Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Extract Azure email from cli credentials

See original GitHub issue

Is your feature request related to a problem? Please describe.

I would like to extract the user email from the Azure CLI credentials to use in my application.

I know the authentication details would be stored in ~/.azure/azureProfile.json. However, I haven’t found a native function to extract those automatically.

Describe the solution you’d like

from azure.common.credentials import get_principal_name_from_cli_credentials
user_email = get_principal_name_from_cli_credentials()

Describe alternatives you’ve considered

My first approach was using a solution similar to what suggested in #15260

from azure.common.credentials import get_azure_cli_credentials
from azure.graphrbac import GraphRbacManagementClient

TENANT_ID = 'xxxxxx-xxxxxxxx-xxxxxxx'

cred, _ = get_azure_cli_credentials(  # pylint: disable=unbalanced-tuple-unpacking
    resource='https://graph.windows.net'
)
graphrbac_client = GraphRbacManagementClient(credentials=cred, tenant_id=TENANT_ID)
user_obj = graphrbac_client.signed_in_user.get()
email = user_obj.user_principal_name

However azure-graphrbac has now been deprecated. So I have tried to moved this approach to a non deprecated SDK:

from azure.common.credentials import get_cli_profile
try:
    profile = get_cli_profile()
    user = profile._storage.data['subscriptions'][0]['user']['name']  # pylint:disable=protected-access
except (FileNotFoundError, KeyError):
    print("Couldn't find email")
    user = "nope@nope"

This second code snippet is using azure.common.credentials which I think it might conflict with azure.identity? Also I’m accessing a protected variable that might change name or structure in the future.

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:6 (4 by maintainers)

github_iconTop GitHub Comments

2reactions
lmazuelcommented, Dec 17, 2021

Hi @gdippolito

The information you need is actually CLI based, and our SDK team has no special access to extract that for you. You could open an issue on the github CLI repo, and ask for a public API to access CLI values from Python. In other words, ask for a “Azure CLI SDK for Python”.

We used to have some convenience in azure-common indeed, but we are deprecating this code since CLI architecture changed and we can’t access reliably this information anymore. The CLI is now an application, and only official access is through executing commands. Code we used to have that was using the implementation details that CLI was in Python can no longer be executed. See this PR for instance.

My suggestions would be:

  • Subprocess the CLI command that gets you the information you need. When SDK needs CLI information, it’s actually what we do , like I said we can’t use the fact that CLI is written in Python. This might be helpful for inspiration.
  • Open a github issue for a Python API to CLI internals.

Appreciate the feedback, and I apologize we can’t provide what you were hoping 😦

0reactions
gdippolitocommented, Dec 11, 2021

Gentle ping. 😄

Read more comments on GitHub >

github_iconTop Results From Across the Web

Sign in with Azure CLI — Login and Authentication
Sign in with credentials on the command line ; read -sp "Azure password: " ; echo && az login -u <username> -p $AZ_PASS....
Read more >
Azure CLI: get object id from user name or email address
You can get the current user's object id through powershell cmdlets. $msolcred = Get-Credential Connect-MsolService -Credential $msolcred ...
Read more >
Getting Started with Azure CLI - Parveen Singh
In this command, the login module for Azure CLI is used to interact ... with your Azure account email and password before pressing...
Read more >
azure cli not able login using command line option - Server Fault
When your account is Microsoft account(such as *@outlook.com, *@hotmail.com), you will get the error log. The root reason is Microsoft ...
Read more >
Log in to Microsoft 365 - CLI for Microsoft 365
After executing the login command, you will be prompted to navigate to https://aka.ms/devicelogin in your web browser and enter the login code presented...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

get_service_properties() returns JSON decode error on BlobServiceClient with premium storage account

Next page

azure-storage-blob-changefeed 12.0.0b2 not pip installable w/ latest sdk