🩹 Fixes issues for Blazor SSR using Token Credential

🛠️ Making explicit Token Credential workflow
xxnickles · Feb 5, 2024 · aed15d9 · aed15d9
1 parent b5dc677
commit aed15d9
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 13 deletions.
diff --git a/src/AnimeFeedManager.Features/Images/IO/AzureImagesBlobStore.cs b/src/AnimeFeedManager.Features/Images/IO/AzureImagesBlobStore.cs
@@ -23,7 +23,7 @@ private static BlobContainerClient GetClient(AzureStorageSettings azureSettings)
             ConnectionStringSettings connectionStringOptions => new BlobContainerClient(
                 connectionStringOptions.StorageConnectionString, Container),
             TokenCredentialSettings tokenCredentialOptions => new BlobContainerClient(
-                new Uri(tokenCredentialOptions.BlobUri, Container), new DefaultAzureCredential()),
+                new Uri(tokenCredentialOptions.BlobUri, Container), tokenCredentialOptions.DefaultTokenCredential()),
             _ => throw new ArgumentException(
                 "Provided Table Storage configuration is not valid. Make sure Configurations for Azure table Storage is correct for either connection string or managed identities",
                 nameof(TableClientOptions))

diff --git a/src/AnimeFeedManager.Features/Infrastructure/Messaging/AzureQueueMessages.cs b/src/AnimeFeedManager.Features/Infrastructure/Messaging/AzureQueueMessages.cs
@@ -40,7 +40,7 @@ public AzureQueueMessages(AzureStorageSettings tableStorageSettings)
     {
         _azureSettings = tableStorageSettings;
         _jsonOptions = new JsonSerializerOptions(new JsonSerializerOptions
-            {PropertyNamingPolicy = JsonNamingPolicy.CamelCase});
+            { PropertyNamingPolicy = JsonNamingPolicy.CamelCase });
         _queueClientOptions = new QueueClientOptions
         {
             MessageEncoding = QueueMessageEncoding.Base64
@@ -91,7 +91,7 @@ private QueueClient GetClient(string destiny)
                 connectionStringOptions.StorageConnectionString, destiny,
                 _queueClientOptions),
             TokenCredentialSettings tokenCredentialOptions => new QueueClient(
-                tokenCredentialOptions.QueueUri, new DefaultAzureCredential(), _queueClientOptions),
+                new Uri(tokenCredentialOptions.QueueUri, destiny), tokenCredentialOptions.DefaultTokenCredential(), _queueClientOptions),
             _ => throw new ArgumentException(
                 "Provided Table Storage configuration is not valid. Make sure Configurations for Azure table Storage is correct for either connection string or managed identities",
                 nameof(TableClientOptions))

diff --git a/src/AnimeFeedManager.Features/Infrastructure/Messaging/AzureStorageSettings.cs b/src/AnimeFeedManager.Features/Infrastructure/Messaging/AzureStorageSettings.cs
@@ -1,10 +1,12 @@
-namespace AnimeFeedManager.Features.Infrastructure.Messaging;
+using Azure.Core;
+
+namespace AnimeFeedManager.Features.Infrastructure.Messaging;
 
 public abstract record AzureStorageSettings;
 
 public sealed record ConnectionStringSettings(string StorageConnectionString) : AzureStorageSettings;
 
-public sealed record TokenCredentialSettings(QueueUri QueueUri, BlobUri BlobUri) : AzureStorageSettings;
+public sealed record TokenCredentialSettings(QueueUri QueueUri, BlobUri BlobUri, Func<TokenCredential> DefaultTokenCredential) : AzureStorageSettings;
 
 public readonly record struct QueueUri(Uri Uri)
 {

diff --git a/src/AnimeFeedManager.Features/Infrastructure/Registration.cs b/src/AnimeFeedManager.Features/Infrastructure/Registration.cs
@@ -1,5 +1,6 @@
 using System.Diagnostics.CodeAnalysis;
 using AnimeFeedManager.Features.Infrastructure.Messaging;
+using Azure.Core;
 using Azure.Identity;
 using Microsoft.Extensions.Configuration;
 
