Azure authentication from credentials in environment variables

[kk99999]

When a certificate is stored in Azure Key Vault and the Azure Sign Tool is used within an Azure DevOps pipeline—with addSpnToEnvironment set to true—Azure DevOps automatically injects the credentials (tenant ID, client ID, and client secret) into the environment as variables, allowing files to be signed without explicitly providing these credentials. Can jsign be enhanced to support this same behavior, so there is no need to manually input these credentials? This would be a valuable enhancement for DevOps workflows who need to sign jar files in CI pipelines. Any chance this could be implemented?

[ebourg]

Jsign uses the access token obtained after the authentication. For the environment variables to be supported Jsign would have to learn how to perform the Azure authentication itself.

[ebourg]

The environment variables:
https://learn.microsoft.com/en-us/dotnet/api/azure.identity.environmentcredential?view=azure-dotnet