[Identity] Remove dependency on six (#30613)

Compatibility with Python 2.7 is no longer needed, so this
finishes up the six cleanup.

Signed-off-by: Paul Van Eck <paulvaneck@microsoft.com>

Author: pvaneck

sdk/identity/azure-identity/CHANGELOG.md

@@ -11,7 +11,9 @@
 ### Bugs Fixed
 
 ### Other Changes
+
 - VisualStudioCodeCredential prints an informative error message when used (as it is currently broken) ([#30385](https://github.com/Azure/azure-sdk-for-python/pull/30385))
+- Removed dependency on `six`. ([#30613](https://github.com/Azure/azure-sdk-for-python/pull/30613))
 
 ## 1.13.0 (2023-05-11)
 

sdk/identity/azure-identity/azure/identity/_credentials/azd_cli.py

@@ -11,7 +11,6 @@
 import subprocess
 import sys
 from typing import Any, Dict, List, Optional
-import six
 
 from azure.core.credentials import AccessToken
 from azure.core.exceptions import ClientAuthenticationError
@@ -206,8 +205,8 @@ def _run_command(command: str, timeout: int) -> str:
     except OSError as ex:
         # failed to execute 'cmd' or '/bin/sh'
         error = CredentialUnavailableError(message="Failed to execute '{}'".format(args[0]))
-        six.raise_from(error, ex)
+        raise error from ex
     except Exception as ex:  # pylint:disable=broad-except
         # could be a timeout, for example
         error = CredentialUnavailableError(message="Failed to invoke the Azure Developer CLI")
-        six.raise_from(error, ex)
+        raise error from ex

sdk/identity/azure-identity/azure/identity/_credentials/azure_cli.py

@@ -11,7 +11,6 @@
 import sys
 import time
 from typing import List, Optional, Any, Dict
-import six
 
 from azure.core.credentials import AccessToken
 from azure.core.exceptions import ClientAuthenticationError
@@ -184,8 +183,8 @@ def _run_command(command: str, timeout: int) -> str:
     except OSError as ex:
         # failed to execute 'cmd' or '/bin/sh'
         error = CredentialUnavailableError(message="Failed to execute '{}'".format(args[0]))
-        six.raise_from(error, ex)
+        raise error from ex
     except Exception as ex:  # pylint:disable=broad-except
         # could be a timeout, for example
         error = CredentialUnavailableError(message="Failed to invoke the Azure CLI")
-        six.raise_from(error, ex)
+        raise error from ex

sdk/identity/azure-identity/azure/identity/_credentials/azure_powershell.py

@@ -7,7 +7,6 @@
 import subprocess
 import sys
 from typing import List, Tuple, Optional, Any
-import six
 
 from azure.core.credentials import AccessToken
 from azure.core.exceptions import ClientAuthenticationError
@@ -135,7 +134,7 @@ def run_command_line(command_line: List[str], timeout: int) -> str:
             message="Failed to invoke PowerShell.\n"
                     "To mitigate this issue, please refer to the troubleshooting guidelines here at "
                     "https://aka.ms/azsdk/python/identity/powershellcredential/troubleshoot.")
-        six.raise_from(error, ex)
+        raise error from ex
 
     raise_for_error(proc.returncode, stdout, stderr)
     return stdout

sdk/identity/azure-identity/azure/identity/_credentials/certificate.py

@@ -9,7 +9,6 @@
 from cryptography.hazmat.primitives import hashes, serialization
 from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey
 from cryptography.hazmat.backends import default_backend
-import six
 
 from .._internal import validate_tenant_id
 from .._internal.client_credential_base import ClientCredentialBase
@@ -118,7 +117,7 @@ def load_pkcs12_certificate(
         )
     except ValueError as ex:
         # mentioning PEM here because we raise this error when certificate_data is garbage
-        six.raise_from(ValueError("Failed to deserialize certificate in PEM or PKCS12 format"), ex)
+        raise ValueError("Failed to deserialize certificate in PEM or PKCS12 format") from ex
     if not private_key:
         raise ValueError("The certificate must include its private key")
     if not cert:
@@ -154,8 +153,9 @@ def get_client_credential(
         raise ValueError('CertificateCredential requires a value for either "certificate_path" or "certificate_data"')
 
     if password:
-        # if password is already bytes, this won't change its encoding
-        password = six.ensure_binary(password, "utf-8")
+        # if password is already bytes, no need to encode.
+        if isinstance(password, str):
+            password = password.encode("utf-8")
     password = cast("Optional[bytes]", password)
 
     if b"-----BEGIN" in certificate_data:
@@ -175,9 +175,9 @@ def get_client_credential(
         try:
             # the JWT needs the whole chain but load_pem_x509_certificate deserializes only the signing cert
             chain = extract_cert_chain(cert.pem_bytes)
-            client_credential["public_certificate"] = six.ensure_str(chain)
+            client_credential["public_certificate"] = chain.decode("utf-8")
         except ValueError as ex:
             # we shouldn't land here--cryptography already loaded the cert and would have raised if it were malformed
-            six.raise_from(ValueError("Malformed certificate"), ex)
+            raise ValueError("Malformed certificate") from ex
 
     return client_credential

sdk/identity/azure-identity/azure/identity/_credentials/imds.py

@@ -5,8 +5,6 @@
 import os
 from typing import Any, Optional, Dict
 
-import six
-
 from azure.core.exceptions import ClientAuthenticationError, HttpResponseError
 from azure.core.pipeline.transport import HttpRequest
 from azure.core.credentials import AccessToken
@@ -83,7 +81,7 @@ def _request_token(self, *scopes: str, **kwargs: Any) -> AccessToken:
                 self._error_message = (
                     "ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint."
                 )
-                six.raise_from(CredentialUnavailableError(self._error_message), ex)
+                raise CredentialUnavailableError(self._error_message) from ex
 
         if not self._endpoint_available:
             raise CredentialUnavailableError(self._error_message)
@@ -100,8 +98,8 @@ def _request_token(self, *scopes: str, **kwargs: Any) -> AccessToken:
                     self._error_message += "The requested identity has not been assigned to this resource."
                 else:
                     self._error_message += "No identity has been assigned to this resource."
-                six.raise_from(CredentialUnavailableError(message=self._error_message), ex)
+                raise CredentialUnavailableError(message=self._error_message) from ex
 
             # any other error is unexpected
-            six.raise_from(ClientAuthenticationError(message=ex.message, response=ex.response), ex)
+            raise ClientAuthenticationError(message=ex.message, response=ex.response) from ex
         return token

sdk/identity/azure-identity/azure/identity/_credentials/on_behalf_of.py

@@ -5,7 +5,6 @@
 import time
 from typing import Any, Optional
 
-import six
 import msal
 
 from azure.core.credentials import AccessToken
@@ -89,7 +88,7 @@ def __init__(
                 message = (
                     '"client_certificate" is not a valid certificate in PEM or PKCS12 format'
                 )
-                six.raise_from(ValueError(message), ex)
+                raise ValueError(message) from ex
         elif client_secret:
             credential = client_secret
         else:

sdk/identity/azure-identity/azure/identity/_internal/aad_client_base.py

@@ -10,7 +10,6 @@
 from uuid import uuid4
 from typing import TYPE_CHECKING, List, Any, Iterable, Optional, Union, Dict
 
-import six
 from msal import TokenCache
 
 from azure.core.pipeline import PipelineResponse
@@ -208,22 +207,15 @@ def _get_jwt_assertion_request(
 
     def _get_client_certificate_assertion(self, certificate: AadClientCertificate, **kwargs: Any) -> str:
         now = int(time.time())
-        header = six.ensure_binary(
-            json.dumps({"typ": "JWT", "alg": "RS256", "x5t": certificate.thumbprint}), encoding="utf-8"
-        )
-        payload = six.ensure_binary(
-            json.dumps(
-                {
-                    "jti": str(uuid4()),
-                    "aud": self._get_token_url(**kwargs),
-                    "iss": self._client_id,
-                    "sub": self._client_id,
-                    "nbf": now,
-                    "exp": now + (60 * 30),
-                }
-            ),
-            encoding="utf-8",
-        )
+        header = json.dumps({"typ": "JWT", "alg": "RS256", "x5t": certificate.thumbprint}).encode("utf-8")
+        payload = json.dumps({
+            "jti": str(uuid4()),
+            "aud": self._get_token_url(**kwargs),
+            "iss": self._client_id,
+            "sub": self._client_id,
+            "nbf": now,
+            "exp": now + (60 * 30),
+        }).encode("utf-8")
         jws = base64.urlsafe_b64encode(header) + b"." + base64.urlsafe_b64encode(payload)
         signature = certificate.sign(jws)
         jwt_bytes = jws + b"." + base64.urlsafe_b64encode(signature)

sdk/identity/azure-identity/azure/identity/_internal/aadclient_certificate.py

@@ -9,7 +9,6 @@
 from cryptography.hazmat.primitives.asymmetric import padding
 from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey
 from cryptography.hazmat.backends import default_backend
-import six
 
 
 class AadClientCertificate:
@@ -30,7 +29,7 @@ def __init__(
 
         cert = x509.load_pem_x509_certificate(pem_bytes, default_backend())
         fingerprint = cert.fingerprint(hashes.SHA1())  # nosec
-        self._thumbprint = six.ensure_str(base64.urlsafe_b64encode(fingerprint), encoding="utf-8")
+        self._thumbprint = base64.urlsafe_b64encode(fingerprint).decode("utf-8")
 
     @property
     def thumbprint(self) -> str:

sdk/identity/azure-identity/azure/identity/_internal/decorators.py

@@ -7,7 +7,6 @@
 import json
 import base64
 
-from six import raise_from
 from azure.core.exceptions import ClientAuthenticationError
 
 from .utils import within_credential_chain
@@ -76,6 +75,6 @@ def wrapper(*args, **kwargs):
             raise
         except Exception as ex:  # pylint:disable=broad-except
             auth_error = ClientAuthenticationError(message="Authentication failed: {}".format(ex))
-            raise_from(auth_error, ex)
+            raise auth_error from ex
 
     return wrapper