azureml-core 1.55.0.post2__py3-none-any.whl → 1.57.0__py3-none-any.whl

azureml/_base_sdk_common/_version.py

@@ -1 +1 @@
-ver = "1.55.0"
+ver = "1.57.0"

azureml/_base_sdk_common/common.py

@@ -133,6 +133,7 @@ def get_run_config_dir_path_if_exists(project_path):
 def get_run_config_dir_path(project_path):
     # Try to look for the old aml_config directory first
     # If that does not exist default to use the new .azureml
+    project_path = os.path.normpath(project_path)
     run_config_dir_path = os.path.join(project_path, AML_CONFIG_DIR)
     if not os.path.exists(run_config_dir_path):
         run_config_dir_path = os.path.join(project_path, AZUREML_DIR)
@@ -142,6 +143,7 @@ def get_run_config_dir_path(project_path):
 def get_run_config_dir_name(project_path):
     # Try to look for the old aml_config directory first
     # If that does not exist default to use the new .azureml
+    project_path = os.path.normpath(project_path)
     run_config_dir_path = os.path.join(project_path, AML_CONFIG_DIR)
     run_config_dir_name = AML_CONFIG_DIR
     if not os.path.exists(run_config_dir_path):
@@ -156,6 +158,7 @@ def get_config_file_name(project_config_path):
     :return: Either project.json or config.json
     :rtype: str
     """
+    project_config_path = os.path.normpath(project_config_path)
     legacy_config_file_path = os.path.join(project_config_path, LEGACY_PROJECT_FILENAME)
     if os.path.exists(legacy_config_file_path):
         return LEGACY_PROJECT_FILENAME

azureml/_base_sdk_common/workspace/models/rest_client_enums.py

@@ -24,6 +24,7 @@ class DataStoreType(Enum):
     dbfs = "DBFS"
     azure_data_lake_gen2 = "AzureDataLakeGen2"
     git = "Git"
+    one_lake = "OneLake"
 
 
 class AzureStorageCredentialTypes(Enum):

azureml/_file_utils/file_utils.py

@@ -24,11 +24,11 @@ from azure.common import AzureMissingResourceHttpError
 module_logger = logging.getLogger(__name__)
 
 
-def _validate_content_match(server_md5, computed_md5):
-    _ERROR_MD5_MISMATCH = \
-        'MD5 mismatch. Expected value is \'{0}\', computed value is \'{1}\'.'
-    if server_md5 != computed_md5:
-        raise AzureMLException(_ERROR_MD5_MISMATCH.format(server_md5, computed_md5))
+def _validate_content_match(server_256, computed_sha256):
+    _ERROR_sha256_MISMATCH = \
+        'sha256 mismatch. Expected value is \'{0}\', computed value is \'{1}\'.'
+    if server_256 != computed_sha256:
+        raise AzureMLException(_ERROR_sha256_MISMATCH.format(server_256, computed_sha256))
 
 
 def normalize_path_and_join(path, name):
@@ -98,6 +98,7 @@ def makedirs_for_file_path(file_path):
     """
     :param file_path: relative or absolute path to a file
     """
+    file_path = os.path.normpath(file_path)
     parent_path = os.path.join(file_path, os.path.pardir)
     parent_path = os.path.normpath(parent_path)
     if not os.path.exists(parent_path):
@@ -205,7 +206,7 @@ def download_file(source_uri, path=None, max_retries=5, stream=True, protocol="h
     if path is None:
         module_logger.debug('Output file path is {}, the file was not downloaded.'.format(path))
         return
-
+    path = os.path.normpath(path)
     # download using BlobClient
     if is_source_uri_matches_storage_blob(source_uri):
         sas_token, account_name, endpoint_suffix, container_name, blob_name = get_block_blob_service_credentials(
@@ -246,14 +247,14 @@ def download_file(source_uri, path=None, max_retries=5, stream=True, protocol="h
     # download using requests.Session
     def _handle_response(response):
         makedirs_for_file_path(path)
-        md5_hash = hashlib.md5()
+        sha256_hash = hashlib.sha256()
         with open(path, 'wb') as write_to_file:
             for chunk in response.iter_content(chunk_size=1024):
                 if chunk:
-                    md5_hash.update(chunk)
+                    sha256_hash.update(chunk)
                     write_to_file.write(chunk)
             if _validate_check_sum:
-                _validate_content(md5_hash, response)
+                _validate_content(sha256_hash, response)
 
