Add proxy support (#172)

* implemented proxy support for BlobStorageTarget

* using booleans instead of Layout for `UseProxy` and `UseDefaultCredentialsForProxy`
leave `BlobClientOptions` null unless proxy support is enabled

* Using `NoProxy` to disable the use of any proxies
only creating a custom `Transport` for `BlobClientOptions` if it is warranted (custom proxy/proxy credentials, disabling proxy or using default credentials for proxy)

* Using `ProxyType` to control what kind of proxy we get instead, replacing `NoProxy`

* only create a BlobClientInstance for a custom proxy configuration

* CreateProxy is now only used to really create a custom proxy
made RequiresManualProxyConfiguration even more precise

* moved `HttpPipelineTransport` creation `ProxyHelper`

* moved `HttpClientTransport` creation to ProxyHelpers

* using NoProxy to control whether proxy bypass is enabled
removed ProxyType

* implemented proxy support for AzureDataTables, AzureEventGrid and AzureQueueStorage targets

* fixed XML comment for NoProxy (wrongly referenced ProxyPassword instead of ProxyAddress)
simplified XML comment for UseDefaultCredentialsForProxy (removed statement about NoProxy)

---------

Co-authored-by: Stephan Steiner <[email protected]>

Author: ssteiner

src/NLog.Extensions.AzureBlobStorage/BlobStorageTarget.cs

@@ -1,12 +1,15 @@
 using System;
 using System.Collections.Generic;
+using System.Net.Http;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
+using Azure.Core.Pipeline;
 using Azure.Storage.Blobs;
 using Azure.Storage.Blobs.Specialized;
 using NLog.Common;
 using NLog.Config;
+using NLog.Extensions.AzureBlobStorage;
 using NLog.Extensions.AzureStorage;
 using NLog.Layouts;
 
@@ -105,6 +108,32 @@ public sealed class BlobStorageTarget : AsyncTaskTarget
         /// </summary>
         public Layout ClientAuthSecret { get; set; }
 
+        /// <summary>
+        /// Bypasses any system proxy and proxy in <see cref="ProxyAddress"/> when set to <see langword="true"/>.
+        /// Overrides <see cref="ProxyAddress"/>.
+        /// </summary>
+        public bool NoProxy { get; set; }
+
+        /// <summary>
+        /// Address of the proxy server to use (e.g. http://proxyserver:8080).
+        /// </summary>
+        public Layout ProxyAddress { get; set; }
+
+        /// <summary>
+        /// Login to use for the proxy server. Requires <see cref="ProxyPassword"/>.
+        /// </summary>
+        public Layout ProxyLogin { get; set; }
+
+        /// <summary>
+        /// Password to use for the proxy server. Requires <see cref="ProxyLogin"/>.
+        /// </summary>
+        public Layout ProxyPassword { get; set; }
+
+        /// <summary>
+        /// Uses the default credentials (<see cref="System.Net.CredentialCache.DefaultCredentials"/>) for the proxy server, overriding any values that may have been set in <see cref="ProxyLogin"/> and <see cref="ProxyPassword"/>.
+        /// </summary>
+        public bool UseDefaultCredentialsForProxy { get; set; }
+
         /// <summary>
         /// Name of the Blob storage Container
         /// </summary>
@@ -184,6 +213,7 @@ protected override void InitializeTarget()
 
             Dictionary<string, string> blobMetadata = null;
             Dictionary<string, string> blobTags = null;
+            ProxySettings proxySettings = null;
 
             var defaultLogEvent = LogEventInfo.CreateNullEvent();
 
@@ -202,6 +232,14 @@ protected override void InitializeTarget()
                     clientAuthId = ClientAuthId?.Render(defaultLogEvent);
                     clientAuthSecret = ClientAuthSecret?.Render(defaultLogEvent);
                 }
+                proxySettings = new ProxySettings
+                {
+                    NoProxy = NoProxy,
+                    UseDefaultCredentials = UseDefaultCredentialsForProxy,
+                    Address = ProxyAddress?.Render(defaultLogEvent),
+                    Login = ProxyLogin?.Render(defaultLogEvent),
+                    Password = ProxyPassword?.Render(defaultLogEvent)
+                };
 
                 if (BlobMetadata?.Count > 0)
                 {
@@ -232,7 +270,7 @@ protected override void InitializeTarget()
                     }
                 }
 
