Documentation
¶
Index ¶
- Constants
- func AuthorizationURITenantID(url *url.URL) (string, error)
- func DiscoverAuthorizationURI(sdkCtx context.Context, client subscriptions.Client, subscriptionID string) (*url.URL, error)
- func OAuthConfig(sdkCtx context.Context, client subscriptions.Client, subscriptionId string) (*adal.OAuthConfig, string, error)
- func ResourceManagerResourceId(coreEndpointURI string) (string, error)
- func TokenResource(uri string) string
- type ServicePrincipalCreator
- type ServicePrincipalParams
Constants ¶
const (
// JujuApplicationObjectId is the ObjectId of the Azure application.
JujuApplicationObjectId = "8b744cea-179d-4a73-9dff-20d52126030a"
)
Variables ¶
This section is empty.
Functions ¶
func AuthorizationURITenantID ¶
AuthorizationURITenantID returns the tenant ID portion of the given URL, which is expected to have come from DiscoverAuthorizationURI.
func DiscoverAuthorizationURI ¶
func DiscoverAuthorizationURI(sdkCtx context.Context, client subscriptions.Client, subscriptionID string) (*url.URL, error)
DiscoverAuthorizationID returns the OAuth authorization URI for the given subscription ID. This can be used to determine the AD tenant ID.
func OAuthConfig ¶
func OAuthConfig( sdkCtx context.Context, client subscriptions.Client, subscriptionId string, ) (*adal.OAuthConfig, string, error)
OAuthConfig returns an azure.OAuthConfig based on the given resource manager endpoint and subscription ID. This will make a request to the resource manager API to discover the Active Directory tenant ID.
func ResourceManagerResourceId ¶
ResourceManagerResourceId returns the resource ID for the Azure Resource Manager application to use in auth requests, based on the given core endpoint URI (e.g. https://core.windows.net).
The core endpoint URI is the same as given in "storage-endpoint" in Azure cloud definitions, which serves as the suffix for blob storage URLs.
func TokenResource ¶
TokenResource returns a resource value suitable for auth tokens, based on an endpoint URI.
Types ¶
type ServicePrincipalCreator ¶
type ServicePrincipalCreator struct {
Sender autorest.Sender
RequestInspector autorest.PrepareDecorator
Clock clock.Clock
NewUUID func() (utils.UUID, error)
}
func (*ServicePrincipalCreator) Create ¶
func (c *ServicePrincipalCreator) Create(sdkCtx context.Context, params ServicePrincipalParams) (appid, password string, _ error)
Create creates a new service principal using the values specified in params.
func (*ServicePrincipalCreator) InteractiveCreate ¶
func (c *ServicePrincipalCreator) InteractiveCreate(sdkCtx context.Context, stderr io.Writer, params ServicePrincipalParams) (appid, password string, _ error)
InteractiveCreate creates a new ServicePrincipal by performing device code authentication with Azure AD and creating the service principal using the credentials that are obtained. Only GraphEndpoint, GraphResourceId, ResourceManagerEndpoint, ResourceManagerResourceId and SubscriptionId need to be specified in params, the other values will be derived.
type ServicePrincipalParams ¶
type ServicePrincipalParams struct {
// GraphEndpoint of the Azure graph API.
GraphEndpoint string
// GraphResourceId is the resource ID of the graph API that is
// used when acquiring access tokens.
GraphResourceId string
// GraphAuthorizer is the authorization needed to contact the
// Azure graph API.
GraphAuthorizer autorest.Authorizer
// ResourceManagerEndpoint is the endpoint of the azure resource
// manager API.
ResourceManagerEndpoint string
// ResourceManagerResourceId is the resource ID of the resource manager API that is
// used when acquiring access tokens.
ResourceManagerResourceId string
// ResourceManagerAuthorizer is the authorization needed to
// contact the Azure resource manager API.
ResourceManagerAuthorizer autorest.Authorizer
// SubscriptionId is the subscription ID of the account creating
// the service principal.
SubscriptionId string
// TenantId is the tenant that the account creating the service
// principal belongs to.
TenantId string
}
Source Files