@@ -21,12 +22,12 @@ public static IServiceCollection RegisterStorage(this IServiceCollection service
     }
 
     public static IServiceCollection RegisterStorage(this IServiceCollection services,
-        IConfigurationManager configuration)
+        IConfigurationManager configuration, Func<TokenCredential> defaultCredential)
     {
         var storageAccountName = configuration["StorageAccountName"];
         if (!string.IsNullOrEmpty(storageAccountName))
         {
-            RegisterWithAzureIdentity(services, storageAccountName);
+            RegisterWithAzureIdentity(services, storageAccountName,defaultCredential);
         }
         else
         {
@@ -44,15 +45,15 @@ private static void RegisterCommonServices(this IServiceCollection services)
         services.TryAddSingleton(typeof(ITableClientFactory<>), typeof(TableClientFactory<>));
     }
 
-    private static void RegisterWithAzureIdentity(IServiceCollection services, string storageAccountName)
+    private static void RegisterWithAzureIdentity(IServiceCollection services, string storageAccountName, Func<TokenCredential> defaultTokenCredential)
     {
         if (CreateUri(TableBaseUrl, storageAccountName, out var tableUri) &&
             CreateUri(QueueBaseUrl, storageAccountName, out var queueUri) &&
             CreateUri(BlobBaseUrl, storageAccountName, out var blobUri))
         {
             services.TryAddSingleton<AzureStorageSettings>(
-                new TokenCredentialSettings(new QueueUri(queueUri), new BlobUri(blobUri)));
-            services.TryAddSingleton(new TableServiceClient(tableUri, new DefaultAzureCredential()));
+                new TokenCredentialSettings(new QueueUri(queueUri), new BlobUri(blobUri), defaultTokenCredential));
+            services.TryAddSingleton(new TableServiceClient(tableUri, defaultTokenCredential()));
         }
         else
         {
@@ -70,4 +71,6 @@ private static bool CreateUri(string baseUrl, string storageAccountName, [NotNul
     {
         return Uri.TryCreate(string.Format(baseUrl,storageAccountName), UriKind.Absolute, out tableUri);
     }
+
+
 }
diff --git a/src/AnimeFeedManager.Web/Bootstrapping/Registration.cs b/src/AnimeFeedManager.Web/Bootstrapping/Registration.cs
@@ -11,6 +11,7 @@
 using AnimeFeedManager.Features.Tv;
 using AnimeFeedManager.Features.Users;
 using AnimeFeedManager.Web.Features.Security;
+using Azure.Core;
 using Azure.Identity;
 using MediatR.NotificationPublishers;
 using Microsoft.AspNetCore.Authentication.Cookies;
@@ -61,12 +62,12 @@ internal static IServiceCollection RegisterSecurityServices(this IServiceCollect
     }
 
     internal static IServiceCollection RegisterAppDependencies(this IServiceCollection services,
-        IConfigurationManager configuration)
+        IConfigurationManager configuration, Func<TokenCredential> defaultTokenCredential)
     {
         // MediatR
         services.RegisterMediatR();
         // Storage
-        services.RegisterStorage(configuration);
+        services.RegisterStorage(configuration, defaultTokenCredential);
         // App
         services.RegisterSeasonsServices();
         services.RegisterImageServices();

diff --git a/src/AnimeFeedManager.Web/Program.cs b/src/AnimeFeedManager.Web/Program.cs
@@ -1,11 +1,16 @@
 using AnimeFeedManager.Web.Bootstrapping;
 using AnimeFeedManager.Web.Features;
 using AnimeFeedManager.Web.Features.Common;
+using Azure.Core;
+using Azure.Identity;
 using Microsoft.AspNetCore.Components.Web;
 using TvEndpoints = AnimeFeedManager.Web.Features.Tv.Endpoints;
 using AdminEndpoints = AnimeFeedManager.Web.Features.Admin.Endpoints;
 using SecurityEndpoints = AnimeFeedManager.Web.Features.Security.Endpoints;
 
+static Func<TokenCredential> GetDefaultCredential(IWebHostEnvironment environment) => () =>
+    !environment.IsDevelopment() ? new ManagedIdentityCredential() : new AzureCliCredential();
+
 var builder = WebApplication.CreateBuilder(args);
 
 builder.Configuration.TryAddVault();
@@ -23,7 +28,7 @@
 builder.Services.AddScoped<BlazorRenderer>();
 
 // Application dependencies
-builder.Services.RegisterAppDependencies(builder.Configuration);
+builder.Services.RegisterAppDependencies(builder.Configuration, GetDefaultCredential(builder.Environment));
 builder.Services.AddApplicationInsightsTelemetry();
 
 var app = builder.Build();