-                _cloudBlobService.Connect(connectionString, serviceUri, tenantIdentity, managedIdentityResourceId, managedIdentityClientId, sharedAccessSignature, storageAccountName, storageAccountAccessKey, clientAuthId, clientAuthSecret, blobMetadata, blobTags);
+                _cloudBlobService.Connect(connectionString, serviceUri, tenantIdentity, managedIdentityResourceId, managedIdentityClientId, sharedAccessSignature, storageAccountName, storageAccountAccessKey, clientAuthId, clientAuthSecret, blobMetadata, blobTags, proxySettings);
                 InternalLogger.Debug("AzureBlobStorageTarget(Name={0}): Initialized", Name);
             }
             catch (Exception ex)
@@ -445,33 +483,46 @@ class CloudBlobService : ICloudBlobService
             private AppendBlobClient _appendBlob;
             private BlobContainerClient _container;
 
-            public void Connect(string connectionString, string serviceUri, string tenantIdentity, string managedIdentityResourceId, string managedIdentityClientId, string sharedAccessSignature, string storageAccountName, string storageAccountAccessKey, string clientAuthId, string clientAuthSecret, IDictionary<string, string> blobMetadata, IDictionary<string, string> blobTags)
+            public void Connect(string connectionString, string serviceUri, string tenantIdentity, string managedIdentityResourceId, string managedIdentityClientId, string sharedAccessSignature, string storageAccountName, string storageAccountAccessKey, string clientAuthId, string clientAuthSecret, IDictionary<string, string> blobMetadata, IDictionary<string, string> blobTags, ProxySettings proxySettings = null)
             {
                 _blobMetadata = blobMetadata?.Count > 0 ? blobMetadata : null;
                 _blobTags = blobTags?.Count > 0 ? blobTags : null;
-
+                BlobClientOptions options = ConfigureClientOptions(proxySettings);
                 if (string.IsNullOrWhiteSpace(serviceUri))
                 {
-                    _client = new BlobServiceClient(connectionString);
+                    _client = new BlobServiceClient(connectionString, options);
                 }
                 else if (!string.IsNullOrEmpty(sharedAccessSignature))
                 {
-                    _client = new BlobServiceClient(new Uri(serviceUri), new Azure.AzureSasCredential(sharedAccessSignature));
+                    _client = new BlobServiceClient(new Uri(serviceUri), new Azure.AzureSasCredential(sharedAccessSignature), options);
                 }
                 else if (!string.IsNullOrWhiteSpace(storageAccountName))
                 {
-                    _client = new BlobServiceClient(new Uri(serviceUri), new Azure.Storage.StorageSharedKeyCredential(storageAccountName, storageAccountAccessKey));
+                    _client = new BlobServiceClient(new Uri(serviceUri), new Azure.Storage.StorageSharedKeyCredential(storageAccountName, storageAccountAccessKey), options);
                 }
                 else if (!string.IsNullOrEmpty(clientAuthId) && !string.IsNullOrEmpty(clientAuthSecret) && !string.IsNullOrEmpty(tenantIdentity))
                 {
                     var tokenCredentials = new Azure.Identity.ClientSecretCredential(tenantIdentity, clientAuthId, clientAuthSecret);
-                    _client = new BlobServiceClient(new Uri(serviceUri), tokenCredentials);
+                    _client = new BlobServiceClient(new Uri(serviceUri), tokenCredentials, options);
                 }
                 else
                 {
                     var tokenCredentials = AzureCredentialHelpers.CreateTokenCredentials(managedIdentityClientId, tenantIdentity, managedIdentityResourceId);
-                    _client = new BlobServiceClient(new Uri(serviceUri), tokenCredentials);
+                    _client = new BlobServiceClient(new Uri(serviceUri), tokenCredentials, options);
+                }
+            }
+
+            private static BlobClientOptions ConfigureClientOptions(ProxySettings proxySettings)
+            {
+                var transport = proxySettings?.CreateHttpClientTransport();
+                if (transport != null)
+                {
+                    return new BlobClientOptions
+                    {
+                        Transport = transport
+                    };
                 }
+                return null;
             }
 
