Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG]AZURE_USERNAME is case sensitive for use with DefaultAzureCredential(). #10816

Closed
MarkAtAgilliance opened this issue Mar 24, 2020 · 3 comments · Fixed by #11859
Closed

[BUG]AZURE_USERNAME is case sensitive for use with DefaultAzureCredential(). #10816

MarkAtAgilliance opened this issue Mar 24, 2020 · 3 comments · Fixed by #11859
Assignees
@schaabs
Labels
Azure.Identity bug This issue requires a change to an existing behavior in the product in order to be resolved. Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization.
Milestone
[2020] June

Comments

@MarkAtAgilliance
Copy link

Describe the bug
AZURE_USERNAME is case sensitive for use with DefaultAzureCredential(). If the case of this environment variable differs to the actual visual studio account case (when there are multiple accounts), then the request to upload a blob using this credential fails. Possibly related to #10543?

Expected behavior
I have several Azure accounts in my Visual Studio. One of them is [email protected].
When I Enter [email protected] into a NetCore 3.1 app as a debug environment variable AZURE_USERNAME, I am correctly authenticated against an authorized Azure Blob when using BlobClient.UploadAsync().

Actual behavior (include Exception or Stack Trace)
If my Visual Studio account was registered as [email protected], when the AZURE_USERNAME is [email protected] then the request fails with

Exception occured, see exception details
Azure.Identity.CredentialUnavailableException: DefaultAzureCredential failed to retrieve a token from the included credentials.
EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
ManagedIdentityCredential authentication unavailable, no managed identity endpoint found.
SharedTokenCacheCredential authentication unavailable. No account matching the specified username: [email protected] was found in the cache.
   at Azure.Identity.DefaultAzureCredential.GetTokenAsync(Boolean isAsync, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.DefaultAzureCredential.GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
   at Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
   at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
   at Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Core.Pipeline.HttpPipelineSynchronousPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline)
   at Azure.Storage.Blobs.BlobRestClient.BlockBlob.UploadAsync(ClientDiagnostics clientDiagnostics, HttpPipeline pipeline, Uri resourceUri, Stream body, Int64 contentLength, String version, Nullable`1 timeout, Byte[] transactionalContentHash, String blobContentType, String blobContentEncoding, String blobContentLanguage, Byte[] blobContentHash, String blobCacheControl, IDictionary`2 metadata, String leaseId, String blobContentDisposition, String encryptionKey, String encryptionKeySha256, Nullable`1 encryptionAlgorithm, String encryptionScope, Nullable`1 tier, Nullable`1 ifModifiedSince, Nullable`1 ifUnmodifiedSince, Nullable`1 ifMatch, Nullable`1 ifNoneMatch, String requestId, Boolean async, String operationName, CancellationToken cancellationToken)
   at Azure.Storage.Blobs.Specialized.BlockBlobClient.UploadInternal(Stream content, BlobHttpHeaders blobHttpHeaders, IDictionary`2 metadata, BlobRequestConditions conditions, Nullable`1 accessTier, IProgress`1 progressHandler, String operationName, Boolean async, CancellationToken cancellationToken)
   at Azure.Storage.Blobs.PartitionedUploader.UploadAsync(Stream content, BlobHttpHeaders blobHttpHeaders, IDictionary`2 metadata, BlobRequestConditions conditions, IProgress`1 progressHandler, Nullable`1 accessTier, CancellationToken cancellationToken)
   at Azure.Storage.Blobs.BlobClient.StagedUploadAsync(Stream content, BlobHttpHeaders blobHttpHeaders, IDictionary`2 metadata, BlobRequestConditions conditions, IProgress`1 progressHandler, Nullable`1 accessTier, Nullable`1 singleUploadThreshold, StorageTransferOptions transferOptions, Boolean async, CancellationToken cancellationToken)
   at Azure.Storage.Blobs.BlobClient.UploadAsync(Stream content)

To Reproduce
Steps to reproduce the behavior (include a code snippet, screenshot, or any additional information that might help us reproduce the issue)

These specific steps are untested but represent exactly the changes that causes the failure in my app. the steps mimic those that I did (simply changing the case of the username).

