authentication

package
v0.46.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 28, 2022 License: MPL-2.0 Imports: 28 Imported by: 22

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AzureEnvironmentByNameFromEndpoint added in v0.11.0

func AzureEnvironmentByNameFromEndpoint(ctx context.Context, endpoint string, environmentName string) (*azure.Environment, error)

AzureEnvironmentByName returns a specific Azure Environment from the specified endpoint

func DetermineEnvironment

func DetermineEnvironment(name string) (*azure.Environment, error)

DetermineEnvironment determines what the Environment name is within the Azure SDK for Go and then returns the association environment, if it exists.

func IsEnvironmentAzureStack added in v0.11.0

func IsEnvironmentAzureStack(ctx context.Context, endpoint string, environmentName string) (bool, error)

IsEnvironmentAzureStack returns whether a specific Azure Environment is an Azure Stack environment

func LoadEnvironmentFromUrl added in v0.1.1

func LoadEnvironmentFromUrl(endpoint string) (*azure.Environment, error)

LoadEnvironmentFromUrl attempts to load the specified environment from the endpoint. if the endpoint is an empty string, or an environment can't be found at the endpoint url then an error is returned

Types

type Authentication added in v0.11.0

type Authentication struct {
	LoginEndpoint    string   `json:"loginEndpoint"`
	Audiences        []string `json:"audiences"`
	Tenant           string   `json:"tenant"`
	IdentityProvider string   `json:"identityProvider"`
}

type Builder

type Builder struct {
	// Core
	ClientID       string
	SubscriptionID string
	TenantID       string
	TenantOnly     bool
	Environment    string
	MetadataHost   string

	// Auxiliary tenant IDs used for multi tenant auth
	SupportsAuxiliaryTenants bool
	AuxiliaryTenantIDs       []string

	// The custom Resource Manager Endpoint which should be used
	// only applicable for Azure Stack at this time.
	CustomResourceManagerEndpoint string

	// Azure CLI Tokens Auth
	SupportsAzureCliToken bool

	// Managed Service Identity Auth
	SupportsManagedServiceIdentity bool
	MsiEndpoint                    string

	// Service Principal (Client Cert) Auth
	SupportsClientCertAuth bool
	ClientCertPath         string
	ClientCertPassword     string

	// Service Principal (Client Secret) Auth
	SupportsClientSecretAuth bool
	ClientSecret             string
	ClientSecretDocsLink     string

	// OIDC Auth
	SupportsOIDCAuth    bool
	IDToken             string
	IDTokenFilePath     string
	IDTokenRequestURL   string
	IDTokenRequestToken string

	// Beta opt-in for Microsoft Graph
	UseMicrosoftGraph bool
}

Builder supports all of the possible Authentication values and feature toggles required to build a working Config for Authentication purposes.

func (Builder) Build

func (b Builder) Build() (*Config, error)

Build takes the configuration from the Builder and builds up a validated Config for authenticating with Azure

type Config

type Config struct {
	ClientID           string
	SubscriptionID     string
	TenantID           string
	AuxiliaryTenantIDs []string
	Environment        string
	MetadataHost       string

	GetAuthenticatedObjectID         func(context.Context) (*string, error)
	AuthenticatedAsAServicePrincipal bool
	AuthenticatedViaOIDC             bool

	// A Custom Resource Manager Endpoint
	// at this time this should only be applicable for Azure Stack.
	CustomResourceManagerEndpoint string

	// Beta opt-in for Microsoft Graph
	UseMicrosoftGraph bool
	// contains filtered or unexported fields
}

Config is the configuration structure used to instantiate a new Azure management client.

func (Config) ADALBearerAuthorizerCallback added in v0.20.0

func (c Config) ADALBearerAuthorizerCallback(ctx context.Context, sender autorest.Sender, oauthConfig *OAuthConfig) *autorest.BearerAuthorizerCallback

ADALBearerAuthorizerCallback returns a BearerAuthorizer valid only for the Primary Tenant this signs a request using the AccessToken returned from the primary Resource Manager authorizer

func (Config) BuildOAuthConfig added in v0.7.0

func (c Config) BuildOAuthConfig(activeDirectoryEndpoint string) (*OAuthConfig, error)

BuildOAuthConfig builds the authorization configuration for the specified Active Directory Endpoint

func (Config) GetADALToken added in v0.18.0

func (c Config) GetADALToken(ctx context.Context, sender autorest.Sender, oauth *OAuthConfig, endpoint string) (autorest.Authorizer, error)

GetADALToken returns an autorest.Authorizer using an ADAL token via the authentication method defined in the Config

func (Config) GetMSALToken added in v0.18.0

func (c Config) GetMSALToken(ctx context.Context, api environments.Api, sender autorest.Sender, oauth *OAuthConfig, endpoint string) (autorest.Authorizer, error)

GetMSALToken returns an autorest.Authorizer using an MSAL token via the authentication method defined in the Config

func (Config) GetMultiTenantOAuthConfig added in v0.6.0

func (c Config) GetMultiTenantOAuthConfig(activeDirectoryEndpoint string) (*adal.MultiTenantOAuthConfig, error)

GetMultiTenantOAuthConfig returns a multi-tenant authorization token for the authentication method defined in the Config

func (Config) GetOAuthConfig added in v0.6.0

func (c Config) GetOAuthConfig(activeDirectoryEndpoint string) (*adal.OAuthConfig, error)

GetAuthorizationToken returns an authorization token for the authentication method defined in the Config

func (Config) MSALBearerAuthorizerCallback added in v0.20.0

func (c Config) MSALBearerAuthorizerCallback(ctx context.Context, api environments.Api, sender autorest.Sender, oauthConfig *OAuthConfig, endpoint string) *autorest.BearerAuthorizerCallback

MSALBearerAuthorizerCallback returns a BearerAuthorizer valid only for the Primary Tenant this signs a request using the AccessToken returned from the primary Resource Manager authorizer

type Environment added in v0.11.0

type Environment struct {
	Portal                  string         `json:"portal"`
	Authentication          Authentication `json:"authentication"`
	Media                   string         `json:"media"`
	GraphAudience           string         `json:"graphAudience"`
	Graph                   string         `json:"graph"`
	Name                    string         `json:"name"`
	Suffixes                Suffixes       `json:"suffixes"`
	Batch                   string         `json:"batch"`
	ResourceManager         string         `json:"resourceManager"`
	VmImageAliasDoc         string         `json:"vmImageAliasDoc"`
	ActiveDirectoryDataLake string         `json:"activeDirectoryDataLake"`
	SqlManagement           string         `json:"sqlManagement"`
	Gallery                 string         `json:"gallery"`
}

type OAuthConfig added in v0.7.0

type OAuthConfig struct {
	OAuth            *adal.OAuthConfig
	MultiTenantOauth *adal.MultiTenantOAuthConfig
}

type Suffixes added in v0.11.0

type Suffixes struct {
	AzureDataLakeStoreFileSystem        string `json:"azureDataLakeStoreFileSystem"`
	AcrLoginServer                      string `json:"acrLoginServer"`
	SqlServerHostname                   string `json:"sqlServerHostname"`
	AzureDataLakeAnalyticsCatalogAndJob string `json:"azureDataLakeAnalyticsCatalogAndJob"`
	KeyVaultDns                         string `json:"keyVaultDns"`
	Storage                             string `json:"storage"`
	AzureFrontDoorEndpointSuffix        string `json:"azureFrontDoorEndpointSuffix"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL