diff --git a/sdk/azidentity/client_assertion_credential.go b/sdk/azidentity/client_assertion_credential.go index 7105f05a9484..4e272409f677 100644 --- a/sdk/azidentity/client_assertion_credential.go +++ b/sdk/azidentity/client_assertion_credential.go @@ -65,7 +65,7 @@ func NewClientAssertionCredential(tenantID, clientID string, getAssertion func(c DisableInstanceDiscovery: options.DisableInstanceDiscovery, TokenCachePersistenceOptions: options.TokenCachePersistenceOptions, } - c, err := newConfidentialClient(component+"."+credNameAssertion, tenantID, clientID, credNameAssertion, cred, msalOpts, options.ClientOptions) + c, err := newConfidentialClient(tenantID, clientID, credNameAssertion, cred, msalOpts, options.ClientOptions) if err != nil { return nil, err } diff --git a/sdk/azidentity/client_certificate_credential.go b/sdk/azidentity/client_certificate_credential.go index ab5e1e51703a..cebc341000cf 100644 --- a/sdk/azidentity/client_certificate_credential.go +++ b/sdk/azidentity/client_certificate_credential.go @@ -69,7 +69,7 @@ func NewClientCertificateCredential(tenantID string, clientID string, certs []*x SendX5C: options.SendCertificateChain, TokenCachePersistenceOptions: options.TokenCachePersistenceOptions, } - c, err := newConfidentialClient(component+"."+credNameCert, tenantID, clientID, credNameCert, cred, msalOpts, options.ClientOptions) + c, err := newConfidentialClient(tenantID, clientID, credNameCert, cred, msalOpts, options.ClientOptions) if err != nil { return nil, err } diff --git a/sdk/azidentity/client_secret_credential.go b/sdk/azidentity/client_secret_credential.go index 18c36627af5a..279c28bdbf48 100644 --- a/sdk/azidentity/client_secret_credential.go +++ b/sdk/azidentity/client_secret_credential.go @@ -55,7 +55,7 @@ func NewClientSecretCredential(tenantID string, clientID string, clientSecret st DisableInstanceDiscovery: options.DisableInstanceDiscovery, TokenCachePersistenceOptions: options.TokenCachePersistenceOptions, } - c, err := newConfidentialClient(component+"."+credNameSecret, tenantID, clientID, credNameSecret, cred, msalOpts, options.ClientOptions) + c, err := newConfidentialClient(tenantID, clientID, credNameSecret, cred, msalOpts, options.ClientOptions) if err != nil { return nil, err } diff --git a/sdk/azidentity/confidential_client.go b/sdk/azidentity/confidential_client.go index 101a21242c4b..499be3dbbb7c 100644 --- a/sdk/azidentity/confidential_client.go +++ b/sdk/azidentity/confidential_client.go @@ -44,7 +44,7 @@ type confidentialClient struct { azClient *azcore.Client } -func newConfidentialClient(clientName, tenantID, clientID, name string, cred confidential.Credential, opts confidentialClientOptions, clientOpts azcore.ClientOptions) (*confidentialClient, error) { +func newConfidentialClient(tenantID, clientID, name string, cred confidential.Credential, opts confidentialClientOptions, clientOpts azcore.ClientOptions) (*confidentialClient, error) { if !validTenantID(tenantID) { return nil, errInvalidTenantID } @@ -52,7 +52,7 @@ func newConfidentialClient(clientName, tenantID, clientID, name string, cred con if err != nil { return nil, err } - client, err := azcore.NewClient(clientName, version, runtime.PipelineOptions{ + client, err := azcore.NewClient(module, version, runtime.PipelineOptions{ Tracing: runtime.TracingOptions{ Namespace: traceNamespace, }, diff --git a/sdk/azidentity/device_code_credential.go b/sdk/azidentity/device_code_credential.go index 42b76cc5ff40..29822c639658 100644 --- a/sdk/azidentity/device_code_credential.go +++ b/sdk/azidentity/device_code_credential.go @@ -107,7 +107,7 @@ func NewDeviceCodeCredential(options *DeviceCodeCredentialOptions) (*DeviceCodeC Record: cp.AuthenticationRecord, TokenCachePersistenceOptions: cp.TokenCachePersistenceOptions, } - c, err := newPublicClient(component+"."+credNameDeviceCode, cp.TenantID, cp.ClientID, credNameDeviceCode, msalOpts, cp.ClientOptions) + c, err := newPublicClient(cp.TenantID, cp.ClientID, credNameDeviceCode, msalOpts, cp.ClientOptions) if err != nil { return nil, err } diff --git a/sdk/azidentity/interactive_browser_credential.go b/sdk/azidentity/interactive_browser_credential.go index f4747fffed6a..4ae157888281 100644 --- a/sdk/azidentity/interactive_browser_credential.go +++ b/sdk/azidentity/interactive_browser_credential.go @@ -88,7 +88,7 @@ func NewInteractiveBrowserCredential(options *InteractiveBrowserCredentialOption RedirectURL: cp.RedirectURL, TokenCachePersistenceOptions: cp.TokenCachePersistenceOptions, } - c, err := newPublicClient(component+"."