Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Key Vault] Add local-only mode to CryptographyClient #16565
[Key Vault] Add local-only mode to CryptographyClient #16565
Changes from 14 commits
13dd7a2
41ef114
fad4bc0
9ecdf21
b801f12
ae2967b
0d2519f
218a312
8a602c1
8345eb6
ec7afaf
a4dd8f8
e6ae519
a2d8c87
fb36a25
5ca931d
08f5935
8afbfe2
File filter
Filter by extension
Conversations
Jump to
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will be either a valid Key Vault identifier or whatever the user gave us:
Does that remove the need to ask a caller to give us
_key_id
separately?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My thinking here is that a KeyVaultKey provided to CryptographyClient could have a valid Key Vault identifier for its
id
, but that the JsonWebKey could have a differentkid
. I assumed it made more sense to return the Key Vault identifier in the operation result if possible, which is why I added the_key_id
keyword argumentThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That would happen only when someone does
KeyVaultKey(key_id, jwk=jwk)
withkey_id != jwk["kid"]
. Granted, that is possible, but seems unlikely and given KeyVaultKey's docs ask for a Key Vault identifier for key_id, it seems reasonable not to special case it. My $0.02 🤑