Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add Azure (with AD) support #31

Open
tomplus opened this issue Jul 28, 2018 · 5 comments
Open

add Azure (with AD) support #31

tomplus opened this issue Jul 28, 2018 · 5 comments
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@tomplus
Copy link
Owner

tomplus commented Jul 28, 2018
edited

The latest version of https://github.com/kubernetes-client/python supports Azure AKS integrated with Azure Active Directory (kubernetes-client/python-base#77).
@tomplus tomplus added the enhancement New feature or request label Jul 30, 2018
@tomplus tomplus changed the title add Azure support add Azure (with AD) support Aug 31, 2018
@tomplus tomplus added the help wanted Extra attention is needed label Aug 31, 2018
@tomplus
Copy link
Owner Author

tomplus commented Aug 31, 2018

The official library uses adel - AD library for python which is currently synchronous (AzureAD/azure-activedirectory-library-for-python#93). First we should extend this library, find a replacement or implement some basic behavior here.

@rayluo
Copy link

rayluo commented Apr 4, 2019

For the record, ADAL Python (and its cousin MSAL Python) supports token cache behavior. It allows you to reuse a token so that most of the time you don't actually need to send out any network call.

@tomplus
Copy link
Owner Author

tomplus commented Jun 6, 2020

I'm afraid is not enough to build full asynchronous applications.

@rayluo
Copy link

rayluo commented Jun 6, 2020
edited

To clarify:

  • The MSAL's token cache I mentioned earlier, is NOT about asynchronous in itself. But, given that tokens are already cached, actual authentication/authorization requests would become very infrequent by its nature. For example, an access token would typically be valid for 1 hour. That hints, an app utilizing an access token to its fullest, would only need to send out auth request once per hour. Such a low load does not necessitate an asynchronous architecture.

  • Since I left the comment one year ago, MSAL supports customized http client recently. This feature is still NOT directly about asynchronous in itself. But, it may theoretically make it possible to plug in an async http client.

@tomplus
Copy link
Owner Author

tomplus commented Jun 6, 2020

The second option sounds good to me. Thanks for clarifying possibilities.

@tomplus tomplus mentioned this issue Nov 12, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rayluo @tomplus