+credNameBrowser, cp.TenantID, cp.ClientID, credNameBrowser, msalOpts, cp.ClientOptions) + c, err := newPublicClient(cp.TenantID, cp.ClientID, credNameBrowser, msalOpts, cp.ClientOptions) if err != nil { return nil, err } diff --git a/sdk/azidentity/managed_identity_client.go b/sdk/azidentity/managed_identity_client.go index aafe56f967b7..7c25cb8bdd55 100644 --- a/sdk/azidentity/managed_identity_client.go +++ b/sdk/azidentity/managed_identity_client.go @@ -114,7 +114,7 @@ func setIMDSRetryOptionDefaults(o *policy.RetryOptions) { // that are passed into it along with a default pipeline. // options: ManagedIdentityCredentialOptions configure policies for the pipeline and the authority host that // will be used to retrieve tokens and authenticate -func newManagedIdentityClient(clientName string, options *ManagedIdentityCredentialOptions) (*managedIdentityClient, error) { +func newManagedIdentityClient(options *ManagedIdentityCredentialOptions) (*managedIdentityClient, error) { if options == nil { options = &ManagedIdentityCredentialOptions{} } @@ -150,7 +150,7 @@ func newManagedIdentityClient(clientName string, options *ManagedIdentityCredent setIMDSRetryOptionDefaults(&cp.Retry) } - client, err := azcore.NewClient(clientName, version, runtime.PipelineOptions{ + client, err := azcore.NewClient(module, version, runtime.PipelineOptions{ Tracing: runtime.TracingOptions{ Namespace: traceNamespace, }, diff --git a/sdk/azidentity/managed_identity_client_test.go b/sdk/azidentity/managed_identity_client_test.go index 70d4397eb15b..293dd4715629 100644 --- a/sdk/azidentity/managed_identity_client_test.go +++ b/sdk/azidentity/managed_identity_client_test.go @@ -50,7 +50,7 @@ func TestManagedIdentityClient_UserAgent(t *testing.T) { Transport: &mockSTS{}, PerCallPolicies: []policy.Policy{userAgentValidatingPolicy{t: t}}, }, } - client, err := newManagedIdentityClient(miClientName, &options) + client, err := newManagedIdentityClient(&options) if err != nil { t.Fatal(err) } @@ -68,7 +68,7 @@ func TestManagedIdentityClient_ApplicationID(t *testing.T) { }, } options.Telemetry.ApplicationID = appID - client, err := newManagedIdentityClient(miClientName, &options) + client, err := newManagedIdentityClient(&options) if err != nil { t.Fatal(err) } @@ -98,7 +98,7 @@ func TestManagedIdentityClient_IMDSErrors(t *testing.T) { srv, close := mock.NewServer(mock.WithTransformAllRequestsToTestServerUrl()) defer close() srv.SetResponse(mock.WithBody([]byte(test.body)), mock.WithStatusCode(test.code)) - client, err := newManagedIdentityClient(miClientName, &ManagedIdentityCredentialOptions{ + client, err := newManagedIdentityClient(&ManagedIdentityCredentialOptions{ ClientOptions: azcore.ClientOptions{Transport: srv}, }) if err != nil { @@ -158,7 +158,7 @@ func TestManagedIdentityClient_UserAssignedIDWarning(t *testing.T) { msgs = append(msgs, msg) } }) - client, err := newManagedIdentityClient(miClientName, &ManagedIdentityCredentialOptions{ + client, err := newManagedIdentityClient(&ManagedIdentityCredentialOptions{ ID: id, }) if err != nil { diff --git a/sdk/azidentity/managed_identity_credential.go b/sdk/azidentity/managed_identity_credential.go index eb087e23da3b..eb4fa25ac10c 100644 --- a/sdk/azidentity/managed_identity_credential.go +++ b/sdk/azidentity/managed_identity_credential.go @@ -18,7 +18,6 @@ import ( ) const credNameManagedIdentity = "ManagedIdentityCredential" -const miClientName = component + "." + credNameManagedIdentity type managedIdentityIDKind int @@ -81,7 +80,7 @@ func NewManagedIdentityCredential(options *ManagedIdentityCredentialOptions) (*M if options == nil { options = &ManagedIdentityCredentialOptions{} } - mic, err := newManagedIdentityClient(miClientName, options) + mic, err := newManagedIdentityClient(options) if err != nil { return nil, err } @@ -94,7 +93,7 @@ func NewManagedIdentityCredential(options *ManagedIdentityCredentialOptions) (*M clientID = options.ID.String() } // similarly, it's okay to give MSAL an incorrect tenant because MSAL won't use the value - c, err := newConfidentialClient(miClientName, "common", clientID, credNameManagedIdentity, cred, confidentialClientOptions{}, options.ClientOptions) + c, err := newConfidentialClient("common", clientID, credNameManagedIdentity, cred, confidentialClientOptions{}, options.ClientOptions) if err != nil { return nil, err } diff --git a/sdk/azidentity/on_behalf_of_credential.go b/sdk/azidentity/on_behalf_of_credential.go index 51b58710d1d2..2c1eea9e6604 100644 --- a/sdk/azidentity/on_behalf_of_credential.go +++ b/sdk/azidentity/on_behalf_of_credential.go @@ -79,7 +79,7 @@ func newOnBehalfOfCredential(tenantID, clientID, userAssertion string, cred conf DisableInstanceDiscovery: options.DisableInstanceDiscovery, SendX5C: options.SendCertificateChain, } - c, err := newConfidentialClient(component+"."