Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Core] Annotate TokenCredential for auditing #41662

Merged
merged 1 commit into from
Feb 5, 2024
Merged

[Core] Annotate TokenCredential for auditing #41662

merged 1 commit into from
Feb 5, 2024

Conversation

jsquire
Copy link
Member

@jsquire jsquire commented Jan 30, 2024

Summary

The focus of these changes is to annotate the TokenCredential methods that acquire a token as participants in security-related operations which callers may wish to consider auditing.

References and related

@jsquire
[Core] Annotate TokenCredential for auditing
ecbcca9 
The focus of these changes is to annotate the `TokenCredential` methods
that acquire a token as participants in security-related operations which
callers may wish to consider auditing.
@jsquire jsquire added Client This issue points to a problem in the data-plane of the library. Azure.Core labels Jan 30, 2024
@jsquire jsquire added this to the 2024-02 milestone Jan 30, 2024
@jsquire jsquire self-assigned this Jan 30, 2024
@azure-sdk
Copy link
Collaborator

API change check

API changes are not detected in this pull request.

annelo-msft
annelo-msft reviewed Jan 30, 2024
View reviewed changes
Copy link
Member

@annelo-msft annelo-msft left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't have a good understanding of when we add this attribute to libraries, but I know there is established thinking about how we do it ... @jsquire, do we have this written down anywhere? Out of curiosity, what prompted us to add this to Token Credential now? Is it the first instance of adding it to a Core library type? (I am not pushing back, BTW, just seeking to leave a paper-trail to understand the topic better!)

@annelo-msft
Copy link
Member

Also -- it looks like this didn't trigger a new APIView -- is this not considered a public API addition? Or is it not something we track in APIView?

@jsquire
Copy link
Member Author

jsquire commented Jan 30, 2024

Also -- it looks like this didn't trigger a new APIView -- is this not considered a public API addition? Or is it not something we track in APIView?

It is not a change to the public API; the attribute added has internal visibility.

@jsquire
Copy link
Member Author

jsquire commented Jan 30, 2024
edited

I don't have a good understanding of when we add this attribute to libraries, but I know there is established thinking about how we do it ... @jsquire, do we have this written down anywhere? Out of curiosity, what prompted us to add this to Token Credential now? Is it the first instance of adding it to a Core library type? (I am not pushing back, BTW, just seeking to leave a paper-trail to understand the topic better!)

Forwarded you an email thread with context. The internal tracking item is here. The archboard recording and original issue can be found on the linked PR. @tg-msft owns this workstream, please feel free to reach out to him if you're looking for additional context.

@jsquire jsquire merged commit 7068a84 into Azure:main Feb 5, 2024
40 checks passed
@jsquire jsquire deleted the core/annotate-cred branch February 5, 2024 22:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@annelo-msft annelo-msft annelo-msft left review comments

@christothes christothes christothes approved these changes

@tg-msft tg-msft Awaiting requested review from tg-msft

@KrzysztofCwalina KrzysztofCwalina Awaiting requested review from KrzysztofCwalina

@JoshLove-msft JoshLove-msft Awaiting requested review from JoshLove-msft

Assignees

@jsquire jsquire

Labels
Azure.Core Client This issue points to a problem in the data-plane of the library.
Projects
None yet
Milestone
2024-02
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@jsquire @azure-sdk @annelo-msft @christothes