Error on incorect client arguments

Author: JoeDupuis

README.md

@@ -34,9 +34,7 @@ AzureBlob supports managed identities on :
 
 AKS support will likely require more work. Contributions are welcome.
 
-To authenticate through managed identities instead of a shared key, omit `storage_access_key` from your `storage.yml` file.
-
-It is recommended to add the identity's `principal_id` to the config.
+To authenticate through managed identities instead of a shared key, omit `storage_access_key` from your `storage.yml` file and pass in the identity `principal_id`.
 
 ActiveStorage config example:
 

lib/azure_blob/client.rb

@@ -14,14 +14,22 @@ module AzureBlob
   # AzureBlob Client class. You interact with the Azure Blob api
   # through an instance of this class.
   class Client
-    def initialize(account_name:, access_key:, container:, **options)
+    def initialize(account_name:, access_key: nil, principal_id: nil, container:, **options)
       @account_name = account_name
       @container = container
       @cloud_regions = options[:cloud_regions]&.to_sym || :global
 
-      @signer = !access_key.nil? && !access_key.empty?  ?
-        AzureBlob::SharedKeySigner.new(account_name:, access_key:) :
-        AzureBlob::EntraIdSigner.new(account_name:, host:, **options.slice(:principal_id))
+      no_access_key = access_key.nil? || access_key&.empty?
+      using_managed_identities = no_access_key && !principal_id.nil? || options[:use_managed_identities]
+
+      if !using_managed_identities && no_access_key
+        raise AzureBlob::Error.new(
+          "`access_key` cannot be empty. To use managed identities instead, pass a `principal_id` or set `use_managed_identities` to true."
+        )
+      end
+      @signer = using_managed_identities ?
+        AzureBlob::EntraIdSigner.new(account_name:, host:, principal_id: ) :
+        AzureBlob::SharedKeySigner.new(account_name:, access_key:)
     end
 
     # Create a blob of type block. Will automatically split the the blob in multiple block and send the blob in pieces (blocks) if the blob is too big.

test/client/test_client.rb

@@ -32,6 +32,38 @@ def test_rails_is_not_loaded
     assert_raises(NoMethodError) { 10.minutes }
   end
 
+  def test_without_credentials
+    assert_raises(AzureBlob::Error) do
+      AzureBlob::Client.new(
+        account_name: @account_name,
+        container: @container,
+      )
+    end
+
+    assert_raises(AzureBlob::Error) do
+      AzureBlob::Client.new(
+        access_key: "",
+        account_name: @account_name,
+        container: @container,
+      )
+    end
+
+    AzureBlob::Client.new(
+      access_key: "",
+      use_managed_identities: true,
+      account_name: @account_name,
+      container: @container,
+    )
+
+
+    AzureBlob::Client.new(
+      access_key: "",
+      principal_id: "123",
+      account_name: @account_name,
+      container: @container,
+    )
+  end
+
   def test_single_block_upload
     client.create_block_blob(key, content)