matsushita-shin opened a new pull request #2445: URL: https://github.com/apache/hadoop/pull/2445
https://hadoop.apache.org/docs/current/hadoop-azure/abfs.html I have tried OAuth 2.0 authentication with the username and password written above. However, it failed with the following exception. ~~~ Exception in thread "main" HTTP Error 400; url='https://login.microsoftonline.com/3070a5de-410e-4885-XXXX-XXXXXXXXXXXX/oauth2/token' AADToken: HTTP connection to https://login.microsoftonline.com/3070a5de-410e-4885-XXXX-XXXXXXXXXXXX/oauth2/token failed for getting token from AzureAD.; requestId='187c97a4-82a0-4b36-b764-XXXXXXXXXXXX'; contentType='application/json; charset=utf-8'; response '{"error":"unauthorized_client","error_description":"AADSTS700016: Application with identifier 'jiro' was not found in the directory '3070a5de-410e-4885-XXXX-XXXXXXXXXXXX'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.\r\nTrace ID: 187c97a4-82a0-4b36-b764-a3b8b1c45201\r\nCorrelation ID: 4eb4a71e-2eef-4788-9c8c-24f4c84f6981\r\nTimestamp: 2020-11-07 11:49:21Z","error_codes":[700016],"timestamp":"2020-11-07 11:49:21Z","trace_id":"187c97a4-82a0-4 b36-b764-a3b8b1c45201","correlation_id":"4eb4a71e-2eef-4788-9c8c-24f4c84f6981","error_uri":"https://login.microsoftonline.com/error?code=700016"}'org.apache.hadoop.fs.azurebfs.oauth2.AzureADAuthenticator$HttpException: HTTP Error 400; url='https://login.microsoftonline.com/3070a5de-410e-4885-b6cd-95fe759ced2b/oauth2/token' AADToken: HTTP connection to https://login.microsoftonline.com/3070a5de-410e-4885-XXXX-XXXXXXXXXXXX/oauth2/token failed for getting token from AzureAD.; requestId='187c97a4-82a0-4b36-b764-XXXXXXXXXXXX'; contentType='application/json; charset=utf-8'; response '{"error":"unauthorized_client","error_description":"AADSTS700016: Application with identifier 'jiro' was not found in the directory '3070a5de-410e-4885-XXXX-XXXXXXXXXXXX'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.\r\nTrace ID: 187c97a4-82a0-4b36-b764- a3b8b1c45201\r\nCorrelation ID: 4eb4a71e-2eef-4788-9c8c-24f4c84f6981\r\nTimestamp: 2020-11-07 11:49:21Z","error_codes":[700016],"timestamp":"2020-11-07 11:49:21Z","trace_id":"187c97a4-82a0-4b36-b764-a3b8b1c45201","correlation_id":"4eb4a71e-2eef-4788-9c8c-24f4c84f6981","error_uri":"https://login.microsoftonline.com/error?code=700016"}' at org.apache.hadoop.fs.azurebfs.services.AbfsRestOperation.executeHttpOperation(AbfsRestOperation.java:215) at org.apache.hadoop.fs.azurebfs.services.AbfsRestOperation.execute(AbfsRestOperation.java:134) at org.apache.hadoop.fs.azurebfs.services.AbfsClient.createPath(AbfsClient.java:293) at org.apache.hadoop.fs.azurebfs.AzureBlobFileSystemStore.createDirectory(AzureBlobFileSystemStore.java:445) at org.apache.hadoop.fs.azurebfs.AzureBlobFileSystem.mkdirs(AzureBlobFileSystem.java:409) at org.apache.hadoop.fs.FileSystem.mkdirs(FileSystem.java:2355) at com.sample.HelloWorld.main(HelloWorld.java:116) Caused by: org.apache.hadoop.fs.azurebfs.oauth2.AzureADAuthenticator$HttpException: HTTP Error 400; url='https://login.microsoftonline.com/3070a5de-410e-XXXX-XXXXXXXXXXXX/oauth2/token' AADToken: HTTP connection to https://login.microsoftonline.com/3070a5de-410e-4885-XXXX-XXXXXXXXXXXX/oauth2/token failed for getting token from AzureAD.; requestId='187c97a4-82a0-4b36-b764-a3b8b1c45201'; contentType='application/json; charset=utf-8'; response '{"error":"unauthorized_client","error_description":"AADSTS700016: Application with identifier 'jiro' was not found in the directory '3070a5de-410e-4885-XXXX-XXXXXXXXXXXX'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.\r\nTrace ID: 187c97a4-82a0-4b36-b764-a3b8b1c45201\r\nCorrelation ID: 4eb4a71e-2eef-4788-9c8c-24f4c84f6981\r\nTimestamp: 2020-11-07 11:49:21Z","error_codes":[700016],"timestamp ":"2020-11-07 11:49:21Z","trace_id":"187c97a4-82a0-4b36-b764-a3b8b1c45201","correlation_id":"4eb4a71e-2eef-4788-9c8c-24f4c84f6981","error_uri":"https://login.microsoftonline.com/error?code=700016"}' at org.apache.hadoop.fs.azurebfs.oauth2.AzureADAuthenticator.getTokenSingleCall(AzureADAuthenticator.java:394) at org.apache.hadoop.fs.azurebfs.oauth2.AzureADAuthenticator.getTokenCall(AzureADAuthenticator.java:291) at org.apache.hadoop.fs.azurebfs.oauth2.AzureADAuthenticator.getTokenCall(AzureADAuthenticator.java:273) at org.apache.hadoop.fs.azurebfs.oauth2.AzureADAuthenticator.getTokenUsingClientCreds(AzureADAuthenticator.java:96) at org.apache.hadoop.fs.azurebfs.oauth2.UserPasswordTokenProvider.refreshToken(UserPasswordTokenProvider.java:54) at org.apache.hadoop.fs.azurebfs.oauth2.AccessTokenProvider.getToken(AccessTokenProvider.java:50) at org.apache.hadoop.fs.azurebfs.services.AbfsClient.getAccessToken(AbfsClient.java:670) at org.apache.hadoop.fs.azurebfs.services.AbfsRestOperation.executeHttpOperation(AbfsRestOperation.java:168) ... 6 more ~~~ The cause of the error seems to be that UserPasswordTokenProvider is calling getTokenUsingClientCreds() for the service principal. https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc I checked the API specifications of Azure and fixed the cause of this error. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
