Skip to content

.NET: fix: Require explicit TokenCredential in AddFoundryToolboxes#6877

Merged
SergeyMenshykh merged 3 commits into
microsoft:mainfrom
SergeyMenshykh:sergeymenshykh-fix-default-azure-credential-codeql
Jul 2, 2026
Merged

.NET: fix: Require explicit TokenCredential in AddFoundryToolboxes#6877
SergeyMenshykh merged 3 commits into
microsoft:mainfrom
SergeyMenshykh:sergeymenshykh-fix-default-azure-credential-codeql

Conversation

@SergeyMenshykh

@SergeyMenshykh SergeyMenshykh commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Summary

AddFoundryToolboxes now requires callers to pass a TokenCredential explicitly. The toolbox service uses that credential directly instead of resolving a default credential from DI.

Notes

  • Updates samples/docs for the new call shape: AddFoundryToolboxes(credential, name).
  • Prevents duplicate FoundryToolboxService registration.
  • Removes the Azure.Identity dependency from the hosting library.

This is a breaking change to an experimental API.

The AddFoundryToolboxes extension methods now require callers to
pass a TokenCredential explicitly rather than relying on an
internally-created default credential. This makes the credential
choice intentional and avoids non-deterministic credential probing
in production environments.

Breaking change (experimental API):
- AddFoundryToolboxes(IServiceCollection, params string[]) becomes
  AddFoundryToolboxes(IServiceCollection, TokenCredential, params string[])
- AddFoundryToolboxes(IServiceCollection, Action?, params string[]) becomes
  AddFoundryToolboxes(IServiceCollection, TokenCredential, Action?, params string[])
- Azure.Identity package dependency removed from Foundry.Hosting library.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings July 2, 2026 10:47
@giles17 giles17 added documentation Usage: [Issues, PRs], Target: documentation in the code base and learn docs .NET Usage: [Issues, PRs], Target: .Net labels Jul 2, 2026
@github-actions github-actions Bot changed the title fix: Require explicit TokenCredential in AddFoundryToolboxes .NET: fix: Require explicit TokenCredential in AddFoundryToolboxes Jul 2, 2026
@SergeyMenshykh SergeyMenshykh self-assigned this Jul 2, 2026
@SergeyMenshykh SergeyMenshykh moved this to In Review in Agent Framework Jul 2, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the .NET Foundry hosting extensions so AddFoundryToolboxes requires an explicit TokenCredential from callers, eliminating implicit/default credential selection and removing the Azure.Identity dependency from the hosting library.

Changes:

  • Updated AddFoundryToolboxes overloads to require a TokenCredential parameter and removed internal default-credential creation.
  • Removed the Azure.Identity package reference from Microsoft.Agents.AI.Foundry.Hosting.
  • Updated docs/samples/tests/cref references to pass a credential explicitly.

Reviewed changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
dotnet/tests/Foundry.Hosting.IntegrationTests/Fixtures/ToolboxOAuthConsentHostedAgentFixture.cs Updates fixture comment to reflect new AddFoundryToolboxes(credential, ...) signature.
dotnet/tests/Foundry.Hosting.IntegrationTests.TestContainer/Program.cs Extracts credential and passes it into AIProjectClient and AddFoundryToolboxes.
dotnet/src/Microsoft.Agents.AI.Foundry.Hosting/ServiceCollectionExtensions.cs Changes the AddFoundryToolboxes API to require TokenCredential and adjusts DI registration.
dotnet/src/Microsoft.Agents.AI.Foundry.Hosting/Microsoft.Agents.AI.Foundry.Hosting.csproj Removes Azure.Identity package reference from the hosting library.
dotnet/src/Microsoft.Agents.AI.Foundry.Hosting/FoundryToolboxHealthCheck.cs Updates XML cref to match the new method signature and adds Azure.Core import.
dotnet/samples/04-hosting/FoundryHostedAgents/responses/Hosted-Toolbox/README.md Updates documentation to show AddFoundryToolboxes(credential, name).
dotnet/samples/04-hosting/FoundryHostedAgents/responses/Hosted-Toolbox/Program.cs Passes the existing credential into AddFoundryToolboxes.
dotnet/samples/04-hosting/FoundryHostedAgents/responses/Hosted-Toolbox-AuthPaths/README.md Updates toolbox wiring guidance to the new signature.
dotnet/samples/04-hosting/FoundryHostedAgents/responses/Hosted-Toolbox-AuthPaths/Program.cs Updates comments and call site to pass the credential explicitly.

Comment thread dotnet/src/Microsoft.Agents.AI.Foundry.Hosting/ServiceCollectionExtensions.cs Outdated

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automated Code Review

Reviewers: 5 | Confidence: 82%

✓ Correctness

The PR correctly implements the stated goal of requiring an explicit TokenCredential. The credential flows through DI to FoundryToolboxService and its handler correctly. Null guards are present. The Azure.Identity removal is safe as Azure.Core is still available transitively via Azure.AI.Projects. All call sites (samples, tests) are consistently updated. No correctness issues found.

✓ Security Reliability

This PR is a clear security improvement—removing implicit DefaultAzureCredential probing from library internals and requiring calers to supply an explicit TokenCredential. The input validation (ArgumentNullException.ThrowIfNull) is correct. One reliability concern: the switch from TryAddSingleton to AddSingleton for TokenCredential registration means repeated calls to AddFoundryToolboxes (an explicitly supported scenario per line 174's comment) will register duplicate TokenCredential singletons, and the credential bleds into the global DI container where it could affect other services resolving TokenCredential.

✓ Test Coverage

The PR adds a required TokenCredential parameter to AddFoundryToolboxes and validates it with ArgumentNullException.ThrowIfNull, but there are zero unit tests for AddFoundryToolboxes in the existing ServiceCollectionExtensionsTests.cs. The null-credential validation, the DI registration behavior (notably the switch from TryAddSingleton to AddSingleton for TokenCredential), and the options configuration all lack test coverage.

✓ Failure Modes

The PR correctly removes implicit DefaultAzureCredential probing. However, the switch from TryAddSingleton to AddSingleton for the TokenCredential registration introduces a silent last-wins behavior when AddFoundryToolboxes is called multiple times (a scenario the code explicitly supports per comments at lines 174 and 182-183). This can silently overwrite a credential from an earlier call or conflict with other components that register TokenCredential.

✓ Design Approach

I found one design-level issue in the DI wiring for AddFoundryToolboxes: the new API requires an explicit credential, but the implementation still collapses all toolbox registrations onto a single TokenCredential. That means repeated AddFoundryToolboxes(...) calls can silently authenticate every toolbox with the wrong credential, which is broader behavior than the PR rationale describes.

Suggestions

  • Consider using services.TryAddSingleton<TokenCredential>(credential) at ServiceCollectionExtensions.cs:169 to match the first-wins semantics used for FoundryToolboxService (line 172) and avoid silent credential replacement when AddFoundryToolboxes is called multiple times. Alternatively, scope the credential more narrowly (e.g., pass it directly to FoundryToolboxService via a factory registration) to support per-toolbox credential isolation.

Automated review by SergeyMenshykh's agents

Comment thread dotnet/src/Microsoft.Agents.AI.Foundry.Hosting/ServiceCollectionExtensions.cs Outdated
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Inject the AddFoundryToolboxes credential directly into the
FoundryToolboxService factory and fail early if the service was
already registered. This avoids registering TokenCredential in the
host DI container while preserving a single toolbox service instance
for both request handling and hosted startup.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@SergeyMenshykh SergeyMenshykh added this pull request to the merge queue Jul 2, 2026
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Jul 2, 2026
@SergeyMenshykh SergeyMenshykh added this pull request to the merge queue Jul 2, 2026
Merged via the queue into microsoft:main with commit 331d17c Jul 2, 2026
29 checks passed
@github-project-automation github-project-automation Bot moved this from In Review to Done in Agent Framework Jul 2, 2026
This was referenced Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

documentation Usage: [Issues, PRs], Target: documentation in the code base and learn docs .NET Usage: [Issues, PRs], Target: .Net

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

6 participants