  1. Use any sample with blob access and BlobServiceClient(storageUri, new DefaultAzureCredential(new DefaultAzureCredentialOptions()), blobClientOptions);
  2. Have multiple accounts registered in Visual Studio
  3. Add AZURE_USERNAME to the console app environment variables using same case as one of your account registrations. Run the app and it should succeed.
  4. Change AZURE_USERNAME environment variable and change the case of the [email protected] to be a different case (i.e. [email protected]). Run the app and the above failure occurs.

Environment:
Azure.Storage.Blobs 12.3.0
Azure.Identity 1.1.1
NetStandard 2.1 library
Netcore 3.1 console app running webjob.
VS 16.5

.NET Core SDK (reflecting any global.json):
Version: 3.1.200
Commit: c5123d973b

Runtime Environment:
OS Name: Windows
OS Version: 10.0.18363
OS Platform: Windows
RID: win10-x64
Base Path: C:\Program Files\dotnet\sdk\3.1.200\

Host (useful for support):
Version: 3.1.2
Commit: 916b5cba26

.NET Core SDKs installed:
2.1.802 [C:\Program Files\dotnet\sdk]
3.1.100 [C:\Program Files\dotnet\sdk]
3.1.200 [C:\Program Files\dotnet\sdk]

.NET Core runtimes installed:
Microsoft.AspNetCore.All 2.1.13 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All]
Microsoft.AspNetCore.All 2.1.16 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All]
Microsoft.AspNetCore.App 2.1.13 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 2.1.16 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 3.1.0 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 3.1.2 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
Microsoft.NETCore.App 2.1.9 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.1.13 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 2.1.16 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 3.1.0 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.NETCore.App 3.1.2 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Microsoft.WindowsDesktop.App 3.1.0 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
Microsoft.WindowsDesktop.App 3.1.2 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
@triage-new-issues triage-new-issues bot added the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Mar 24, 2020
@jsquire jsquire added Azure.Identity Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. and removed needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. labels Mar 24, 2020
@jsquire
Copy link
Member

jsquire commented Mar 24, 2020

//cc: @schaabs

@schaabs schaabs self-assigned this Mar 24, 2020
@schaabs schaabs added this to the [2020] May milestone Apr 10, 2020
@schaabs schaabs mentioned this issue May 6, 2020
Merged
@schaabs schaabs modified the milestones: [2020] May, [2020] June May 6, 2020
@schaabs
Copy link
Member

schaabs commented May 6, 2020

@MarkAtAgilliance thanks for filing this issue. I have a fix for this in the linked pull request #11859. Unfortunately this missed our last preview release, but should be included in our next preview release 1.2.0-preview.4 in early June, and would be available in a GA version some time this summer. If there is an critical need for a GA fix sooner we could possibly release a patch fix to 1.1.1, just let us know.

@schaabs schaabs added the bug This issue requires a change to an existing behavior in the product in order to be resolved. label May 6, 2020
@MarkAtAgilliance
Copy link
Author

Thanks Scott, the workaround (using same case in both account and env variable) works for us.
I can post a SO Q&A so others will hopefully resolve this in the meantime.
Regards, Mark.

@MarkAtAgilliance MarkAtAgilliance mentioned this issue Jun 15, 2020
Closed
@github-actions github-actions bot locked and limited conversation to collaborators Mar 28, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@schaabs schaabs

Labels
Azure.Identity bug This issue requires a change to an existing behavior in the product in order to be resolved. Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization.
Projects
None yet
Milestone
[2020] June
Development

Successfully merging a pull request may close this issue.

Identity fix SharedTokenCache account filter to be case-insensitive schaabs/azure-sdk-for-net
3 participants
@jsquire @schaabs @MarkAtAgilliance