[
https://issues.apache.org/jira/browse/HADOOP-19736?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18041080#comment-18041080
]
ASF GitHub Bot commented on HADOOP-19736:
-----------------------------------------
manika137 commented on code in PR #8051:
URL: https://github.com/apache/hadoop/pull/8051#discussion_r2568722790
##########
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/AbfsConfiguration.java:
##########
@@ -1415,7 +1417,7 @@ public boolean shouldTrackLatency() {
public AccessTokenProvider getTokenProvider() throws
TokenAccessProviderException {
AuthType authType = getEnum(FS_AZURE_ACCOUNT_AUTH_TYPE_PROPERTY_NAME,
AuthType.SharedKey);
- if (authType == AuthType.OAuth) {
+ if (authType == AuthType.OAuth || authType ==
AuthType.UserboundSASWithOAuth) {
Review Comment:
this is with oauth check
> ABFS: Support for new auth type: User-bound SAS
> -----------------------------------------------
>
> Key: HADOOP-19736
> URL: https://issues.apache.org/jira/browse/HADOOP-19736
> Project: Hadoop Common
> Issue Type: Task
> Components: fs/azure
> Affects Versions: 3.4.1, 3.4.2
> Reporter: Manika Joshi
> Assignee: Manika Joshi
> Priority: Major
> Labels: pull-request-available
>
> Adding support for new authentication type: user bound SAS
> User-bound SAS (Shared Access Signature) binds a SAS token to a specific user
> identity rather than just granting access based on possession of the token.
> This approach addresses key vulnerabilities in previous SAS mechanisms.
> The SAS token for it includes identity-binding parameters (e.g., skdutid,
> sduoid) that correspond to the user’s Entra tenant and object ID.
> When accessing storage, the user must present a valid Entra access token
> matching these parameters.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