             public Task AppendFromByteArrayAsync(string containerName, string blobName, string contentType, byte[] buffer, CancellationToken cancellationToken)

src/NLog.Extensions.AzureBlobStorage/ICloudBlobService.cs

@@ -1,12 +1,13 @@
-using System.Collections.Generic;
+using NLog.Extensions.AzureBlobStorage;
+using System.Collections.Generic;
 using System.Threading;
 using System.Threading.Tasks;
 
 namespace NLog.Extensions.AzureStorage
 {
     interface ICloudBlobService
     {
-        void Connect(string connectionString, string serviceUri, string tenantIdentity, string managedIdentityResourceId, string managedIdentityClientId, string sharedAccessSignature, string storageAccountName, string storageAccountAccessKey, string clientAuthId, string clientAuthSecret, IDictionary<string, string> blobMetadata, IDictionary<string, string> blobTags);
+        void Connect(string connectionString, string serviceUri, string tenantIdentity, string managedIdentityResourceId, string managedIdentityClientId, string sharedAccessSignature, string storageAccountName, string storageAccountAccessKey, string clientAuthId, string clientAuthSecret, IDictionary<string, string> blobMetadata, IDictionary<string, string> blobTags, ProxySettings proxySettings = null);
         Task AppendFromByteArrayAsync(string containerName, string blobName, string contentType, byte[] buffer, CancellationToken cancellationToken);
     }
 }

src/NLog.Extensions.AzureBlobStorage/NLog.Extensions.AzureBlobStorage.csproj

@@ -40,6 +40,7 @@ Docs: https://github.com/JDetmar/NLog.Extensions.AzureStorage/blob/master/src/NL
   <ItemGroup>
     <Compile Include="..\NLog.Extensions.AzureStorage\AzureCredentialHelper.cs" Link="AzureCredentialHelper.cs" />
     <Compile Include="..\NLog.Extensions.AzureStorage\AzureStorageNameCache.cs" Link="AzureStorageNameCache.cs" />
+    <Compile Include="..\NLog.Extensions.AzureStorage\ProxyHelpers.cs" Link="ProxyHelpers.cs" />
     <Compile Include="..\NLog.Extensions.AzureStorage\SortHelpers.cs" Link="SortHelpers.cs" />
   </ItemGroup>
 

src/NLog.Extensions.AzureBlobStorage/README.md

@@ -57,6 +57,16 @@ _clientAuthId_ - clientId for `ClientSecretCredential` authentication. Requires
 
 _clientAuthSecret_ - clientSecret for `ClientSecretCredential` authentication. Requires `serviceUri`,`tenantIdentity` and `clientAuthId`.
 
+_noProxy_ - Bypasses any system proxy and proxy in `ProxyAddress` when set to `true`.
+
+_proxyAddress_ - Address of the proxy server to use (e.g. http://proxyserver:8080).
+
+_proxyLogin_ - Login to use for the proxy server. Requires `proxyPassword`.
+
+_proxyPassword_ - Password to use for the proxy server. Requires `proxyLogin`.
+
+_useDefaultCredentialsForProxy_ - Uses the default credentials (`System.Net.CredentialCache.DefaultCredentials`) for the proxy server, overriding any values that may have been set in `proxyLogin` and `proxyPassword`.
+
 ### Batching Policy
 
 _batchSize_ - Number of EventData items to send in a single batch (Default=100)

src/NLog.Extensions.AzureDataTables/DataTablesTarget.cs

@@ -6,6 +6,7 @@
 using Azure.Data.Tables;
 using NLog.Common;
 using NLog.Config;
+using NLog.Extensions.AzureBlobStorage;
 using NLog.Extensions.AzureStorage;
 using NLog.Layouts;
 
@@ -144,6 +145,33 @@ public override int GetHashCode()
         /// </summary>
         public Layout ClientAuthSecret { get; set; }
 
