested?
Simple unittest

### Are there any user-facing changes?
Client secret auth is now supported on the Azure filesystem. 

* Closes: apache#39343

Authored-by: Thomas Newton <thomas.w.newton@gmail.com>
Signed-off-by: Sutou Kouhei <kou@clear-code.com>
Tom-Newton authored and dgreiss committed Feb 17, 2024

Verified

This commit was signed with the committer’s verified signature.
1 parent c204ba8 commit 3558163
Showing 3 changed files with 22 additions and 0 deletions.
10 changes: 10 additions & 0 deletions cpp/src/arrow/filesystem/azurefs.cc
Original file line number Diff line number Diff line change
@@ -113,6 +113,16 @@ Status AzureOptions::ConfigureAccountKeyCredential(const std::string& account_na
return Status::OK();
}

Status AzureOptions::ConfigureClientSecretCredential(const std::string& account_name,
const std::string& tenant_id,
const std::string& client_id,
const std::string& client_secret) {
credential_kind_ = CredentialKind::kTokenCredential;
token_credential_ = std::make_shared<Azure::Identity::ClientSecretCredential>(
tenant_id, client_id, client_secret);
return Status::OK();
}

Status AzureOptions::ConfigureDefaultCredential(const std::string& account_name) {
credential_kind_ = CredentialKind::kTokenCredential;
token_credential_ = std::make_shared<Azure::Identity::DefaultAzureCredential>();
5 changes: 5 additions & 0 deletions cpp/src/arrow/filesystem/azurefs.h
Original file line number Diff line number Diff line change
@@ -110,6 +110,11 @@ struct ARROW_EXPORT AzureOptions {
Status ConfigureAccountKeyCredential(const std::string& account_name,
const std::string& account_key);

Status ConfigureClientSecretCredential(const std::string& account_name,
const std::string& tenant_id,
const std::string& client_id,
const std::string& client_secret);

bool Equals(const AzureOptions& other) const;

std::string AccountBlobUrl(const std::string& account_name) const;
7 changes: 7 additions & 0 deletions cpp/src/arrow/filesystem/azurefs_test.cc
Original file line number Diff line number Diff line change
@@ -271,6 +271,13 @@ class AzureHierarchicalNSEnv : public AzureEnvImpl<AzureHierarchicalNSEnv> {
bool WithHierarchicalNamespace() const final { return true; }
};

TEST(AzureFileSystem, InitializeFilesystemWithClientSecretCredential) {
AzureOptions options;
ARROW_EXPECT_OK(options.ConfigureClientSecretCredential(
"dummy-account-name", "tenant_id", "client_id", "client_secret"));
EXPECT_OK_AND_ASSIGN(auto fs, AzureFileSystem::Make(options));
}

TEST(AzureFileSystem, InitializeFilesystemWithDefaultCredential) {
AzureOptions options;
ARROW_EXPECT_OK(options.ConfigureDefaultCredential("dummy-account-name"));

0 comments on commit 3558163

Please sign in to comment.