     _request_file_with_retry(source_uri, _handle_response, max_retries, stream, session)
 
@@ -318,37 +319,37 @@ def download_file_stream(source_uri, encoding="utf-8", download_to_bytes=False,
     # download using requests.Session
     def _handle_response(response):
         bytes_str = bytes()
-        md5_hash = hashlib.md5()
+        sha256_hash = hashlib.sha256()
         if response.status_code != 200:
             response.raise_for_status()
         for chunk in response.iter_content(chunk_size=1024):
             if chunk:
-                md5_hash.update(chunk)
+                sha256_hash.update(chunk)
                 bytes_str += chunk
         if _validate_check_sum:
-            _validate_content(md5_hash, response)
+            _validate_content(sha256_hash, response)
         return bytes_str if download_to_bytes else bytes_str.decode(encoding)
 
     return _request_file_with_retry(source_uri, _handle_response, max_retries, stream, session)
 
 
-def _validate_content(md5_hash, response):
+def _validate_content(sha256_hash, response):
     """
-    Validate the content of response with md5_hash
+    Validate the content of response with sha256_hash
 
-    :param md5_hash:
-    :type md5_hash: _Hash
+    :param sha256_hash:
+    :type sha256_hash: _Hash
     :param response: the response object
     :type response: requests.Response
     :return: None
     :rtype: None
     """
-    if 'content-md5' in response.headers:
-        _validate_content_match(response.headers['content-md5'],
-                                base64.b64encode(md5_hash.digest()).decode('utf-8'))
+    if 'content-sha256' in response.headers:
+        _validate_content_match(response.headers['content-sha256'],
+                                base64.b64encode(sha256_hash.digest()).decode('utf-8'))
     else:
         module_logger.debug(
-            "validate_check_sum flag is set to true but content-md5 not found on respose header")
+            "validate_check_sum flag is set to true but content-sha256 not found on respose header")
 
 
 def get_directory_size(path, size_limit=None, include_function=None, exclude_function=None):

azureml/_model_management/_util.py

@@ -150,6 +150,7 @@ def upload_dependency(workspace, dependency, create_tar=False, arcname=None, sho
     """
     from azureml._restclient.artifacts_client import ArtifactsClient
     artifact_client = ArtifactsClient(workspace.service_context)
+    dependency = os.path.normpath(dependency)
     if dependency.startswith('http') or dependency.startswith('wasb'):
         return dependency, urlparse(dependency).path.split('/')[-1]
     if not os.path.exists(dependency):
@@ -204,6 +205,7 @@ def wrap_execution_script(execution_script, schema_file, dependencies, log_aml_d
     :return: str path to wrapped execution script
     """
     new_script_loc = tempfile.mkstemp(suffix='.py')[1]
+    execution_script = os.path.normpath(execution_script)
     dependencies.append(execution_script)
     if not os.path.exists(execution_script):
         raise WebserviceException('Path to execution script {} does not exist.'.format(execution_script),
@@ -878,6 +880,7 @@ def cleanup_docker_image(docker_client, image_id):
 
 
 def validate_path_exists_or_throw(member, name, extra_message=''):
+    member = os.path.normpath(member)
     if not os.path.exists(member):
         raise WebserviceException("{0} {1} doesn't exist. {2}".format(name, member, extra_message),
                                   logger=module_logger)

azureml/_project/_compute_target_commands.py

@@ -244,7 +244,7 @@ def _execute_ssh_command(address, port, username, command_to_run, password=None,
 
     ssh = paramiko.SSHClient()
 
