Unable to authenticate in node using @azure/identity DefaultAzureCredential()
#234
Comments
|
Here is a short code sample that produces the error when I'm signed in to Visual Studio Code: import { AppConfigurationClient } from "@azure/app-configuration"
import { DefaultAzureCredential } from "@azure/identity"
import { setLogLevel } from "@azure/logger"
setLogLevel("verbose")
const start = async () => {
const credentials = new DefaultAzureCredential()
const appConfigClient = new AppConfigurationClient("[app configuration endpoint]", credentials)
console.log(await appConfigClient.getConfigurationSetting({ key: "inf/cdnUrl" }))
}
start().catch((error) => {
console.error(error)
process.exit(1)
})Edit: Swapping out |
|
@rudfoss This doesn't seem to be using the Azure Account extension to get the credentials. You can get the API of this extension using: The API is here: vscode-azure-account/src/azure-account.api.d.ts Lines 15 to 28 in 68227a3 You would want to get |
|
Hmm... so the documentation here is wrong where it says specifically:
? Or am I just doing it wrong? Am I supposed to call I've also tried replacing |
|
Oh, I see! I was unaware the the sdk team had added this feature, it looks like they just read the same storage key this extension writes to. It looks like signing out isn't clearing an expired credential for you. I think I have a fix for it, but since I'm not able to easily get into this state, can you help validate it? You can install this extension by changing the file extension to |
|
Thanks for taking a look at this @RMacfarlane ! I've installed the extension and it now seems to be refreshing the token: I'm still receiving a 403 error when accessing the App Configuration service, but it's working fine for Key Vault secrets now. Thanks for your help! |
|
Any news on when the fix may be released? I'm working on setting up a dev environment for a new project and if we can rely on this working it would greatly simplify how we develop. Simply grab the code, login and all configurations would be ready :) |
|
Saw the release. Thanks a bunch for resolving it! |
|
This issue still appears on my side. A logout doesn't solve it.
Azure Account Extension: 0.10.1 Is there anything I miss about those versions? |
|
@wwlorey For development purposes I'm using it. What other credential types are you referring to? MSAL/ADAL? |
|
Here's a list of available credential types: https://docs.microsoft.com/en-us/dotnet/api/overview/azure/identity-readme#credential-classes |
|
The stored credential is renamed for 0.10.0. I had to manually remove the old credential using Windows Credential Manager before resolving the expired refresh token issue. Previously the name was 'VS Code Azure' See: #443 |
I'm trying to authenticate in VSCode using the
Azure Accountextension as described here:https://github.com/Azure/azure-sdk-for-js/blob/master/sdk/identity/identity/README.md#authenticating-via-visual-studio-code
I've installed
"@azure/identity": "^1.1.0"and I'm using the example above to try to authenticate with Azure to get access to an App Configuration instance, but the authentication fails with the error below.I've tried signing out and back in multiple times and that seems to be working fine. The statusbar in VSCode shows my account and I can pick from my subscriptions.
I've been debugging for a bit and it does not seem that any of the expected environment variables are set once my script runs. Do I need some additional launch configuration to set this up?
I'm currently using this configuration to run my ts-node script:
{ "name": "TS file", "type": "node", "request": "launch", "args": ["${fileBasename}"], "runtimeArgs": [ "-r", "ts-node/register", "-r", "tsconfig-paths/register" ], "cwd": "${fileDirname}", "outputCapture": "std", "resolveSourceMapLocations": [ "${workspaceFolder}/**", "!**/node_modules/**" ], "env": { "NODE_ENV": "development" } },The text was updated successfully, but these errors were encountered: