[jira] [Commented] (JCLOUDS-1330) Azure ARM orphaned networks not cleaned up when node deleted

[ https://issues.apache.org/jira/browse/JCLOUDS-1330?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16370300#comment-16370300 ] Jim Spring commented on JCLOUDS-1330: - I think a specific deletion of a resource group should delete

Re: [jclouds/jclouds-labs] JCLOUDS-1362: Proper password generation with custom constraints for each cloud (#430)

@nacx LGTM -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/430#issuecomment-355629218

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 8f3744b syntax fixes -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/c9f871301c2d6b123d4c58f5ddde1354a10e5119..8f3744b33e4f474cca9037dff2a556e6ee410c82

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@nacx See my note in Slack re: Predicate factories. Here are the test results: ``` --- T E S T S --- Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. c9f8713 changes based off of PR feedback -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/fd8c5fc24a283dba3f1ed0884ad89234bb6a1cd8..c9f871301c2d6b123d4c58f5ddde1354a10e5119

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@nacx - all the requested changes should be in -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416#issuecomment-352896792

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. fd8c5fc refactor azure predicates -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/1d48e0fe42abbe2ed7b630c376d66806665921d5..fd8c5fc24a283dba3f1ed0884ad89234bb6a1cd8

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 1d48e0f add request body check to mock tests, improve stability of live test ordering -- You are receiving this because you are subscribed to this thread. View it on GitHub:

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. fd2c2e1 use predicates for wait -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/3dcf25eb34f2965e1301de0ef5dbb54574f2ffd4..fd2c2e191d00d35ef3f7222497e8bf8807fd40f5

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 2 commits. 77b0e00 first part of PR request feedback 3dcf25e PR feedback, part 2 -- You are receiving this because you are subscribed to this thread. View it on GitHub:

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. b3b1164 fix lint issues -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/5fdc2519bda0002ab366890c49be869e70e9663f..b3b1164b284996fbe50914f5bfe4b8dd2e9edc10

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 5fdc251 don't use wildcard import -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/fb858b5491b912f696c7ab61216f3fb73eb6919d..5fdc2519bda0002ab366890c49be869e70e9663f

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. fb858b5 integrate updated graphrbac api -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/be61d50fe8b6561a2dc638b753cffc2fe3a95102..fb858b5491b912f696c7ab61216f3fb73eb6919d

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. be61d50 Merge branch 'master' into feature/keyvault-crud -- You are receiving this because you are subscribed to this thread. View it on GitHub:

Re: [jclouds/jclouds-labs] Injectable current service principal (#424)

jmspring requested changes on this pull request. Need to be more flexible in handling the oauth endpoint. > @ConfiguresHttpApi public class AzureComputeHttpApiModule extends HttpApiModule { + private static final Pattern OAUTH_TENANT_PATTERN = Pattern +

Re: [jclouds/jclouds-labs] Injectable current service principal (#424)

@nacx - this worked well. Some thoughts re: ObjectID and KeyVault -- the current tests use the configured service principal and give access to that SP for the generated vault for purposes of the tests. It is possible to grant access to other service principals as well. So access to the

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 3 commits. b994b6a crypto apis and live tests bd9cbd7 add crypto mock tests 36e3c64 Merge pull request #2 from jmspring/feature/keyvault-crypto -- You are receiving this because you are subscribed to this thread. View it on GitHub:

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 74ecb1b modify how version handled for certs/keys/secrets -- You are receiving this because you are subscribed to this thread. View it on GitHub:

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 65d4099 support dynamic oauth -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/f43172e01c2f1b30f342d2742bf4ce31415f3927..65d40992ad85db95908653b339fb9aecdedbe7e9

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. f43172e merge current head -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/8006a5a405cbadd82a217c0248c7e530d2a81ec4..f43172e01c2f1b30f342d2742bf4ce31415f3927

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 8006a5a missing resource -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/3f94a9924e7c422f3b7afa0726afaaa4d6a4c8bb..8006a5a405cbadd82a217c0248c7e530d2a81ec4

Re: [jclouds/jclouds] OAuth filter customization per request (#1160)

LGTM. Some test failures I was seeing, wholly unrelated and will retest those and open issues accordingly. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds/pull/1160#issuecomment-347739730

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@nacx - added Merge tests. Let me know when I should update PR to include OAuth dynamic patch. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416#issuecomment-347728489

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 3f94a99 add merge mock tests -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/d477519731ec9a9b20e68f405e42a9163313b8d3..3f94a9924e7c422f3b7afa0726afaaa4d6a4c8bb

Re: [jclouds/jclouds] OAuth filter customization per request (#1160)

I’ll update my code this morning if there are any changes and can run the ARM tests and get back in a bit. Sent from my iThingy > On Nov 28, 2017, at 06:06, Andrea Turli wrote: > > from slack conversation, I understand @nacx already tested this with GCE, so > lgtm!

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. d477519 make checkstyle happy -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/0d04b2be044b5111d641c015484942e2fabbf69e..d477519731ec9a9b20e68f405e42a9163313b8d3

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@nacx - Most of the changes you requested are done. Where "Date" is specified in the Azure KeyVault REST docs, I've used a Date type. In the case where it is a "unix timestamp", I've gone with Integer. Re: KeyVaultFilter - the issue is Vault URIs for OAuth verification differ from the

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 0d04b2b fix typo -- You are receiving this because you are subscribed to this thread. View it on GitHub: https://github.com/jclouds/jclouds-labs/pull/416/files/578dd76f7b80e32b03812d14f4461562aa62c607..0d04b2be044b5111d641c015484942e2fabbf69e

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 578dd76 use integers for unix time stamp fields, immutable lists and maps, non-null collections -- You are receiving this because you are subscribed to this thread. View it on GitHub:

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 95ec187 remove TrueIf2xx; Null on 404 Fallback for Patch/Post/Put -- You are receiving this because you are subscribed to this thread. View it on GitHub:

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@andreaturli - updates per your request. I hadn't caught those changes when doing the PR. Probably the side affect of a refactor / reformat via IntelliJ. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub:

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 1 commit. 342965b updates based off comments from @andreaturli -- You are receiving this because you are subscribed to this thread. View it on GitHub:

Re: [jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

@jmspring pushed 2 commits. 59f8328 Fix build and checkstyle ba42d3e Merge pull request #1 from nacx/fix-build -- You are receiving this because you are subscribed to this thread. View it on GitHub:

[jclouds/jclouds-labs] Add Azure KeyVault support -- vault management and certificate/key/secret operations (#416)

This PR builds off the initial work done by @andreaturli. It implements the following functionality: - KeyVault management - Certificate operations - Key operations - Secret operations Currently, in "Key operations", two functions are there, but not tested: - [Merge

Re: [jclouds/jclouds-labs] JCLOUDS-1304: add azure customdata, JCLOUDS-1305: add support for ssh keys in keyvault (#398)

@andreaturli - I hope to have some progress on this this week. I'm going through the live tests now for Vault API. Do you have thoughts on externalizing the tenantId which is hard coded in the live test? -- You are receiving this because you are subscribed to this thread. Reply to this

Re: [jclouds/jclouds-labs] JCLOUDS-1304: add azure customdata, JCLOUDS-1305: add support for ssh keys in keyvault (#398)

Ok, I will start with looking into that. On October 3, 2017 at 3:04:57 AM, Andrea Turli (notificati...@github.com) wrote: Excellent @jmspring I can't list/create keys or certificates into a newly created key vault because of an Authorization issue — You are

Re: [jclouds/jclouds-labs] JCLOUDS-1304: add azure customdata, JCLOUDS-1305: add support for ssh keys in keyvault (#398)

Andrea - I'll be getting back to this in depth tomorrow. I looked at your work and some that was done internally. I'm happy to look at your branch and do PRs to it. For the next couple of days it's my focus. What auth issues are you having? -j On Sep 29, 2017 11:33 AM, "Andrea Turli"

Re: [jclouds/jclouds-labs] JCLOUDS-1304: add azure customdata, JCLOUDS-1305: add support for ssh keys in keyvault (#398)

Andrea, Ignasi - I guess Vikas never came back on the one PR? I'm actually working on the KeyVault stuff myself at the moment. -j On Sep 29, 2017 2:41 AM, "Andrea Turli" wrote: > thanks @nacx fyi I'm looking at KeyVaultApi, > focusing on

[jira] [Commented] (JCLOUDS-1304) Azure: Support for custom data during VM creation to support the injection of cloud-init user-data

