[Core] Refactor MSAL HTTP cache to use JSON format #32511
Conversation
️✔️AzureCLI-FullTest
|
️✔️AzureCLI-BreakingChangeTest
|
|
Thank you for your contribution! We will review the pull request and get back to you soon. |
|
The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR. Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions). pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>
|
microsoft-github-policy-service
bot
added
Account
ReaNAiveD
force-pushed
the
json-http-cache
branch
from
6ee2837 to
9379de8
Compare
| from .binary_cache import BinaryCache | ||
| http_cache = BinaryCache(self._msal_http_cache_file) | ||
| from .json_cache import JsonCache | ||
| http_cache = JsonCache(self._msal_http_cache_file) |
There was a problem hiding this comment.
The BinaryCache is designed for saving anything, so the name BinaryCache is accurate.
However, the new JsonCache can only handle NormalizedResponse, so the name is not accurate. It should be something like NormalizedResponseJsonCache.
| response = NormalizedResponse.__new__(NormalizedResponse) | ||
| response.status_code = response_dict["status_code"] | ||
| response.text = response_dict["text"] | ||
| response.headers = response_dict["headers"] |
There was a problem hiding this comment.
I don't feel it is appropriate for Azure CLI as a downstream application of MSAL to serialize MSAL's HTTP cache as JSON. Azure CLI doesn't know which fields of the NormalizedResponse should be persisted. The HTTP cache should be treated as an opaque box.
MSAL itself should provide a serializable HTTP cache, similar to the token cache msal.token_cache.SerializableTokenCache or even msal_extensions.token_cache.PersistedTokenCache. Otherwise, both SDK and CLI, or even direct MSAL users need to implement their own serialization for MSAL HTTP cache.
3 participants
Related command
az loginDescription
The
picklemodule poses a risk of arbitrary code execution if its data (~/.azure/msal_http_cache.bin) is tampered with by an attacker. This PR change the cache storage from pickle to json.Testing Guide
History Notes
[Component Name 1] BREAKING CHANGE:
az command a: Make some customer-facing breaking change[Component Name 2]
az command b: Add some customer-facing featureThis checklist is used to make sure that common guidelines for a pull request are followed.
The PR title and description has followed the guideline in Submitting Pull Requests.
I adhere to the Command Guidelines.
I adhere to the Error Handling Guidelines.