From 8c6526456ddf050473dc261a5b3c01fddc1fe217 Mon Sep 17 00:00:00 2001 From: Fran Barton Date: Mon, 19 Jan 2026 16:39:02 +0000 Subject: [PATCH 1/3] =?UTF-8?q?=E2=86=A9=EF=B8=8F=20Revert=20to=20using=20?= =?UTF-8?q?AAD=20v1=20tokens=20by=20default?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- R/get_auth_token.R | 29 ++++++++++++++-------------- R/read_azure_table.R | 1 - man/generate_resource.Rd | 4 ++-- man/get_auth_token.Rd | 17 ++++++++-------- man/refresh_token.Rd | 8 ++++---- tests/testthat/test-get_auth_token.R | 25 ++++++++++++------------ tests/testthat/test-list_files.R | 2 +- 7 files changed, 42 insertions(+), 44 deletions(-) diff --git a/R/get_auth_token.R b/R/get_auth_token.R index c849770..e493df6 100644 --- a/R/get_auth_token.R +++ b/R/get_auth_token.R @@ -15,14 +15,14 @@ #' attempt to use a cached token matching the given `resource`, `tenant` and #' `aad_version`. #' -#' @param resource For v2, a vector specifying the URL of the Azure resource +#' @param resource For v1, a simple URL such as `"https://storage.azure.com/"` +#' should be supplied.For v2, a vector specifying the URL of the Azure resource #' for which the token is requested as well as any desired scopes. See -#' [AzureAuth::get_azure_token] for details. For v1, a simple URL such as -#' `"https://storage.azure.com/"` should be supplied. Use [generate_resource] +#' [AzureAuth::get_azure_token] for details. Use [generate_resource] #' to help provide an appropriate string or vector. The values default to #' `c("https://storage.azure.com/.default", "openid", "offline_access")`. -#' If setting version to 1, ensure that the `aad_version` argument is also set -#' to 1. Both are set to use AAD version 2 by default. +#' If setting version to 2, ensure that the `aad_version` argument is also set +#' to 2. Both are set to use AAD version 1 by default. #' @param tenant A string specifying the Azure tenant. Defaults to #' `"organizations"`. See [AzureAuth::get_azure_token] for other values. #' @param client_id A string specifying the application ID (client ID). If @@ -30,7 +30,7 @@ #' Azure Resource Manager token, or prompts the user to log in to obtain it. #' @param auth_method A string specifying the authentication method. Defaults to #' `"authorization_code"`. See [AzureAuth::get_azure_token] for other values. -#' @param aad_version Numeric. The AAD version, either 1 or 2 (2 by default) +#' @param aad_version Numeric. The AAD version, either 1 or 2 (1 by default) #' @param force_refresh Boolean: whether to use a stored token if available #' (`FALSE`, the default), or try to obtain a new one from Azure (`TRUE`). #' This may be useful if you wish to generate a new token with the same @@ -53,8 +53,7 @@ #' # Get a token for a specific resource and tenant #' token <- get_auth_token( #' resource = "https://graph.microsoft.com", -#' tenant = "my-tenant-id", -#' aad_version = 1 +#' tenant = "my-tenant-id" #' ) #' #' # Get a token using a specific app ID @@ -66,7 +65,7 @@ get_auth_token <- function( tenant = "organizations", client_id = NULL, auth_method = "authorization_code", - aad_version = 2, + aad_version = 1, force_refresh = FALSE, ... ) { @@ -227,7 +226,7 @@ get_client_id <- function() { #' you are likely to want to keep `refresh` turned on (this argument has no #' effect on v1 tokens, it only applies to v2). #' -#' @param version numeric. The AAD version, either 1 or 2 (2 by default) +#' @param version numeric. The AAD version, either 1 or 2 (1 by default) #' @param url The URL of the Azure resource host #' @param path For v2, the path designating the access scope #' @param authorise Boolean, whether to return a token with authorisation scope, @@ -238,7 +237,7 @@ get_client_id <- function() { #' @returns A scalar character, or (in most v2 situations) a character vector #' @export generate_resource <- function( - version = 2, + version = 1, url = "https://storage.azure.com", path = "/.default", authorise = TRUE, @@ -262,11 +261,11 @@ generate_resource <- function( } -#' Use a token's internal refresh method to refresh it +#' Use a token's internal `refresh()` method to refresh it #' -#' This method avoids the need to refresh by reauthenticating online. It seems -#' like this only works with v1 tokens? v2 tokens always seem to refresh by -#' reauthenticating with Azure online. But v2 tokens ought to refresh +#' This method avoids the need to refresh by re-authenticating online. It seems +#' like this only works with v1 tokens. v2 tokens always seem to refresh by +#' re-authenticating with Azure online. But v2 tokens _ought_ to refresh #' automatically and not need manual refreshing. To instead generate a #' completely fresh token, pass `use_cache = FALSE` or `force_refresh = TRUE` #' to [get_auth_token]. diff --git a/R/read_azure_table.R b/R/read_azure_table.R index b4b92f0..5a85452 100644 --- a/R/read_azure_table.R +++ b/R/read_azure_table.R @@ -37,4 +37,3 @@ read_azure_table <- function( purrr::map(tibble::as_tibble) |> purrr::list_rbind() } - diff --git a/man/generate_resource.Rd b/man/generate_resource.Rd index 5a039ec..22d97fd 100644 --- a/man/generate_resource.Rd +++ b/man/generate_resource.Rd @@ -5,7 +5,7 @@ \title{Generate appropriate values for the \code{resource} parameter in \link{get_auth_token}} \usage{ generate_resource( - version = 2, + version = 1, url = "https://storage.azure.com", path = "/.default", authorise = TRUE, @@ -13,7 +13,7 @@ generate_resource( ) } \arguments{ -\item{version}{numeric. The AAD version, either 1 or 2 (2 by default)} +\item{version}{numeric. The AAD version, either 1 or 2 (1 by default)} \item{url}{The URL of the Azure resource host} diff --git a/man/get_auth_token.Rd b/man/get_auth_token.Rd index a4e4da0..af708df 100644 --- a/man/get_auth_token.Rd +++ b/man/get_auth_token.Rd @@ -9,20 +9,20 @@ get_auth_token( tenant = "organizations", client_id = NULL, auth_method = "authorization_code", - aad_version = 2, + aad_version = 1, force_refresh = FALSE, ... ) } \arguments{ -\item{resource}{For v2, a vector specifying the URL of the Azure resource +\item{resource}{For v1, a simple URL such as \code{"https://storage.azure.com/"} +should be supplied.For v2, a vector specifying the URL of the Azure resource for which the token is requested as well as any desired scopes. See -\link[AzureAuth:get_azure_token]{AzureAuth::get_azure_token} for details. For v1, a simple URL such as -\code{"https://storage.azure.com/"} should be supplied. Use \link{generate_resource} +\link[AzureAuth:get_azure_token]{AzureAuth::get_azure_token} for details. Use \link{generate_resource} to help provide an appropriate string or vector. The values default to \code{c("https://storage.azure.com/.default", "openid", "offline_access")}. -If setting version to 1, ensure that the \code{aad_version} argument is also set -to 1. Both are set to use AAD version 2 by default.} +If setting version to 2, ensure that the \code{aad_version} argument is also set +to 2. Both are set to use AAD version 1 by default.} \item{tenant}{A string specifying the Azure tenant. Defaults to \code{"organizations"}. See \link[AzureAuth:get_azure_token]{AzureAuth::get_azure_token} for other values.} @@ -34,7 +34,7 @@ Azure Resource Manager token, or prompts the user to log in to obtain it.} \item{auth_method}{A string specifying the authentication method. Defaults to \code{"authorization_code"}. See \link[AzureAuth:get_azure_token]{AzureAuth::get_azure_token} for other values.} -\item{aad_version}{Numeric. The AAD version, either 1 or 2 (2 by default)} +\item{aad_version}{Numeric. The AAD version, either 1 or 2 (1 by default)} \item{force_refresh}{Boolean: whether to use a stored token if available (\code{FALSE}, the default), or try to obtain a new one from Azure (\code{TRUE}). @@ -78,8 +78,7 @@ token <- get_auth_token(force_refresh = TRUE) # Get a token for a specific resource and tenant token <- get_auth_token( resource = "https://graph.microsoft.com", - tenant = "my-tenant-id", - aad_version = 1 + tenant = "my-tenant-id" ) # Get a token using a specific app ID diff --git a/man/refresh_token.Rd b/man/refresh_token.Rd index bfba5b7..ecee521 100644 --- a/man/refresh_token.Rd +++ b/man/refresh_token.Rd @@ -2,7 +2,7 @@ % Please edit documentation in