[ https://issues.apache.org/jira/browse/JCLOUDS-1304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162128#comment-16162128 ] Jim Spring commented on JCLOUDS-1304: - [~nacx] Is this a duplicate of https://issues.apache.org

[jira] [Commented] (JCLOUDS-1330) Azure ARM orphaned networks not cleaned up when node deleted

[ https://issues.apache.org/jira/browse/JCLOUDS-1330?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162125#comment-16162125 ] Jim Spring commented on JCLOUDS-1330: - I'll look at the diff, but is the proposal to delete

Re: [jclouds/jclouds-labs] Subscription ID wasn't being substituted (#406)

@nacx Default oauth.endpoint added. Tested with compute-basics. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/406#issuecomment-318734863

Re: [jclouds/jclouds-labs] Subscription ID wasn't being substituted (#406)

It makes sense. I'll plumb it into the pr today. -j On Jul 28, 2017 12:12 AM, "Ignasi Barrera" wrote: > I think this > > is the offending commit. > > Having the property makes

Re: [jclouds/jclouds-labs] Subscription ID wasn't being substituted (#406)

@nacx -- at some point the endpoint URL for Azure ARM calls broke. This PR fixes that. I'm not sure when/how the exact breakage (change to JClouds maybe?) occurred. Tested using jclouds-examples/compute-basics. -- You are receiving this because you are subscribed to this thread. Reply to

Re: [jclouds/jclouds] JCLOUDS-1148 JWTBearerTokenFlow.tokenCache never hits (#988)

Hey, just seeing this. Let me take a look and comment a bit later today. -j On Mon, Aug 8, 2016 at 4:30 PM, daniel-h-rech wrote: > I see no reference to ClientSecret in ClientCredentialsJWTBearerTokenFlow, > only in ClientCredentialsSecretFlow. > >

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

@nacx -- all changes should be in. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/280#issuecomment-224309967

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

> + > + final NetworkSecurityGroupApi nsgApi = > api.getNetworkSecurityGroupApi(resourcegroup); > + NetworkSecurityGroup result = nsgApi.createOrUpdate(DEFAULT_NSG_NAME, > + nsg.location(), > +

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

> + public void deleteNetworkSecurityRule() { > + final NetworkSecurityRule rule = createRule(); > + assertNotNull(rule); > + > + final NetworkSecurityRuleApi ruleApi = > api.getNetworkSecurityRuleApi(resourcegroup, DEFAULT_NSG_NAME); > + URI uri =

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

@nacx -- two lingering comments in place --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/280#issuecomment-224158501

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

Reopened #280. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/280#event-683789942

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

> + "*", > + NetworkSecurityRuleProperties.Access.Allow, > + 4094, > + NetworkSecurityRuleProperties.Direction.Inbound)); > + return rule; > + } > + > + public void createNetworkSecurityRule() throws InterruptedException

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

> + assertNotNull(rule); > + > + final NetworkSecurityRuleApi ruleApi = > api.getNetworkSecurityRuleApi(resourcegroup, DEFAULT_NSG_NAME); > + List result = ruleApi.list(); > + > + assertNotNull(result); > + assertEquals(result.size(), 2); > + > + boolean rulePresent

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

> + > + final NetworkSecurityGroupApi nsgApi = > api.getNetworkSecurityGroupApi(resourcegroup); > + NetworkSecurityGroup result = nsgApi.createOrUpdate(DEFAULT_NSG_NAME, > + nsg.location(), > +

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

> +public class NetworkSecurityGroupApiLiveTest extends > BaseAzureComputeApiLiveTest { > + > + private String resourcegroup; > + private static String DEFAULT_NSG_NAME = "testNetworkSecurityGroup"; > + > + private NetworkSecurityGroup createGroup() { > + NetworkSecurityRule rule =

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

> + } > + > + @Nullable > + public abstract String description(); > + > + public abstract Protocol protocol(); > + > + @Nullable > + public abstract String sourcePortRange(); > + > + @Nullable > + public abstract String destinationPortRange(); > + > + public abstract String

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

> + for (int i = 0; i < result.size(); i++) { > + if (result.get(i).name().equals(rule.name())) { > +rulePresent = true; > +break; > + } > + } > + assertTrue(rulePresent); > + } > + > + @Test(groups = "live", dependsOnMethods =

Re: [jclouds/jclouds-labs] Network Security Group API (#280)

> + > + final NetworkSecurityGroupApi nsgApi = > api.getNetworkSecurityGroupApi(resourcegroup); > + NetworkSecurityGroup result = nsgApi.createOrUpdate(DEFAULT_NSG_NAME, > + nsg.location(), > +

[jclouds/jclouds-labs] Network Security Group API (#280)

@nacx This is the Azure Resource Manager Network Security Group/Network Security Rule API. A new PR was issued due to some merge issues putting original PR into a bad state. @ritazh has done a pass through this already on the old PR. You can view, comment on, or merge this pull request online

Re: [jclouds/jclouds-labs] Network Security Group API and Network Security Group Rule API (#278)

Closed #278. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/278#event-682996931

Re: [jclouds/jclouds-labs] Network Security Group API and Network Security Group Rule API (#278)

Redoing due to PR / tree getting into a bad state. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/278#issuecomment-223989638

Re: [jclouds/jclouds-labs] Network Security Group API and Network Security Group Rule API (#278)

URI used for delete, tests updated. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-labs/pull/278#issuecomment-223340548

Re: [jclouds/jclouds-labs] Network Security Group API and Network Security Group Rule API (#278)

> +@QueryParams(keys = "api-version", values = "2016-03-30") > +@RequestFilters(OAuthFilter.class) > +@Consumes(MediaType.APPLICATION_JSON) > +public interface NetworkSecurityGroupApi { > + > + @Named("networksecuritygroup:list") > + @GET > + @SelectJson("value") > +

Re: [jclouds/jclouds-labs] Network Security Group API and Network Security Group Rule API (#278)

> + @GET > + @SelectJson("value") > + @Fallback(EmptyListOnNotFoundOr404.class) > + List list(); > + > + @Named("networksecuritygroup:delete") > + @Path("/{networksecuritygroupname}") > + @DELETE > + @ResponseParser(FalseOn204.class) > + boolean

[jclouds/jclouds-labs] Network Security Group API and Network Security Group Rule API (#278)

@nacx This pull request implements the REST API calls for Azure Resource Manager Network Security Group and Network Security Rule APIs (they do intersect). This PR has no dependencies on any PRs outside what is currently in master for jclouds-labs. You can view, comment on, or merge this pull

Re: [jclouds/jclouds-labs] JCLOUDS-664 Azurecompute-arm DeploymentApi OSImageApi VMSizeApi (#273)

> + "\"template\" : " + template + ", " + > + "\"mode\" : \"" + mode + "\", " + > + "\"parameters\" : " + parameters + " " + > + " } " + > + "}"; > +return body; > +} >

Re: [jclouds/jclouds-labs] JCLOUDS-664 Azurecompute-arm DeploymentApi OSImageApi VMSizeApi (#273)

> + > +import java.util.List; > +import java.util.Map; > + > +@AutoValue > +public abstract class DeploymentTemplate { > + > + //Empty placeholders as we want to generate the empty JSON object > + @AutoValue > + public abstract static class Parameters { > + public static Parameters

Re: [jclouds/jclouds-labs] JCLOUDS-664 Azurecompute-arm DeploymentApi OSImageApi VMSizeApi (#273)

> + "\"template\" : " + template + ", " + > + "\"mode\" : \"" + mode + "\", " + > + "\"parameters\" : " + parameters + " " + > + " } " + > + "}"; > +return body; > +} >

Re: [jclouds/jclouds] client credentials JWT support (#952)

@nacx -- all edits should be in place. local build completing successfully. Will check PR build in a bit. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds/pull/952#issuecomment-220393228

Re: [jclouds/jclouds] client credentials JWT support (#952)

@nacx -- here is an update to Azure OAuth support. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds/pull/952#issuecomment-219448822

[jclouds/jclouds] client credentials JWT support (#952)

This pull request adds support for using certificate authentication via the client_credentials grant type and JWT. One note, I was unable to do a full "mvn clean install" as the build failed somewhere unrelated to OAuth. You can view, comment on, or merge this pull request online at:

Re: [jclouds/jclouds-labs] JCLOUDS-664 Azurecompute-arm StorageAccountApi (#259)

