MSAL Python 1.24.0 #592
MSAL Python 1.24.0 #592
Conversation
Remove wam_telemetry, for now
Use a neutral name to hopefully avoid false alarm
Surface msal telemetry as a long opaque string. It was already shipped as 1.24.0b1 and adopted by Azure CLI 2.51. Now merging it back to dev, so that it will be in next stable release.
Fix typo in test names (warnning → warning)
Add enable_pii_log and wire it up with MsalRuntime
Turns out we do not really need a full-blown Timeable class Refactor to use pytest and pytest-benchmark Calibrate ratios Adjust detection calculation Experimenting different reference workload Add more iterations to quick test cases Tune reference and each test case to be in tenth of second Go with fewer loop in hoping for more stable time Relax threshold to 20% One more run Use 40% threshold Use larger threshold 0.4 * 3 Refactor to potentially use PyPerf Automatically choose the right number and repeat Remove local regression detection, for now
Experimenting not using GPO Use vanilla git command to publish Do not run benchmark in matrix Skip chatty test case discovery during benchmark
Guarding against perf regression for acquire_token_for_client()
This way, it will remain visible even if it is rendered on web. The choice of curly brackets is influenced by URL Template RFC 6570.
rayluo
force-pushed
the
release-1.24.0
branch
6 times, most recently
from
e277f12 to
f894fb7
Compare
rayluo
force-pushed
the
release-1.24.0
branch
from
f894fb7 to
e1b2b34
Compare
rayluo
force-pushed
the
release-1.24.0
branch
from
e1b2b34 to
66fc6eb
Compare
| The thumbprint is available in your app's registration in Azure Portal. | ||
| Alternatively, you can `calculate the thumbprint <https://github.com/Azure/azure-sdk-for-python/blob/07d10639d7e47f4852eaeb74aef5d569db499d6e/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py#L94-L97>`_. |
There was a problem hiding this comment.
It may not be a good idea to rely on a downstream library azure-identity's code.
The code from https://github.com/Azure/azure-sdk-for-python/blob/07d10639d7e47f4852eaeb74aef5d569db499d6e/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py#L94-L97 has 2 issues:
There was a problem hiding this comment.
Thanks for your investigation!
Back then, we did not mean to "rely on a downstream library's code"; we just repurpose a code snippet which happens to be inside a downstream library.
Feel free to create a PR for the fix, preferably based on openssl command lines.
By the way, recent versions of MSAL started to support .pfx format and automatically calculate the thumbprint.
There was a problem hiding this comment.
By the way, recent versions of MSAL started to support .pfx format and automatically calculate the thumbprint.
Maybe MSAL can also automatically calculate the thumbprint of a PEM certificate?
msal_telemetrykey available in MSAL's acquire token response, currently observed when broker is enabled. Its content and format are opaque to caller. This telemetry blob allows participating apps to collect them via telemetry, and it may help future troubleshooting. (Surface msal telemetry as a long opaque string #575)enable_pii_logparameter is added intoClientApplicationconstructor. When enabled, the broker component may include PII (Personal Identifiable Information) in logs. This may help troubleshooting. (MSAL logging discrepancy #568, Add enable_pii_log and wire it up with MsalRuntime #590)