-    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+    ssh.set_missing_host_key_policy(paramiko.RejectPolicy())
 
     ssh.connect(address, port, username, pkey=private_key, password=password)
 

azureml/_project/azureml_base_images.json

@@ -1,9 +1,9 @@
 {
-    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.1-cudnn8-ubuntu20.04": "20240304.v1",
-    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.2-cudnn8-ubuntu20.04": "20240304.v1",
-    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.3-cudnn8-ubuntu20.04": "20240304.v1",
-    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.6-cudnn8-ubuntu20.04": "20240304.v1",
-    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.8-cudnn8-ubuntu22.04": "20240304.v1",
-    "mcr.microsoft.com/azureml/openmpi4.1.0-ubuntu20.04": "20240304.v1",
-    "mcr.microsoft.com/azureml/openmpi4.1.0-ubuntu22.04": "20240304.v1"
+    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.1-cudnn8-ubuntu20.04": "20240709.v1",
+    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.2-cudnn8-ubuntu20.04": "20240709.v1",
+    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.3-cudnn8-ubuntu20.04": "20240709.v1",
+    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.6-cudnn8-ubuntu20.04": "20240709.v1",
+    "mcr.microsoft.com/azureml/openmpi4.1.0-cuda11.8-cudnn8-ubuntu22.04": "20240709.v1",
+    "mcr.microsoft.com/azureml/openmpi4.1.0-ubuntu20.04": "20240709.v1",
+    "mcr.microsoft.com/azureml/openmpi4.1.0-ubuntu22.04": "20240709.v1"
 }

azureml/_project/azureml_sdk_scope.txt

@@ -1,12 +1,45 @@
-a
-z
-u
-r
-e
-m
-l
--
-c
-o
-r
-e
+azureml-core
+azureml-train
+azureml-sdk
+azureml-defaults
+azureml-train-core
+azureml-automl-core
+azureml-automl-runtime
+azureml-training-tabular
+azureml-train-automl
+azureml-train-automl-client
+azureml-train-automl-runtime
+azureml-contrib-automl-dnn-forecasting
+azureml-automl-dnn-vision
+azureml-automl-dnn-nlp
+azureml-contrib-automl-pipeline-steps
+azureml-train-restclients-hyperdrive
+azureml-telemetry
+azureml-tensorboard
+azureml-contrib-notebook
+azureml-explain-model
+azureml-interpret
+azureml-contrib-server
+azureml-contrib-services
+azureml-contrib-iot
+azureml-contrib-run
+azureml-datadrift
+azureml-widgets
+azureml-pipeline
+azureml-pipeline-core
+azureml-pipeline-steps
+azureml-contrib-pipeline-steps
+azureml-cli-common
+azureml-opendatasets
+azureml-accel-models
+azureml-mlflow
+azureml-contrib-functions
+azureml-contrib-dataset
+azureml-contrib-reinforcementlearning
+azureml-contrib-mir
+azureml-contrib-fairness
+azureml-contrib-aisc
+azureml-dataset-runtime
+azureml-synapse
+azureml-responsibleai
+azureml-automl-common-tools

azureml/_project/file_utilities.py

@@ -18,6 +18,7 @@ def create_directory(path, set_hidden=False):
 
     :rtype None
     """
+    path = os.path.normpath(path)
     if os.path.exists(path):
         return
     os.makedirs(path)
@@ -34,6 +35,7 @@ def make_file_or_directory_hidden(path):
 
     :rtype str
     """
+    path = os.path.normpath(path)
     if os.name == 'nt':
         ctypes.windll.kernel32.SetFileAttributesW(path, 0x02)
     else:

azureml/_project/ignore_file.py

@@ -52,6 +52,7 @@ class IgnoreFile(object):
 
         :rtype: None
         """
+        self._path = os.path.normpath(self._path)
         return self._path and os.path.exists(self._path)
 
     def create_if_not_exists(self, patterns_to_exclude=default_patterns):
@@ -61,6 +62,7 @@ class IgnoreFile(object):
         :rtype: None
         """
         if not self.exists():
+            self._path = os.path.normpath(self._path)
             with open(self._path, 'w') as fo:
                 fo.write('\n'.join(patterns_to_exclude) + '\n')
 

azureml/_project/project_info.py

@@ -33,6 +33,7 @@ def add(project_id, scope, project_path, is_config_file_path=False):
         config_file_name = get_config_file_name(config_directory)
         project_file_path = os.path.join(config_directory, config_file_name)
     # We overwriting if project.json exists.
+    project_file_path = os.path.normpath(project_file_path)
     with open(project_file_path, "w") as fo:
         info = ProjectInfo(project_id, scope)
         fo.write(json.dumps(info.__dict__))
@@ -76,7 +77,9 @@ def get(project_path, no_recursive_check=False):
         for config_path in [AML_CONFIG_DIR, AZUREML_DIR]:
             for files_to_look in [LEGACY_PROJECT_FILENAME, CONFIG_FILENAME]:
                 config_file_path = os.path.join(project_path, config_path, files_to_look)
+                config_file_path = os.path.normpath(config_file_path)
                 if os.path.exists(config_file_path):
+                    config_file_path = os.path.normpath(config_file_path)
                     with open(config_file_path) as info_json:
                         config_json = json.load(info_json)
                         # If Scope is not there, then this is an old workspace config.json config file

azureml/_project/project_manager.py

@@ -82,6 +82,7 @@ def _update_requirements_binding(repo_path, config_dir_to_use):
     conda_dependencies_path = os.path.join(repo_path, config_dir_to_use, _conda_dependencies_file_name)
 
     lines = []
+    conda_dependencies_path = os.path.normpath(conda_dependencies_path)
     with open(conda_dependencies_path, "r") as infile:
         for line in infile:
             if requirements_version:
@@ -90,6 +91,7 @@ def _update_requirements_binding(repo_path, config_dir_to_use):
                 line = line.replace(default_index, requirements_index)
 
             lines.append(line)
+    conda_dependencies_path = os.path.normpath(conda_dependencies_path)
     with open(conda_dependencies_path, 'w') as outfile:
         for line in lines:
             outfile.write(line)
@@ -105,8 +107,10 @@ def attach_project(project_id, project_path, scope, compute_target_dict):
     :rtype: None
     """
     from azureml._base_sdk_common.common import get_run_config_dir_name
+    project_path = os.path.normpath(project_path)
     is_existing_dir = os.path.isdir(project_path)
     if not is_existing_dir:
+        project_path = os.path.normpath(project_path)
         # We creating all intermediate dirs too.
         os.makedirs(os.path.abspath(project_path))
 
@@ -157,15 +161,20 @@ def _copy_default_files(path, default_fileset):
     this_dir, this_filename = os.path.split(__file__)
     default_files_path = os.path.join(this_dir, default_fileset)
 
+    path = os.path.normpath(path)
     if not os.path.exists(path):
+        path = os.path.normpath(path)
         os.mkdir(path)
     for filename in os.listdir(default_files_path):
         orig_path = os.path.join(default_files_path, filename)
         new_path = os.path.join(path, filename)
         if os.path.isdir(orig_path):
+            new_path = os.path.normpath(new_path)
             shutil.copytree(orig_path, new_path)
         else:
+            new_path = os.path.normpath(new_path)
             if not os.path.exists(new_path):
+                new_path = os.path.normpath(new_path)
                 shutil.copy(orig_path, new_path)
 
 

azureml/_restclient/artifacts_client.py

@@ -101,8 +101,8 @@ class ArtifactsClient(WorkspaceClient):
 
     def upload_artifact_from_path(self, path, *args, **kwargs):
         """upload a local file to a new artifact"""
-        path = os.path.normpath(path)
         path = os.path.abspath(path)
+        path = os.path.normpath(path)
         with open(path, "rb") as stream:
             return self.upload_artifact_from_stream(stream, *args, **kwargs)
 

azureml/_restclient/models/rest_client_enums.py

@@ -26,6 +26,7 @@ class DataStoreType(Enum):
     hdfs = "Hdfs"
     custom = "Custom"
     git = "Git"
+    one_lake = "OneLake"
 
 
 class AzureStorageCredentialTypes(Enum):

azureml/_vendor/azure_storage/blob/_encryption.py

@@ -251,8 +251,7 @@ class GCMBlobEncryptionStream:
         :param bytes data: The data to encrypt.
         """
         # Each region MUST use a different nonce
-        nonce = self.nonce_counter.to_bytes(_GCM_NONCE_LENGTH, 'big')
-        self.nonce_counter += 1
+        nonce = os.urandom(12)
 
         aesgcm = AESGCM(self.content_encryption_key)
 

azureml/_vendor/azure_storage/blob/_shared/policies.py

@@ -101,11 +101,11 @@ def is_retry(response, mode):   # pylint: disable=too-many-return-statements
         if status in [501, 505]:
             return False
         return True
-    # retry if invalid content md5
-    if response.context.get('validate_content', False) and response.http_response.headers.get('content-md5'):
-        computed_md5 = response.http_request.headers.get('content-md5', None) or \
-                       encode_base64(StorageContentValidation.get_content_md5(response.http_response.body()))
-        if response.http_response.headers['content-md5'] != computed_md5:
+    # retry if invalid content sha256
+    if response.context.get('validate_content', False) and response.http_response.headers.get('content-sha256'):
+        computed_sha256 = response.http_request.headers.get('content-sha256', None) or \
+                       encode_base64(StorageContentValidation.get_content_sha256(response.http_response.body()))
+        if response.http_response.headers['content-sha256'] != computed_sha256:
             return True
     return False
 
@@ -343,17 +343,17 @@ class StorageContentValidation(SansIOHTTPPolicy):
 
     This will overwrite any headers already defined in the request.
     """
-    header_name = 'Content-MD5'
+    header_name = 'Content-sha256'
 
     def __init__(self, **kwargs):  # pylint: disable=unused-argument
         super(StorageContentValidation, self).__init__()
 
     @staticmethod
-    def get_content_md5(data):
+    def get_content_sha256(data):
         data = data or b""
-        md5 = hashlib.md5() # nosec
+        sha256 = hashlib.sha256() # nosec
         if isinstance(data, bytes):
-            md5.update(data)
+            sha256.update(data)
         elif hasattr(data, 'read'):
             pos = 0
             try:
@@ -361,7 +361,7 @@ class StorageContentValidation(SansIOHTTPPolicy):
             except:  # pylint: disable=bare-except
                 pass
             for chunk in iter(lambda: data.read(4096), b""):
-                md5.update(chunk)
+                sha256.update(chunk)
             try:
                 data.seek(pos, SEEK_SET)
             except (AttributeError, IOError):
@@ -369,25 +369,25 @@ class StorageContentValidation(SansIOHTTPPolicy):
         else:
             raise ValueError("Data should be bytes or a seekable file-like object.")
 
-        return md5.digest()
+        return sha256.digest()
 
     def on_request(self, request):
         # type: (PipelineRequest, Any) -> None
         validate_content = request.context.options.pop('validate_content', False)
         if validate_content and request.http_request.method != 'GET':
-            computed_md5 = encode_base64(StorageContentValidation.get_content_md5(request.http_request.data))
-            request.http_request.headers[self.header_name] = computed_md5
-            request.context['validate_content_md5'] = computed_md5
+            computed_sha256 = encode_base64(StorageContentValidation.get_content_sha256(request.http_request.data))
+            request.http_request.headers[self.header_name] = computed_sha256
+            request.context['validate_content_sha256'] = computed_sha256
         request.context['validate_content'] = validate_content
 
     def on_response(self, request, response):
-        if response.context.get('validate_content', False) and response.http_response.headers.get('content-md5'):
-            computed_md5 = request.context.get('validate_content_md5') or \
-                encode_base64(StorageContentValidation.get_content_md5(response.http_response.body()))
-            if response.http_response.headers['content-md5'] != computed_md5:
+        if response.context.get('validate_content', False) and response.http_response.headers.get('content-sha256'):
+            computed_sha256 = request.context.get('validate_content_sha256') or \
+                encode_base64(StorageContentValidation.get_content_sha256(response.http_response.body()))
+            if response.http_response.headers['content-sha256'] != computed_sha256:
                 raise AzureError(
-                    'MD5 mismatch. Expected value is \'{0}\', computed value is \'{1}\'.'.format(
-                        response.http_response.headers['content-md5'], computed_md5),
+                    'sha256 mismatch. Expected value is \'{0}\', computed value is \'{1}\'.'.format(
+                        response.http_response.headers['content-sha256'], computed_sha256),
                     response=response.http_response
                 )
 

azureml/_vendor/azure_storage/fileshare/_shared/policies.py

@@ -97,11 +97,11 @@ def is_retry(response, mode):   # pylint: disable=too-many-return-statements
         if status in [501, 505]:
             return False
         return True
-    # retry if invalid content md5
-    if response.context.get('validate_content', False) and response.http_response.headers.get('content-md5'):
-        computed_md5 = response.http_request.headers.get('content-md5', None) or \
-                       encode_base64(StorageContentValidation.get_content_md5(response.http_response.body()))
-        if response.http_response.headers['content-md5'] != computed_md5:
+    # retry if invalid content sha256
+    if response.context.get('validate_content', False) and response.http_response.headers.get('content-sha256'):
+        computed_sha256 = response.http_request.headers.get('content-sha256', None) or \
+                       encode_base64(StorageContentValidation.get_content_sha256(response.http_response.body()))
+        if response.http_response.headers['content-sha256'] != computed_sha256:
             return True
     return False
 
@@ -329,17 +329,17 @@ class StorageContentValidation(SansIOHTTPPolicy):
 
     This will overwrite any headers already defined in the request.
     """
-    header_name = 'Content-MD5'
+    header_name = 'Content-sha256'
 
     def __init__(self, **kwargs):  # pylint: disable=unused-argument
         super(StorageContentValidation, self).__init__()
 
     @staticmethod
-    def get_content_md5(data):
+    def get_content_sha256(data):
         data = data or b""
-        md5 = hashlib.md5() # nosec
+        sha256 = hashlib.sha256() # nosec
         if isinstance(data, bytes):
-            md5.update(data)
+            sha256.update(data)
         elif hasattr(data, 'read'):
             pos = 0
             try:
@@ -347,7 +347,7 @@ class StorageContentValidation(SansIOHTTPPolicy):
             except:  # pylint: disable=bare-except
                 pass
             for chunk in iter(lambda: data.read(4096), b""):
-                md5.update(chunk)
+                sha256.update(chunk)
             try:
                 data.seek(pos, SEEK_SET)
             except (AttributeError, IOError):
@@ -355,25 +355,25 @@ class StorageContentValidation(SansIOHTTPPolicy):
         else:
             raise ValueError("Data should be bytes or a seekable file-like object.")
 
-        return md5.digest()
+        return sha256.digest()
 
     def on_request(self, request):
         # type: (PipelineRequest, Any) -> None
         validate_content = request.context.options.pop('validate_content', False)
         if validate_content and request.http_request.method != 'GET':
-            computed_md5 = encode_base64(StorageContentValidation.get_content_md5(request.http_request.data))
-            request.http_request.headers[self.header_name] = computed_md5
-            request.context['validate_content_md5'] = computed_md5
+            computed_sha256 = encode_base64(StorageContentValidation.get_content_sha256(request.http_request.data))
+            request.http_request.headers[self.header_name] = computed_sha256
+            request.context['validate_content_sha256'] = computed_sha256
         request.context['validate_content'] = validate_content
 
     def on_response(self, request, response):
-        if response.context.get('validate_content', False) and response.http_response.headers.get('content-md5'):
-            computed_md5 = request.context.get('validate_content_md5') or \
-                encode_base64(StorageContentValidation.get_content_md5(response.http_response.body()))
-            if response.http_response.headers['content-md5'] != computed_md5:
+        if response.context.get('validate_content', False) and response.http_response.headers.get('content-sha256'):
+            computed_sha256 = request.context.get('validate_content_sha256') or \
+                encode_base64(StorageContentValidation.get_content_sha256(response.http_response.body()))
+            if response.http_response.headers['content-sha256'] != computed_sha256:
                 raise AzureError(
-                    'MD5 mismatch. Expected value is \'{0}\', computed value is \'{1}\'.'.format(
-                        response.http_response.headers['content-md5'], computed_md5),
+                    'sha256 mismatch. Expected value is \'{0}\', computed value is \'{1}\'.'.format(
+                        response.http_response.headers['content-sha256'], computed_sha256),
                     response=response.http_response
                 )
 

azureml/_workspace/_utils.py

@@ -52,7 +52,9 @@ def get_application_insights_region(workspace_region):
         "southindia": "centralindia",
         "polandcentral": "northeurope",
         "italynorth": "westeurope",
-        "chinaeast3": "chinaeast2"
+        "chinaeast3": "chinaeast2",
+        "spaincentral": "francecentral",
+        "israelcentral": "westeurope"
     }.get(workspace_region, workspace_region)
 
 

azureml/core/authentication.py

@@ -1566,10 +1566,7 @@ class AzureMLTokenAuthentication(AbstractAuthentication):
     @staticmethod
     def _get_token(token, should_encrypt=False):
         password = os.environ.get("AZUREML_RUN_TOKEN_PASS")
-        random_string = os.environ.get("AZUREML_RUN_TOKEN_RAND")
-        m = hashlib.sha256()
-        m.update(random_string.encode())
-        salt = m.digest()
+        salt = os.urandom(16)
         kdf = PBKDF2HMAC(
             algorithm=hashes.SHA256(),
             length=32,

azureml/core/compute/computeinstance.py

@@ -365,6 +365,60 @@ class ComputeInstance(ComputeTarget):
             vnet_name, subnet_name, tags, description, assigned_user_object_id, assigned_user_tenant_id)
         return config
 
+    def update_sso_settings(self, value):
+        """Update single sign-on settings of the compute instance.
+
+        :param value: The value of sso settings
+        :type value: bool
+        :return: Whether the update was successful or not
+        :rtype: bool
+        """
+        return self._update_sso_settings(self.workspace, self.name, value)
+
+    @staticmethod
+    def _update_sso_settings(workspace, compute_name, value):
+        """Update single sign-on settings.
+
+        :param workspace: The workspace.
+        :type workspace: azureml.core.Workspace
+        :param compute_name: The compute name.
+        :type compute_name: string
+        :param value: The value of sso settings
+        :type value: bool
+        :return: Whether the update was successful or not
+        :rtype: bool
+        """
+        if not workspace:
+            return False
+
+        enable_sso_fmt = '{}/subscriptions/{}/resourcegroups/{}/providers/' \
+            'Microsoft.MachineLearningServices/workspaces/{}/computes/{}/enableSso'
+        arm_endpoint = ComputeTarget._get_resource_manager_endpoint(workspace)
+        endpoint = enable_sso_fmt.format(arm_endpoint,
+                                         workspace.subscription_id,
+                                         workspace.resource_group,
+                                         workspace.name,
+                                         compute_name)
+        headers = workspace._auth.get_authentication_header()
+        ComputeTarget._add_request_tracking_headers(headers)
+        params = {'api-version': MLC_WORKSPACE_API_VERSION}
+        compute_update_payload = {'EnableSSO': value}
+
+        try:
+            resp = ClientBase._execute_func(get_requests_session().post, endpoint,
+                                            params=params, headers=headers, json=compute_update_payload)
+            resp.raise_for_status()
+        except requests.exceptions.HTTPError:
+            raise ComputeTargetException('Single sign-on settings update request failed:\n'
+                                         'Response Code: {}\n'
+                                         'Headers: {}\n'
+                                         'Content: {}'.format(resp.status_code, resp.headers, resp.content))
+
+        if resp.status_code != 200:
+            return False
+
+        return True
+
     @staticmethod
     def _build_create_payload(config, location, subscription_id):
         """Construct the payload needed to create an ComputeInstance.