Also @nacx - I think there is a benefit of being able to distinguish between a 200 and 204, mostly in the case to allow the caller to maybe catch the case where the resource specified should be there, but maybe the name was wrong. --- You are receiving this because you are subscribed to this

Re: [jclouds/jclouds-labs] JCLOUDS-664 Azurecompute-arm StorageAccountApi (#259)

@nacx Using 204 for a fallback is not going to work, from my understanding of the code. If you step through BaseHttpCommandExecutorService.invoke where the HTTP request is made. Only in the path where an error code is not 2XX, is the path to check for fallbacks triggered. Specifically, the

Re: [jclouds/jclouds] Add support for Azure AD authentication using Service Principal (#941)

Done. Thanks for your feedback. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds/pull/941#issuecomment-204381791

Re: [jclouds/jclouds] Add support for Azure AD authentication using Service Principal (#941)

@nacx -- Updates pushed. One note - regarding "scopes" for Azure, I made it an optional injection, per your feedback. For interactions with Azure Resource Manager APIs, scope, at least for the Credential/Password path, is not used. There are scenarios where it appears to be, but I have not

Re: [jclouds/jclouds] Add support for Azure AD authentication using Service Principal (#941)

I'm not seeing the failures in oauth core, which is where the changes are. The failure seems to be in openstack. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub:

Re: [jclouds/jclouds] Add support for Azure AD authentication using Service Principal (#941)

@nacx thanks for the feedback. Recommendations integrated. Waiting on build to complete, feedback integrated. I did have to make "audience" injectable for JWTBearerTokenFlow in the same manner I had to do for "resource" in ClientCredentialsSecretFlow. --- You are receiving this because you

Re: [jclouds/jclouds] Add support for Azure AD authentication using Service Principal (#941)

> +*/ > + public static final String AZURE_CREDENTIAL = "oauth.azure-credential"; > + > + /** > +* When using oauth with Azure Active Direction and Client Credentials, > an "azure-identity" > +* is the GUID associated with an application given permssion to perform > operations in

Re: [jclouds/jclouds] Add support for Azure AD authentication using Service Principal (#941)

> +*/ > + public static final String AZURE_CREDENTIAL = "oauth.azure-credential"; > + > + /** > +* When using oauth with Azure Active Direction and Client Credentials, > an "azure-identity" > +* is the GUID associated with an application given permssion to perform > operations in

Re: [jclouds/jclouds] Add support for Azure AD authentication using Service Principal (#941)

> +*/ > + public static final String AZURE_CREDENTIAL = "oauth.azure-credential"; > + > + /** > +* When using oauth with Azure Active Direction and Client Credentials, > an "azure-identity" > +* is the GUID associated with an application given permssion to perform > operations in

[jclouds/jclouds] Add support for Azure AD authentication using Service Principal (#941)

Per discussion with @nacx regarding jclouds-labs PR https://github.com/jclouds/jclouds-labs/pull/250, isolating Azure AD Oauth changes into the JClouds oauth module. Per README, tested as follows: ``` mvn clean install -Plive \ -Dtest.oauth.identity= \ -Dtest.oauth.credential= \

Re: [jclouds/jclouds-labs] JCLOUDS-664 Azurecompute-arm ResourceGroupApi (#250)

@nacx One other question around OAuth properties, specifically in regard to the live tests. Azure AD Oauth, as mentioned previously, is currently ID/Secret based. I will add support for ID/Certificate, but it also differs from the JWT implementation currently in the code base. This raises a

Re: [jclouds/jclouds-labs] JCLOUDS-664 Azurecompute-arm ResourceGroupApi (#250)

> + * Cache > + * This maintains a time-based Bearer Token cache. By default expires after > 59 minutes > + * (the maximum time a token is valid is 60 minutes). > + * This cache and expiry period is system-wide and does not attend to > per-instance expiry time > + * (e.g. "expires_in" from

Re: [jclouds/jclouds-labs] JCLOUDS-664 Azurecompute-arm ResourceGroupApi (#250)

@nacx - Regarding Oauth, I am working on a separate PR for it into JClouds proper. The one question I do have, however, is the chicken and egg issue of doing a PR for OAuth into JClouds then this initial PR, since it will rely on those OAuth changes. Should it be multistage - 1. Get the