revauthaad

package module

v0.2.0 Latest Latest Go to latest Published: Feb 10, 2023 License: Apache-2.0 Imports: 22 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/chengkun-kang/rev-auth-aad

Links

Open Source Insights

README ¶

Authentication with Azure Active Directory(AAD)

======

#Usage: Include module in Revel Application file: conf/app.conf

module.revauthaad=github.com/chengkun-kang/rev-auth-aad

Include module in Revel Application file: conf/routes

module:revauthaad

Incude revel config variables in Revel Application file conf/app.conf

aad.tenant.id=xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxx
aad.app.client.id=xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxx
aad.app.client.secret=xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxx
aad.account.primary.domain=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
aad.cloud.instance=xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxx          # default: https://login.microsoftonline.com
aad.api.users.path=xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxx          # default: https://graph.microsoft.com/v1.0/users/
aad.api.public.scopes=xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxx       # default: User.Read
aad.api.credential.scopes=xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxx   # default: https://graph.microsoft.com/.default
app.logout.redirect.url=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx         # default: /login

The Azure AD Cloud Instance options include;

https://login.microsoftonline.com/ for Azure public cloud
https://login.microsoftonline.us/ for Azure US government
https://login.microsoftonline.de/ for Azure AD Germany
https://login.partner.microsoftonline.cn/common for Azure AD China operated by 21Vianet

Documentation ¶

Index ¶

Variables
func AcquireCredentialToken() (string, error)
func AcquirePublicToken(account, password string) (string, error)
func Init()
func InitCredentialClient() (*msgraphsdk.GraphServiceClient, error)
func InitPublicClient(account, password string) (*msgraphsdk.GraphServiceClient, error)
func QueryAndSave(account string) (*models.User, error)
func QueryMailAndSave(email string) (*models.User, error)
func QueryUserPhotoById(userId, token string) string
func QueryUserPhotoByName(username, token string) string
type AuthReply
- func AuthenticateByClientCredentials(account string) *AuthReply
- func AuthenticatePublicClient(account, password string) *AuthReply
type QueryReply
- func Query(userIdentity string) *QueryReply
- func QueryMail(emailAddress string) *QueryReply

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	AzureADAppClientId     string
	AzureADAppClientSecret string

	AzureADTenantId             = ""
	AzureADTenantAuthority      = ""
	AzureADAccountPrimaryDomain = ""
	AzureADCloudInstance        = "https://login.microsoftonline.com"
	AzureADApiUsersPath         = "https://graph.microsoft.com/v1.0/users"
	AzureADApiPublicScopes      = []string{"User.Read"}
	AzureADApiCredentialScopes  = []string{"https://graph.microsoft.com/.default"}

	AppLogoutRedirectUrl = "/login"
)

Functions ¶

func AcquireCredentialToken ¶

func AcquireCredentialToken() (string, error)

func AcquirePublicToken ¶

func AcquirePublicToken(account, password string) (string, error)

func Init ¶ added in v0.1.9

func Init()

Init reading AAD configuration

func InitCredentialClient ¶

func InitCredentialClient() (*msgraphsdk.GraphServiceClient, error)

func InitPublicClient ¶

func InitPublicClient(account, password string) (*msgraphsdk.GraphServiceClient, error)

func QueryAndSave ¶

func QueryAndSave(account string) (*models.User, error)

func QueryMailAndSave ¶

func QueryMailAndSave(email string) (*models.User, error)

func QueryUserPhotoById ¶

func QueryUserPhotoById(userId, token string) string

func QueryUserPhotoByName ¶

func QueryUserPhotoByName(username, token string) string

Types ¶

type AuthReply ¶

type AuthReply struct {
	IsAuthenticated bool
	Error           string
	Account         string
	Name            string
	First           string
	Last            string
	Email           string
	Depart          string
	Avatar          string
}

func AuthenticateByClientCredentials ¶

func AuthenticateByClientCredentials(account string) *AuthReply

func AuthenticatePublicClient ¶

func AuthenticatePublicClient(account, password string) *AuthReply

Authenticate do auth and return Auth object including user information and lognin success or not Required Delegated Permission: User.Read, and Grant admin consent as this is a Daemon web api. account could be the pricipal user name in AAD or mail of login user

type QueryReply ¶

type QueryReply struct {
	NotExist bool
	Error    string
	Account  string
	Name     string
	First    string
	Last     string
	Email    string
	Depart   string
	Avatar   string
}

func Query ¶

func Query(userIdentity string) *QueryReply

https://learn.microsoft.com/en-us/graph/query-parameters?context=graph%2Fapi%2F1.0&view=graph-rest-1.0

func QueryMail ¶

func QueryMail(emailAddress string) *QueryReply

https://learn.microsoft.com/en-us/graph/query-parameters?context=graph%2Fapi%2F1.0&view=graph-rest-1.0

Source Files ¶

View all Source files

rev_auth_aad.go

Directories ¶

Path	Synopsis
app
controllers
models
cache
lib
http-client
utils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL