Milestone 1.7.0 fix/authx pro wrong policy xml#77
Merged
simonkurtz-MSFT merged 13 commits intoJul 16, 2025
Merged
Conversation
Thank you, Jeff!
Python 3.12 Test Results210 tests - 2 210 ✅ - 2 1s ⏱️ -1s Results for commit d4e4c4f. ± Comparison against base commit 625398c. This pull request removes 15 and adds 13 tests. Note that renamed tests count towards both.♻️ This comment has been updated with latest results. |
Python 3.13 Test Results210 tests - 2 210 ✅ - 2 1s ⏱️ -1s Results for commit d4e4c4f. ± Comparison against base commit 625398c. This pull request removes 15 and adds 13 tests. Note that renamed tests count towards both.♻️ This comment has been updated with latest results. |
simonkurtz-MSFT
added
bug
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull Request Overview
This PR fixes issues with the AuthX Pro sample by updating policy XML references, introducing a new product-match-any fragment, and improving JSON output handling.
- Remove broken tests for trailing commas and drop deprecated REQUIRE_PRODUCT_XML_POLICY_PATH constant
- Add a
getJsonmethod and enhance JSON extraction/parsing inutils.py - Introduce
productSubscriptionin Bicep, add product-match-any policy fragment, and update all samples/notebooks to usepol_prefixes
Reviewed Changes
Copilot reviewed 22 out of 22 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| tests/python/test_utils.py | Remove tests expecting failures on trailing commas in JSON |
| tests/python/test_apimtypes.py | Drop assertion for removed REQUIRE_PRODUCT_XML_POLICY_PATH constant |
| shared/python/utils.py | Import ast, add getJson, update extract_json/is_string_json |
| shared/python/authfactory.py | Remove unused Optional import |
| shared/python/apimtypes.py | Remove REQUIRE_PRODUCT_XML_POLICY_PATH, change SUBSCRIPTION_KEY_PARAMETER_NAME |
| shared/bicep/modules/apim/v1/product.bicep | Add productSubscription resource and subscription outputs |
| shared/apim-policies/fragments/pf-product-match-any.xml | New XML fragment to check product membership |
| samples/secure-blob-access/pf-authx-hr-member.xml | Reorder comment and <value> element |
| samples/secure-blob-access/create.ipynb | Rename policy variable to pol_blob_get |
| samples/load-balancing/create.ipynb | Rename policy variables to pol_ prefixes |
| samples/general/create.ipynb | Rename request-headers policy to pol_request_headers_get |
| samples/azure-maps/create.ipynb | Rename map policy variables to pol_map_ prefixes |
| samples/authX/create.ipynb | Rename HR policies to pol_hr_ prefixes |
| samples/authX-pro/pf-authx-hr-member.xml | Reorder comment and <value> element |
| samples/authX-pro/main.bicep | Add productOutputs array with subscription outputs |
| samples/authX-pro/hr_product.xml | Reorder comment and <value> element |
| samples/authX-pro/hr_all_operations_pro.xml | Add new HR operations policy for Pro sample |
| samples/authX-pro/create.ipynb | Rename vars, handle subscription key output, expand test coverage |
| infrastructure/simple-apim/create.ipynb | Include Product-Match-Any fragment and rename hello-world var |
| infrastructure/apim-aca/create.ipynb | Include Product-Match-Any fragment and rename backend policy vars |
| infrastructure/afd-apim-pe/create.ipynb | Include Product-Match-Any fragment and rename policy vars |
| README.md | Update link for “Secure Front Door & API Management & Container Apps” |
Comments suppressed due to low confidence (2)
shared/python/utils.py:156
- [nitpick] The method name
getJsonuses camelCase, which is inconsistent with the project's snake_case naming conventions. Consider renaming it toget_json.
def getJson(self, key: str, label: str = '', secure: bool = False) -> Any:
shared/apim-policies/fragments/pf-product-match-any.xml:10
- The XML attribute value contains unescaped double quotes, which can break XML parsing. Escape the inner quotes (e.g.,
") or switch to single quotes for the attribute.
<when condition="@{
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #67