azure_identity 0.34.0

Rust wrappers around Microsoft Azure REST APIs - Azure identity helper crate
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124

// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

// cspell:ignore workdir

use crate::env::Env;
use azure_core::{
    credentials::AccessToken,
    error::{Error, ErrorKind, Result},
};
use std::{
    ffi::{OsStr, OsString},
    fmt, io,
    process::Output,
    sync::Arc,
};

mod standard;
#[cfg(feature = "tokio")]
mod tokio;

#[allow(unused)]
pub use standard::StdExecutor;
#[cfg(feature = "tokio")]
pub use tokio::TokioExecutor;

/// Creates a new [`Executor`].
///
/// The returned Executor spawns a [`std::process::Command`] in a separate thread unless `tokio` is enabled,
/// in which case it spawns a `tokio::process::Command`.
pub fn new_executor() -> Arc<dyn Executor> {
    #[cfg(not(feature = "tokio"))]
    {
        Arc::new(StdExecutor)
    }
    #[cfg(feature = "tokio")]
    {
        Arc::new(TokioExecutor)
    }
}

/// An async command runner.
#[async_trait::async_trait]
pub trait Executor: Send + Sync + fmt::Debug {
    /// Run a program with the given arguments until it terminates, returning the output.
    async fn run(&self, program: &OsStr, args: &[&OsStr]) -> io::Result<Output>;
}

/// Runs a command in the appropriate platform shell and processes the output
/// using the specified `OutputProcessor`.
///
/// - Windows: Runs `cmd /C {command}` in %SYSTEMROOT%
/// - Everywhere else: Runs `/bin/sh -c {command}` in /bin
pub(crate) async fn shell_exec<T: OutputProcessor>(
    executor: Arc<dyn Executor>,
    #[cfg_attr(not(windows), allow(unused_variables))] env: &Env,
    command: &OsStr,
) -> Result<AccessToken> {
    let (workdir, program, c_switch) = {
        #[cfg(windows)]
        {
            let system_root = env.var_os("SYSTEMROOT").map_err(|_| {
                Error::with_message(
                    ErrorKind::Credential,
                    "SYSTEMROOT environment variable not set",
                )
            })?;
            (system_root, OsStr::new("cmd"), OsStr::new("/C"))
        }
        #[cfg(not(windows))]
        {
            (
                OsString::from("/bin"),
                OsStr::new("/bin/sh"),
                OsStr::new("-c"),
            )
        }
    };

    let mut command_string = OsString::from("cd ");
    command_string.push(workdir);
    command_string.push(" && ");
    command_string.push(command);
    let args = &[c_switch, &command_string];

    let status = executor.run(program, args).await;

    match status {
        Ok(output) if output.status.success() => {
            T::deserialize_token(&String::from_utf8_lossy(&output.stdout))
        }
        Ok(output) => {
            let stderr = String::from_utf8_lossy(&output.stderr);
            let message = if let Some(error_message) = T::get_error_message(&stderr) {
                error_message
            } else if output.status.code() == Some(127) || stderr.contains("' is not recognized") {
                format!("{} not found on PATH", T::tool_name())
            } else {
                stderr.to_string()
            };
            Err(Error::with_message(ErrorKind::Credential, message))
        }
        Err(e) if e.kind() == std::io::ErrorKind::NotFound => {
            let message = format!("{program:?} wasn't found on PATH");
            Err(Error::with_error(ErrorKind::Credential, e, message))
        }
        Err(e) => {
            let message = format!("{} error: {e}", e.kind());
            Err(Error::with_error(ErrorKind::Credential, e, message))
        }
    }
}

pub(crate) trait OutputProcessor: Send + Sized + Sync + 'static {
    /// Deserialize an AccessToken from stdout
    fn deserialize_token(stdout: &str) -> Result<AccessToken>;

    /// Optionally convert stderr to a user-friendly error message.
    /// When this method returns None, the error message will include stderr verbatim.
    fn get_error_message(stderr: &str) -> Option<String>;

    /// Name of the tool used to get the token e.g. "azd"
    fn tool_name() -> &'static str;
}