+credNameOBO, tenantID, clientID, credNameOBO, cred, opts, options.ClientOptions) + c, err := newConfidentialClient(tenantID, clientID, credNameOBO, cred, opts, options.ClientOptions) if err != nil { return nil, err } diff --git a/sdk/azidentity/public_client.go b/sdk/azidentity/public_client.go index 3ba6df6a7dcc..c6e4e8f385bf 100644 --- a/sdk/azidentity/public_client.go +++ b/sdk/azidentity/public_client.go @@ -52,7 +52,7 @@ type publicClient struct { var errScopeRequired = errors.New("authenticating in this environment requires specifying a scope in TokenRequestOptions") -func newPublicClient(clientName, tenantID, clientID, name string, o publicClientOptions, clientOpts azcore.ClientOptions) (*publicClient, error) { +func newPublicClient(tenantID, clientID, name string, o publicClientOptions, clientOpts azcore.ClientOptions) (*publicClient, error) { if !validTenantID(tenantID) { return nil, errInvalidTenantID } @@ -81,7 +81,7 @@ func newPublicClient(clientName, tenantID, clientID, name string, o publicClient if audience != "" { defaultScope = []string{audience + defaultSuffix} } - client, err := azcore.NewClient(clientName, version, runtime.PipelineOptions{ + client, err := azcore.NewClient(module, version, runtime.PipelineOptions{ Tracing: runtime.TracingOptions{ Namespace: traceNamespace, }, diff --git a/sdk/azidentity/username_password_credential.go b/sdk/azidentity/username_password_credential.go index 334a963397ab..51e73ffaae86 100644 --- a/sdk/azidentity/username_password_credential.go +++ b/sdk/azidentity/username_password_credential.go @@ -61,7 +61,7 @@ func NewUsernamePasswordCredential(tenantID string, clientID string, username st TokenCachePersistenceOptions: options.TokenCachePersistenceOptions, Username: username, } - c, err := newPublicClient(component+"."+credNameUserPassword, tenantID, clientID, credNameUserPassword, opts, options.ClientOptions) + c, err := newPublicClient(tenantID, clientID, credNameUserPassword, opts, options.ClientOptions) if err != nil { return nil, err } diff --git a/sdk/azidentity/version.go b/sdk/azidentity/version.go index 77ad776eae00..3c1c4b9b5a52 100644 --- a/sdk/azidentity/version.go +++ b/sdk/azidentity/version.go @@ -10,6 +10,9 @@ const ( // UserAgent is the string to be used in the user agent string when making requests. component = "azidentity" + // module is the fully qualified name of the module used in telemetry and distributed tracing. + module = "github.com/Azure/azure-sdk-for-go/sdk/" + component + // Version is the semantic version (see http://semver.org) of this module. version = "v1.5.0-beta.2" ) diff --git a/sdk/azidentity/workload_identity.go b/sdk/azidentity/workload_identity.go index 95549d01264a..3e43e788e931 100644 --- a/sdk/azidentity/workload_identity.go +++ b/sdk/azidentity/workload_identity.go @@ -15,6 +15,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore" "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" ) const credNameWorkloadIdentity = "WorkloadIdentityCredential" @@ -83,7 +84,6 @@ func NewWorkloadIdentityCredential(options *WorkloadIdentityCredentialOptions) ( ClientOptions: options.ClientOptions, DisableInstanceDiscovery: options.DisableInstanceDiscovery, } - // TODO: this will incorrectly report ClientAssertionCredential in traces cred, err := NewClientAssertionCredential(tenantID, clientID, w.getAssertion, &caco) if err != nil { return nil, err @@ -96,7 +96,11 @@ func NewWorkloadIdentityCredential(options *WorkloadIdentityCredentialOptions) ( // GetToken requests an access token from Microsoft Entra ID. Azure SDK clients call this method automatically. func (w *WorkloadIdentityCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) { - return w.cred.GetToken(ctx, opts) + var err error + ctx, endSpan := runtime.StartSpan(ctx, credNameWorkloadIdentity+"."+traceOpGetToken, w.cred.client.azClient.Tracer(), nil) + defer func() { endSpan(err) }() + tk, err := w.cred.GetToken(ctx, opts) + return tk, err } // getAssertion returns the specified file's content, which is expected to be a Kubernetes service account token.