Search code examples
node.jsazureazure-sdk-js

How do I authenticate with azure/identity module in node.js?

I am using a node.js application (v12.18.2, not in the browser) to access an Azure blob store. My existing code using @azure/storage-blob v10.5.0 is working and the authentication code looks like this:

const Azure = require( '@azure/storage-blob' );
let containerUriWithSAS = `${credentials.container_uri}?${credentials.sas_token}`;
let pipeline = Azure.StorageURL.newPipeline( new Azure.AnonymousCredential() );
let ContainerURL = new Azure.ContainerURL( containerUriWithSAS, pipeline );

Using this code to authenticate and then using, for example, ContainerURL.listBlobFlatSegment() to list objects works perfectly. I can create, get, delete, and list objects.

When I upgraded to @azure/storage-blob v12.1.2, there were some breaking changes. Now my code looks like:

//const{ DefaultAzureCredential } = require( '@azure/identity' ); // tried this instead of AnonymousCredential
const{ BlobServiceClient, AnonymousCredential } = require( '@azure/storage-blob' );
let containerUriWithSAS = `${credentials.container_uri}?${credentials.sas_token}`;
//let defaultAzureCredential = new DefaultAzureCredential();
let anonymousCredential = new AnonymousCredential();
let blobServiceClient = new BlobServiceClient( containerUriWithSAS, anonymousCredential );

const containerName = 'MyContainer';
const containerClient = blobServiceClient.getContainerClient( containerName );
const createContainerResponse = await containerClient.create();

On one (Linux) machine, I cannot connect to the server at all (the create() call times out). On another (Windows), the create() call throws an error which tells me that "The requested URI does not represent any resource on the server".

I've verified that the URI is exactly the same as one used by the working code but obviously I'm missing something in my understanding of the authentication process. How do I make my new code do what my old code did?

Also, it seems that I have to create a container before I can create objects, which I didn't have to do before. Is that part of my confusion?

Solution

  • BlobServiceClient should be created like below (not like with container URI you are doing). Also, note you don't need AnonymousCredential.

    const { BlobServiceClient } = require("@azure/storage-blob");
 
const account = "<account name>";
const sas = "<service Shared Access Signature Token>";
 
const blobServiceClient = new BlobServiceClient(
  `https://${account}.blob.core.windows.net${sas}`
);

const containerName = 'MyContainer';
const containerClient = blobServiceClient.getContainerClient(containerName);

// and go on doing your stuffs