+        /// <summary>
+        /// Bypasses any system proxy and proxy in <see cref="ProxyAddress"/> when set to <see langword="true"/>.
+        /// Overrides <see cref="ProxyAddress"/>.
+        /// </summary>
+        public bool NoProxy { get; set; }
+
+        /// <summary>
+        /// Address of the proxy server to use (e.g. http://proxyserver:8080).
+        /// </summary>
+        public Layout ProxyAddress { get; set; }
+
+        /// <summary>
+        /// Login to use for the proxy server. Requires <see cref="ProxyPassword"/>.
+        /// </summary>
+        public Layout ProxyLogin { get; set; }
+
+        /// <summary>
+        /// Password to use for the proxy server. Requires <see cref="ProxyLogin"/>.
+        /// </summary>
+        public Layout ProxyPassword { get; set; }
+
+        /// <summary>
+        /// Uses the default credentials (<see cref="System.Net.CredentialCache.DefaultCredentials"/>) for the proxy server, overriding any values that may have been set in <see cref="ProxyLogin"/> and <see cref="ProxyPassword"/>.
+        /// </summary>
+        public bool UseDefaultCredentialsForProxy { get; set; }
+
+
         /// <summary>
         /// Gets or sets the name of the Azure table where log entries will be stored.
         /// </summary>
@@ -209,6 +237,8 @@ protected override void InitializeTarget()
             string clientAuthId = string.Empty;
             string clientAuthSecret = string.Empty;
 
+            ProxySettings proxySettings = null;
+
             var defaultLogEvent = LogEventInfo.CreateNullEvent();
 
             try
@@ -226,8 +256,16 @@ protected override void InitializeTarget()
                     clientAuthId = ClientAuthId?.Render(defaultLogEvent);
                     clientAuthSecret = ClientAuthSecret?.Render(defaultLogEvent);
                 }
-
-                _cloudTableService.Connect(connectionString, serviceUri, tenantIdentity, managedIdentityResourceId, managedIdentityClientId, sharedAccessSignature, accountName, accessKey, clientAuthId, clientAuthSecret);
+                proxySettings = new ProxySettings
+                {
+                    NoProxy = NoProxy,
+                    UseDefaultCredentials = UseDefaultCredentialsForProxy,
+                    Address = ProxyAddress?.Render(defaultLogEvent),
+                    Login = ProxyLogin?.Render(defaultLogEvent),
+                    Password = ProxyPassword?.Render(defaultLogEvent)
+                };
+
+                _cloudTableService.Connect(connectionString, serviceUri, tenantIdentity, managedIdentityResourceId, managedIdentityClientId, sharedAccessSignature, accountName, accessKey, clientAuthId, clientAuthSecret, proxySettings);
                 InternalLogger.Debug("AzureDataTablesTarget(Name={0}): Initialized", Name);
             }
             catch (Exception ex)
@@ -452,19 +490,20 @@ class CloudTableService : ICloudTableService
             private TableServiceClient _client;
             private TableClient _table;
 
-            public void Connect(string connectionString, string serviceUri, string tenantIdentity, string managedIdentityResourceId, string managedIdentityClientId, string sharedAccessSignature, string storageAccountName, string storageAccountAccessKey, string clientAuthId, string clientAuthSecret)
+            public void Connect(string connectionString, string serviceUri, string tenantIdentity, string managedIdentityResourceId, string managedIdentityClientId, string sharedAccessSignature, string storageAccountName, string storageAccountAccessKey, string clientAuthId, string clientAuthSecret, ProxySettings proxySettings = null)
             {
+                TableClientOptions options = ConfigureClientOptions(proxySettings);
                 if (string.IsNullOrWhiteSpace(serviceUri))
                 {
-                    _client = new TableServiceClient(connectionString);
+                    _client = new TableServiceClient(connectionString, options);
                 }
                 else if (!string.IsNullOrWhiteSpace(sharedAccessSignature))
                 {
-                    _client = new TableServiceClient(new Uri(serviceUri), new Azure.AzureSasCredential(sharedAccessSignature));
+                    _client = new TableServiceClient(new Uri(serviceUri), new Azure.AzureSasCredential(sharedAccessSignature), options);
                 }
                 else if (!string.IsNullOrWhiteSpace(storageAccountName))
                 {
-                    _client = new TableServiceClient(new Uri(serviceUri), new TableSharedKeyCredential(storageAccountName, storageAccountAccessKey));
+                    _client = new TableServiceClient(new Uri(serviceUri), new TableSharedKeyCredential(storageAccountName, storageAccountAccessKey), options);
                 }
                 else if (!string.IsNullOrEmpty(clientAuthId) && !string.IsNullOrEmpty(clientAuthSecret) && !string.IsNullOrEmpty(tenantIdentity))
                 {
@@ -474,10 +513,23 @@ public void Connect(string connectionString, string serviceUri, string tenantIde
                 else
                 {
                     var tokenCredentials = AzureCredentialHelpers.CreateTokenCredentials(managedIdentityClientId, tenantIdentity, managedIdentityResourceId);
-                    _client = new TableServiceClient(new Uri(serviceUri), tokenCredentials);
+                    _client = new TableServiceClient(new Uri(serviceUri), tokenCredentials, options);
                 }
             }
 
