Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't login to Azure China with Databricks AppId (resource) #804

Open
fjakobs opened this issue May 10, 2023 · 4 comments
Open

Can't login to Azure China with Databricks AppId (resource) #804

fjakobs opened this issue May 10, 2023 · 4 comments

Comments

@fjakobs
Copy link

fjakobs commented May 10, 2023

I'm trying to use the azure-account extension to programmatically get Azure credentials for the Databricks Extension for VSCode.

The AppId for Databricks: 2ff814a6-3304-4ab8-85cb-cd0e6f879c1d

The code I'm using looks like this:

    async acquireToken(
        session: AzureSession,
        resource: string
    ): Promise<Token> {
        return new Promise<Token>((resolve, reject) => {
            const credentials: any = (<any>session).credentials;
            // patch for https://github.com/AzureAD/azure-activedirectory-library-for-nodejs/issues/128
            (session.credentials2.authContext as any)._authority.aadApiVersion =
                "";
            session.credentials2.authContext.acquireToken(
                resource,
                credentials!.username,
                credentials!.clientId,
                function (err: any, result: any) {
                    if (err) {
                        reject(err);
                    } else {
                        resolve({
                            session,
                            accessToken: result.accessToken,
                            refreshToken: result.refreshToken,
                        });
                    }
                }
            );
        });
    }

The code works fine for "normal" Azure but fails for Azure China.

Screenshot 2023-05-10 at 11 25 51

With the az CLI it works fine:

% az cloud set --name AzureChinaCloud                                          
(base) fabian.jakobs@NM4Y0F6NN6 Workspaces % az login
A web browser has been opened at https://login.chinacloudapi.cn/organizations/oauth2/v2.0/authorize. Please continue the login in the web browser. If no web browser is available or if the web browser fails to open, use device code flow with `az login --use-device-code`.
URL https://login.chinacloudapi.cn/organizations/oauth2/v2.0/token
[
  {
    "cloudName": "AzureChinaCloud",
    "homeTenantId": "XXXXX",
    "id": "XXXXX",
    "isDefault": true,
    "managedByTenants": [
      {
        "tenantId": "XXXXX"
      },
      {
        "tenantId": "XXXXX"
      },
      {
        "tenantId": "XXXXX"
      }
    ],
    "name": "Test",
    "state": "Enabled",
    "tenantId": "XXXXX",
    "user": {
      "name": "[email protected]",
      "type": "user"
    }
  }
]
  • VS Code Version: 1.77.3
  • Azure Account Extension Version: 0.11.4
  • OS Version: OSX 13.3.1 (a)

Are you connected to a proxy server? No
@fjakobs
Copy link
Author

fjakobs commented May 10, 2023

CC @isidorn, @binderjoe as discussed

@isidorn
Copy link

isidorn commented May 10, 2023

@TylerLeonhardt and @bwateratmsft should be able to help here

@bwateratmsft
Copy link
Contributor

/cc @alexweininger as well. @fjakobs you've set the azure.cloud setting in VSCode, right?

@fjakobs
Copy link
Author

fjakobs commented May 10, 2023

@bwateratmsft yes, I did set the azure.cloud setting.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fjakobs @isidorn @bwateratmsft