Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/python/293.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Python 更改密码后Azure ChainedTokenCredential失败_Python_Azure_Visual Studio Code_Azure Identity - Fatal编程技术网
Fatal编程技术网
  • python/
  • Python 更改密码后Azure ChainedTokenCredential失败

Python 更改密码后Azure ChainedTokenCredential失败

python azure visual-studio-code

Python 更改密码后Azure ChainedTokenCredential失败,python,azure,visual-studio-code,azure-identity,Python,Azure,Visual Studio Code,Azure Identity,更改密码后,AzureChainedTokenCredential本地开发失败。我已经使用ChainedTokenCredential在Azure中使用managedEntityCredential进行身份验证,并使用DefaultAzureCredential对我的功能应用程序进行本地测试。一切都很顺利。下面是一个代码示例,它在Azure中正常工作,但在本地不起作用 def get_client(): MSI_credential = ManagedIdentityCredentia

更改密码后,Azure
ChainedTokenCredential
本地开发失败。我已经使用
ChainedTokenCredential
在Azure中使用
managedEntityCredential
进行身份验证,并使用
DefaultAzureCredential
对我的功能应用程序进行本地测试。一切都很顺利。下面是一个代码示例,它在Azure中正常工作,但在本地不起作用

def get_client():

    MSI_credential = ManagedIdentityCredential()
    default_credential = DefaultAzureCredential()
    credential_chain = ChainedTokenCredential(MSI_credential, default_credential)

    storageurl = os.environ["STORAGE_ACCOUNT"]

    client = BlobServiceClient(storageurl, credential=credential_chain)
    return client
上周我不得不更改我的密码,从那以后我得到了以下错误

[2021-04-19T15:18:06.931Z] SharedTokenCacheCredential.get_token failed: Azure Active Directory error '(invalid_grant) AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2021-02-08T20:05:01.4240000Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2021-04-15T15:49:33.0000000Z'.
[2021-04-19T15:18:06.963Z] Trace ID: xxx
[2021-04-19T15:18:06.972Z] Correlation ID: xxx
[2021-04-19T15:18:06.974Z] Timestamp: 2021-04-19 15:17:46Z'
[2021-04-19T15:18:06.977Z] DefaultAzureCredential.get_token failed: SharedTokenCacheCredential raised unexpected error "Azure Active Directory error '(invalid_grant) AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2021-02-08T20:05:01.4240000Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2021-04-15T15:49:33.0000000Z'.
[2021-04-19T15:18:07.014Z] Trace ID: xxx
[2021-04-19T15:18:07.040Z] Correlation ID: 
[2021-04-19T15:18:07.046Z] Timestamp: 2021-04-19 15:17:46Z'"
[2021-04-19T15:18:07.061Z] DefaultAzureCredential failed to retrieve a token from the included credentials.
Attempted credentials:
        EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
        ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no managed identity endpoint found.
        SharedTokenCacheCredential: Azure Active Directory error '(invalid_grant) AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2021-02-08T20:05:01.4240000Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2021-04-15T15:49:33.0000000Z'.
[2021-04-19T15:18:07.094Z] Trace ID: xxx
[2021-04-19T15:18:07.097Z] Correlation xxx
[2021-04-19T15:18:07.108Z] Timestamp: 2021-04-19 15:17:46Z'
[2021-04-19T15:18:07.111Z] ChainedTokenCredential.get_token failed: DefaultAzureCredential raised unexpected error "DefaultAzureCredential failed to retrieve a token from the included credentials.
Attempted credentials:
        EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
        ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no managed identity endpoint found.
        SharedTokenCacheCredential: Azure Active Directory error '(invalid_grant) AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2021-02-08T20:05:01.4240000Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2021-04-15T15:49:33.0000000Z'.
[2021-04-19T15:18:07.147Z] Trace ID: xxx
[2021-04-19T15:18:07.181Z] Correlation ID: xxx
[2021-04-19T15:18:07.195Z] Timestamp: 2021-04-19 15:17:46Z'"
[2021-04-19T15:18:07.201Z] ChainedTokenCredential failed to retrieve a token from the included credentials.
Attempted credentials:
        ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no managed identity endpoint found.
        DefaultAzureCredential: DefaultAzureCredential failed to retrieve a token from the included credentials.
Attempted credentials:
        EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
        ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no managed identity endpoint found.
        SharedTokenCacheCredential: Azure Active Directory error '(invalid_grant) AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2021-02-08T20:05:01.4240000Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2021-04-15T15:49:33.0000000Z'.
[2021-04-19T15:18:07.241Z] Trace ID: xxx
[2021-04-19T15:18:07.264Z] Correlation ID: xxx
[2021-04-19T15:18:07.303Z] Timestamp: 2021-04-19 15:17:46Z'
我试图解决这个问题的事情:

  • 登录和注销VSCode Azure扩展
  • 登录和注销
    az cli
  • az账户清算
  • 正在清除浏览器缓存
  • 重新启动PC和VSCode
  • 清除VSCode缓存 
    • C:\Users\\AppData\Roaming\code\Cache
    • C:\Users\\AppData\Roaming\code\CacheData
    • 我正在使用Azure扩展“附加到Python函数”来运行调试器。我不确定
    DefaultAzureCredential
    是如何获取我的凭据的。我相信它是存储在本地的,因为我在运行调试器时没有登录到Azure扩展时会遇到相同的错误。我以为
    DefaultAzureCredential
    会使用我的Azure扩展登录作为身份验证,但我不确定

    任何帮助都将不胜感激

    az帐户清除后
    ,您需要使用最新密码
    az登录
    ,即您可以登录azure门户的密码

    基于客户端库。您可以使用跳过共享缓存

    default_credential = DefaultAzureCredential(exclude_shared_token_cache_credential=True)
    并尝试通过Azure CLI进行身份验证。

    问题已通过使用@Charles Lowell的解决方案解决。由于使用fzf.exe(模糊查找工具),我在查找该文件时遇到问题,默认情况下它不会在隐藏文件夹中查找。删除
    C:\Users\\AppData\Local\.IdentityService\msal.cache
    有效

    我发现的另一种选择是使用
    VisualStudioCodeRedential()
    而不是
    DefaultAzureCredential()
    。这将使用vscode扩展进行身份验证。我更喜欢这种方法,但并非所有开发人员都使用VSCode。我很高兴
    DefaultAzureCredential
    能够正常工作

    def get_client():

    MSI_credential = ManagedIdentityCredential()
    vscode_credential = VisualStudioCodeCredential()
    credential_chain = ChainedTokenCredential(MSI_credential, vscode_credential)
    有关
    DefaultAzureCredential()
    的更多信息,请参见

    谢谢大家

    如果我的回答有帮助,请接受它作为回答,谢谢。不幸的是,它对我不起作用。似乎您在密码更改之前已发布了一个缓存刷新令牌,
    SharedTokenCacheCredential
    正试图使用该令牌。当它收到一个类似于您看到的错误时,它应该删除该令牌。您安装了哪个版本的azure identity?作为一种解决方法,您可以删除凭据使用的缓存:
    %LOCALAPPDATA%\.IdentityService\msal.cache
    (这样做将使您退出Visual Studio)。另一种解决方法是禁用
    SharedTokenCacheCredential
    DefaultAzureCredential(排除\u共享\u令牌\u缓存\u credential=True)
    。另外,
    DefaultAzureCredential
    是。除非在
    EnvironmentCredential
    之前需要
    managedEntityCredential
    ,否则只需使用
    DefaultAzureCredential