R/get_auth_token.R \name{refresh_token} \alias{refresh_token} -\title{Use the token's internal refresh() method to refresh it} +\title{Use a token's internal \code{refresh()} method to refresh it} \usage{ refresh_token(token) } @@ -13,9 +13,9 @@ refresh_token(token) An Azure authentication token } \description{ -This method avoids the need to refresh by reauthenticating online. It seems -like this only works with v1 tokens? v2 tokens always seem to refresh by -reauthenticating with Azure online. But v2 tokens ought to refresh +This method avoids the need to refresh by re-authenticating online. It seems +like this only works with v1 tokens. v2 tokens always seem to refresh by +re-authenticating with Azure online. But v2 tokens \emph{ought} to refresh automatically and not need manual refreshing. To instead generate a completely fresh token, pass \code{use_cache = FALSE} or \code{force_refresh = TRUE} to \link{get_auth_token}. diff --git a/tests/testthat/test-get_auth_token.R b/tests/testthat/test-get_auth_token.R index 03dcf44..c359569 100644 --- a/tests/testthat/test-get_auth_token.R +++ b/tests/testthat/test-get_auth_token.R @@ -10,22 +10,23 @@ test_that("generate_resource() behaves itself", { expect_error() base_url <- "https://storage.azure.com" def_url <- paste0(base_url, "/.default") - def1 <- c(def_url, "openid", "offline_access") generate_resource() |> + expect_equal(base_url) + generate_resource(refresh = FALSE) |> + expect_equal(base_url) + generate_resource(authorise = FALSE) |> + expect_equal("") + generate_resource(authorise = FALSE, refresh = FALSE) |> + expect_equal("") + + def1 <- c(def_url, "openid", "offline_access") + generate_resource(version = 2) |> expect_equal(def1) def2 <- c(def_url, "openid") - generate_resource(refresh = FALSE) |> + generate_resource(version = 2, refresh = FALSE) |> expect_equal(def2) - generate_resource(authorise = FALSE) |> + generate_resource(version = 2, authorise = FALSE) |> expect_equal(c("openid", "offline_access")) - generate_resource(authorise = FALSE, refresh = FALSE) |> + generate_resource(version = 2, authorise = FALSE, refresh = FALSE) |> expect_equal("openid") - generate_resource(version = 1) |> - expect_equal(base_url) - generate_resource(version = 1, refresh = FALSE) |> - expect_equal(base_url) - generate_resource(version = 1, authorise = FALSE) |> - expect_equal("") - generate_resource(version = 1, authorise = FALSE, refresh = FALSE) |> - expect_equal("") }) diff --git a/tests/testthat/test-list_files.R b/tests/testthat/test-list_files.R index 8b2321d..882b653 100644 --- a/tests/testthat/test-list_files.R +++ b/tests/testthat/test-list_files.R @@ -47,7 +47,7 @@ test_that("we can evolve list_files()", { stopifnot("path not found" = AzureStor::blob_dir_exists(container, path)) tbl <- AzureStor::list_blobs(container, dir = path, recursive = recursive) if (nrow(tbl) == 0) { - return(character(0)) + character(0) } else { tbl |> dplyr::filter( From 46fbe97cf8c968bcb701b23cd7b052797642ca60 Mon Sep 17 00:00:00 2001 From: Fran Barton Date: Mon, 19 Jan 2026 16:39:24 +0000 Subject: [PATCH 2/3] =?UTF-8?q?=F0=9F=A4=95=20Bump=20version?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- DESCRIPTION | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/DESCRIPTION b/DESCRIPTION index 0a8f10e..3bf9124 100644 --- a/DESCRIPTION +++ b/DESCRIPTION @@ -1,6 +1,6 @@ Package: azkit Title: Azure storage authentication toolkit -Version: 0.2.2 +Version: 0.2.3 Authors@R: c(person( "Fran", "Barton", @@ -35,5 +35,9 @@ Imports: withr, yyjsonr Suggests: - testthat (>= 3.0.0), - readr + httpuv, + knitr, + quarto, + readr, + testthat (>= 3.0.0) +VignetteBuilder: quarto From 9cb2115ca4964b12317d049e21333fdbcd5481b4 Mon Sep 17 00:00:00 2001 From: Fran Barton Date: Tue, 20 Jan 2026 10:14:21 +0000 Subject: [PATCH 3/3] Committed quarto vignette lines by mistake --- DESCRIPTION | 3 --- 1 file changed, 3 deletions(-) diff --git a/DESCRIPTION b/DESCRIPTION index 3bf9124..0d9dc71 100644 --- a/DESCRIPTION +++ b/DESCRIPTION @@ -36,8 +36,5 @@ Imports: yyjsonr Suggests: httpuv, - knitr, - quarto, readr, testthat (>= 3.0.0) -VignetteBuilder: quarto