Is your feature request related to a problem? Please describe.
Support for authentication using Manage Identities was added in #114, but the documentation was note updated with any examples on how to use this. On the surface it would appear that you simply pass in a DefaultAzureCredential
to the TokenCredential
property, however this does not work out of the box for me.
Given a Startup.cs that looks like:
public override void Configure(IFunctionsHostBuilder builder)
{
IConfigurationRoot config =
new ConfigurationBuilder()
.SetBasePath(Directory.GetCurrentDirectory())
.AddJsonFile("local.settings.json", optional: true, reloadOnChange: true)
.AddEnvironmentVariables()
.Build();
DefaultAzureCredential credential = new DefaultAzureCredential();
builder.Services.AddCosmosRepository(options =>
{
options.CosmosConnectionString = config["Cosmos:ConnectionString"];
options.DatabaseId = config["Cosmos:DatabaseId"];
options.ContainerPerItemType = true;
options.TokenCredential = credential;
options.ContainerBuilder.Configure<DeviceTwinUpdate>(
containerOptions =>
containerOptions
.WithContainer("DeviceTwinUpdates")
// TODO: Configure Partition Key
);
options.ContainerBuilder.Configure<DeviceTelemetry>(
containerOptions =>
containerOptions
.WithContainer("DeviceTelemetry")
// TODO: Configure Partition Key
);
});
}
and a Function1.cs that looks like:
private readonly IRepository<DeviceTwinUpdate> _deviceTwinUpdateRepository;
private readonly IRepository<DeviceTelemetry> _deviceTelemetryRepository;
public Function1(IRepositoryFactory factory, CosmosClient cosmosClient)
{
_deviceTwinUpdateRepository = factory.RepositoryOf<DeviceTwinUpdate>();
_deviceTelemetryRepository = factory.RepositoryOf<DeviceTelemetry>();
}
[FunctionName("Function1")]
public async Task<IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = null)] HttpRequest req,
ILogger log)
{
try
{
var twin = await _deviceTwinUpdateRepository.GetAsync((a) => a.Id.Equals("321"));
var telemetry = await _deviceTelemetryRepository.GetAsync((a) => a.Id.Equals("123"));
}
catch (Exception ex)
{
var t = "";
}
return new OkObjectResult("Success");
}
where both models directly inherits from Item
public class DeviceTwinUpdate : Item
{
}
public class DeviceTelemetry : Item
{
}
I expect to be able to retrieve data successfully.
However, I encounter the following error "Invalid URI: The URI scheme is not valid.", the stack trace is:
at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)
at System.Uri..ctor(String uriString)
at Microsoft.Azure.Cosmos.CosmosClient..ctor(String accountEndpoint, TokenCredential tokenCredential, CosmosClientOptions clientOptions)
at Microsoft.Azure.CosmosRepository.Providers.DefaultCosmosClientProvider.GetCosmoClient()
at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
at System.Lazy`1.ExecutionAndPublication(LazyHelper executionAndPublication, Boolean useDefaultConstructor)
at System.Lazy`1.CreateValue()
at System.Lazy`1.get_Value()
at Microsoft.Azure.CosmosRepository.Providers.DefaultCosmosClientProvider.UseClientAsync[T](Func`2 consume)
at Microsoft.Azure.CosmosRepository.Services.DefaultCosmosContainerService.GetContainerAsync[TItem](Boolean forceContainerSync)
at Microsoft.Azure.CosmosRepository.Providers.DefaultCosmosContainerProvider`1.<>c__DisplayClass1_0.<<-ctor>b__0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
I have isolated the error to be something with my DefaultAzureCredential
that I pass to TokenCredential
. I am running this inside Visual Studio 2019 which I am signed into with my Azure Account and this account is selected in the Azure Service Authentication
section of my settings.
If I remove the setting of options.TokenCredential
then my call succeeds. I have investigated the properties available for the DefaultAzureCredentialOptions
parameter of DefaultAzureCredentials
but none look particularly applicable or relevant for my use case.
Describe the solution you'd like
As outlined above there needs to be better guidance on how to use Managed Identities with this package.
Describe alternatives you've considered
- I have managed to access data using the standard
CosmosClient
class from the C# SDK using a connection string.
- I have also reviewed all of the samples in this repo and there is no example of using Managed Identity.
- There is a guide here that outlines how to use Managed Identities with the standard library, but I'd much rather use this package as opposed to rolling my own.
Additional context
None