Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AzureKeyVaultConfigBuilder doesn't honor enabled="optional" when credentials not set #229

Open
riupko opened this issue Oct 19, 2023 · 0 comments
Open

AzureKeyVaultConfigBuilder doesn't honor enabled="optional" when credentials not set #229

riupko opened this issue Oct 19, 2023 · 0 comments

Comments

@riupko
Copy link

riupko commented Oct 19, 2023
edited

Having the following configuration

<builders> <add name="SimpleJson" mode="Greedy" jsonFile="~\appsettings.json" jsonMode="Sectional" type="Microsoft.Configuration.ConfigurationBuilders.SimpleJsonConfigBuilder, Microsoft.Configuration.ConfigurationBuilders.Json" /> <add name="AzureKeyVault" mode="Strict" enabled="optional" vaultName="${AzureKeyVaultName}" type="Microsoft.Configuration.ConfigurationBuilders.AzureKeyVaultConfigBuilder, Microsoft.Configuration.ConfigurationBuilders.Azure" /> </builders>

and reference to existing Vault Name

<add key="AzureKeyVaultName" value="real-kv" />

I am getting the following runtime exception

[AuthenticationFailedException: DefaultAzureCredential failed to retrieve a token from the included credentials.

  • EnvironmentCredential authentication unavailable. Environment variables are not fully configured.

  • ManagedIdentityCredential authentication unavailable. No Managed Identity endpoint found.

  • SharedTokenCacheCredential authentication failed: Persistence check failed. Inspect inner exception for details

  • Visual Studio Token provider can't be accessed at D:\DWASFiles\Sites\test-emacore-v23__6990\LocalAppData.IdentityService\AzureServiceAuth\tokenprovider.json

  • VisualStudioCodeCredential authentication failed: The operation completed successfully.

  • Azure CLI not installed]
    Azure.Identity.d__14.MoveNext() +1477
    System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
    System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
    System.Threading.Tasks.ValueTask1.get_Result() +147 Azure.Identity.<GetTokenImplAsync>d__12.MoveNext() +1896 Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex) +68 Azure.Identity.<GetTokenImplAsync>d__12.MoveNext() +2055 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64 Azure.Identity.DefaultAzureCredential.GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken) +238 Azure.Security.KeyVault.<AuthenticateRequestAsync>d__9.MoveNext() +1266 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64 Azure.Security.KeyVault.<ProcessCoreAsync>d__8.MoveNext() +1201 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64 Azure.Security.KeyVault.ChallengeBasedAuthenticationPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) +140
    Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory1 pipeline) +600 Azure.Core.Pipeline.<ProcessAsync>d__11.MoveNext() +871 System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +27 Azure.Core.Pipeline.<ProcessAsync>d__11.MoveNext() +1493 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64 Azure.Core.Pipeline.RetryPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) +158
    Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory1 pipeline) +600 Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) +39
    Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory1 pipeline) +600 Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) +39
    Azure.Core.Pipeline.HttpPipelinePolicy.ProcessNext(HttpMessage message, ReadOnlyMemory1 pipeline) +600 Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.Process(HttpMessage message, ReadOnlyMemory1 pipeline) +39
    Azure.Core.Pipeline.HttpPipeline.Send(HttpMessage message, CancellationToken cancellationToken) +590
    Azure.Core.Pipeline.HttpPipeline.SendRequest(Request request, CancellationToken cancellationToken) +59
    Azure.Security.KeyVault.KeyVaultPipeline.SendRequest(Request request, CancellationToken cancellationToken) +19
    Azure.Security.KeyVault.KeyVaultPipeline.GetPage(Uri firstPageUri, String nextLink, Func1 itemFactory, String operationName, CancellationToken cancellationToken) +430 Azure.Security.KeyVault.Secrets.<>c__DisplayClass13_0.<GetPropertiesOfSecrets>b__0(String nextLink) +148 Azure.Core.<>c__DisplayClass0_01.b__0(String continuationToken, Nullable1 pageSizeHint) +10 Azure.Core.<AsPages>d__2.MoveNext() +69 Azure.<GetEnumerator>d__8.MoveNext() +131 Microsoft.Configuration.ConfigurationBuilders.AzureKeyVaultConfigBuilder.GetAllKeys() +114 Microsoft.Configuration.ConfigurationBuilders.AzureKeyVaultConfigBuilder.<LazyInitialize>b__23_0() +5 System.Lazy1.CreateValue() +429
    System.Lazy1.LazyInitValue() +158 System.Lazy1.get_Value() +79
    Microsoft.Configuration.ConfigurationBuilders.AzureKeyVaultConfigBuilder.GetValue(String key) +109
    Microsoft.Configuration.ConfigurationBuilders.KeyValueConfigBuilder.GetValueInternal(String key) +215

[KeyValueConfigBuilderException: 'AzureKeyVault' GetValue() Error: DefaultAzureCredential failed to retrieve a token from the included credentials.

  • EnvironmentCredential authentication unavailable. Environment variables are not fully configured.

  • ManagedIdentityCredential authentication unavailable. No Managed Identity endpoint found.

  • SharedTokenCacheCredential authentication failed: Persistence check failed. Inspect inner exception for details

  • Visual Studio Token provider can't be accessed at D:\DWASFiles\Sites\test-emacore-v23__6990\LocalAppData.IdentityService\AzureServiceAuth\tokenprovider.json

  • VisualStudioCodeCredential authentication failed: The operation completed successfully.

  • Azure CLI not installed]
    Microsoft.Configuration.ConfigurationBuilders.KeyValueConfigBuilder.GetValueInternal(String key) +329
    Microsoft.Configuration.ConfigurationBuilders.KeyValueConfigBuilder.ProcessConfigurationSection(ConfigurationSection configSection) +281
    System.Configuration.ConfigurationBuilderChain.ProcessConfigurationSection(ConfigurationSection configSection) +129

Due to enabled="optional" I expect this error to be suppressed and environment is working based on SimpleJson configuration only.
@riupko riupko changed the title AzureKeyVaultConfigBuilder doesn't honor enabled= optional AzureKeyVaultConfigBuilder doesn't honor enabled="optional" when credentials not set Oct 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@riupko