我正在查看Microsoft文档here和here,我在Azure Active Directory中创建了Web App以访问Data Lake Store
在网页应用中,我有对象ID ,应用 ID和密钥
查看我看到的文件:
adlCreds = lib.auth(tenant_id = 'FILL-IN-HERE', client_secret = 'FILL-IN-HERE', client_id = 'FILL-IN-HERE', resource = 'https://datalake.azure.net/')
如何使用它来验证我的代码并在Data Lake Store上运行操作?
这是我的完整测试代码:
## Use this for Azure AD authentication
from msrestazure.azure_active_directory import AADTokenCredentials
## Required for Azure Data Lake Store account management
from azure.mgmt.datalake.store import DataLakeStoreAccountManagementClient
from azure.mgmt.datalake.store.models import DataLakeStoreAccount
## Required for Azure Data Lake Store filesystem management
from azure.datalake.store import core, lib, multithread
# Common Azure imports
import adal
from azure.mgmt.resource.resources import ResourceManagementClient
from azure.mgmt.resource.resources.models import ResourceGroup
## Use these as needed for your application
import logging, getpass, pprint, uuid, time
## Declare variables
subscriptionId = 'FILL-IN-HERE'
adlsAccountName = 'FILL-IN-HERE'
tenant_id = 'FILL-IN-HERE'
client_secret = 'FILL-IN-HERE'
client_id = 'FILL-IN-HERE'
## adlCreds = lib.auth(tenant_id = 'FILL-IN-HERE', client_secret = 'FILL-IN-HERE', client_id = 'FILL-IN-HERE', resource = 'https://datalake.azure.net/')
from azure.common.credentials import ServicePrincipalCredentials
adlCreds = lib.auth(tenant_id, client_secret, client_id, resource = 'https://datalake.azure.net/')
## Create a filesystem client object
adlsFileSystemClient = core.AzureDLFileSystem(adlCreds, store_name=adlsAccountName)
## Create a directory
adlsFileSystemClient.mkdir('/mysampledirectory')
当我尝试编写代码时,我收到错误:
[正在运行] python" c:.... \ dls.py" Traceback(最近一次调用最后一次): 文件" c:.... \ dls.py",第38行,in adlCreds = lib.auth(tenant_id,client_secret,client_id,resource =' https://datalake.azure.net/') 文件" C:\ Python36 \ lib \ site-packages \ azure \ datalake \ store \ lib.py",第130行,在auth密码中,client_id) 文件" C:\ Python36 \ lib \ site-packages \ adal \ authentication_context.py",第145行,在acquire_token_with_username_password中 return self._acquire_token(token_func) _acquire_token中的文件" C:\ Python36 \ lib \ site-packages \ adal \ authentication_context.py",第109行 return token_func(self) 在token_func中的文件" C:\ Python36 \ lib \ site-packages \ adal \ authentication_context.py",第143行 return token_request.get_token_with_username_password(用户名,密码) 文件" C:\ Python36 \ lib \ site-packages \ adal \ token_request.py",第280行,在get_token_with_username_password中 self._user_realm.discover() 文件" C:\ Python36 \ lib \ site-packages \ adal \ user_realm.py",第152行,在发现 引发AdalError(return_error_string,error_response) adal.adal_error.AdalError:User Realm Discovery请求返回http错误:404和服务器响应:
404 - 找不到文件或目录。
[完成]在1.216秒内退出代码= 1
答案 0 :(得分:4)
有两种不同的身份验证方式。第一个是交互式的,适合最终用户。它甚至适用于多因素身份验证。 这是你如何做到的。您需要具有交互性才能登录。
from azure.datalake.store import core, lib, multithread
token = lib.auth()
第二种方法是在Azure Active目录中使用服务主体标识。有关设置Azure AD应用程序,检索客户端ID和密码以及使用SPI配置访问权限的分步教程,请访问:https://docs.microsoft.com/en-us/azure/data-lake-store/data-lake-store-service-to-service-authenticate-using-active-directory#create-an-active-directory-application
from azure.common.credentials import ServicePrincipalCredentials
token = lib.auth(tenant_id = '<your azure tenant id>', client_secret = '<your client secret>', client_id = '<your client id>')
以下是博文,介绍如何通过pandas和Jupyter访问它。它还逐步介绍了如何获取身份验证令牌。 https://medium.com/azure-data-lake/using-jupyter-notebooks-and-pandas-with-azure-data-lake-store-48737fbad305