+            private static TableClientOptions ConfigureClientOptions(ProxySettings proxySettings)
+            {
+                var transport = proxySettings?.CreateHttpClientTransport();
+                if (transport != null)
+                {
+                    return new TableClientOptions
+                    {
+                        Transport = transport
+                    };
+                }
+                return null;
+            }
+
             public Task SubmitTransactionAsync(string tableName, IEnumerable<TableTransactionAction> tableTransaction, CancellationToken cancellationToken)
             {
                 var table = _table;

src/NLog.Extensions.AzureDataTables/ICloudTableService.cs

@@ -2,12 +2,13 @@
 using System.Threading;
 using System.Threading.Tasks;
 using Azure.Data.Tables;
+using NLog.Extensions.AzureBlobStorage;
 
 namespace NLog.Extensions.AzureStorage
 {
     interface ICloudTableService
     {
-        void Connect(string connectionString, string serviceUri, string tenantIdentity, string managedIdentityResourceId, string managedIdentityClientId, string sharedAccessSignature, string storageAccountName, string storageAccountAccessKey, string clientAuthId, string clientAuthSecret);
+        void Connect(string connectionString, string serviceUri, string tenantIdentity, string managedIdentityResourceId, string managedIdentityClientId, string sharedAccessSignature, string storageAccountName, string storageAccountAccessKey, string clientAuthId, string clientAuthSecret, ProxySettings proxySettings = null);
         Task SubmitTransactionAsync(string tableName, IEnumerable<TableTransactionAction> tableTransaction, CancellationToken cancellationToken);
     }
 }

src/NLog.Extensions.AzureDataTables/NLog.Extensions.AzureDataTables.csproj

@@ -40,6 +40,7 @@ Docs: https://github.com/JDetmar/NLog.Extensions.AzureStorage/blob/master/src/NL
   <ItemGroup>
     <Compile Include="..\NLog.Extensions.AzureStorage\AzureCredentialHelper.cs" Link="AzureCredentialHelper.cs" />
     <Compile Include="..\NLog.Extensions.AzureStorage\AzureStorageNameCache.cs" Link="AzureStorageNameCache.cs" />
+    <Compile Include="..\NLog.Extensions.AzureStorage\ProxyHelpers.cs" Link="ProxyHelpers.cs" />
     <Compile Include="..\NLog.Extensions.AzureStorage\SortHelpers.cs" Link="SortHelpers.cs" />
   </ItemGroup>
 

src/NLog.Extensions.AzureDataTables/README.md

@@ -48,6 +48,16 @@ _clientAuthId_ - clientId for `ClientSecretCredential` authentication. Requires
 
 _clientAuthSecret_ - clientSecret for `ClientSecretCredential` authentication. Requires `serviceUri`,`tenantIdentity` and `clientAuthId`.
 
+_noProxy_ - Bypasses any system proxy and proxy in `ProxyAddress` when set to `true`.
+
+_proxyAddress_ - Address of the proxy server to use (e.g. http://proxyserver:8080).
+
+_proxyLogin_ - Login to use for the proxy server. Requires `proxyPassword`.
+
+_proxyPassword_ - Password to use for the proxy server. Requires `proxyLogin`.
+
+_useDefaultCredentialsForProxy_ - Uses the default credentials (`System.Net.CredentialCache.DefaultCredentials`) for the proxy server, overriding any values that may have been set in `proxyLogin` and `proxyPassword`.
+
 _tableName_ - Azure table name. [Layout](https://github.com/NLog/NLog/wiki/Layouts)
 
 _rowKey_ - Azure Table RowKey. [Layout](https://github.com/NLog/NLog/wiki/Layouts). Default = "InverseTicks_${guid}"