README
¶
msauth
A Go client library for easy Microsoft authentication
This package is a heavily modified Microsoft Identity Platform client borrowing ideas and code from https://github.com/open-networks/go-msgraph package. In order to enable sharing authentication with a msgraph package, a mspowerbi package and any other Microsoft package which uses the same authentication flow, this has been built into its own package.
Other projects of interest:
- https://github.com/AzureAD/microsoft-authentication-library-for-go - a Microsoft supported Go authentication package. Still in preview.
- https://github.com/open-networks/go-msgraph - a Microsoft Graph client which has the auth client built in.
Documentation
¶
Overview ¶
Package msauth provides an authenticated http Client which has been authenticated using the Microsoft identity platform and OAuth 2.0 authorization flow. The resulting client can be used for the Microsoft Graph API, Power BI and other API's.
See: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
Index ¶
Constants ¶
const ( // Azure AD authentication endpoint "Global". Used to acquire a token for the ms graph API connection. // // Microsoft Documentation: https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud#azure-ad-authentication-endpoints AzureADAuthEndpointGlobal string = "https://login.microsoftonline.com" // Azure AD authentication endpoint "Germany". Used to acquire a token for the ms graph API connection. // // Microsoft Documentation: https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud#azure-ad-authentication-endpoints AzureADAuthEndpointGermany string = "https://login.microsoftonline.de" // Azure AD authentication endpoint "US Government". Used to acquire a token for the ms graph API connection. // // Microsoft Documentation: https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud#azure-ad-authentication-endpoints AzureADAuthEndpointUSGov string = "https://login.microsoftonline.us" // Azure AD authentication endpoint "China by 21 Vianet". Used to acquire a token for the ms graph API connection. // // Microsoft Documentation: https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud#azure-ad-authentication-endpoints AzureADAuthEndpointChina string = "https://login.partner.microsoftonline.cn" )
const APIVersion string = "v1.0"
APIVersion represents the APIVersion of msauth used by this implementation
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
func New ¶
New creates a new AuthClient instance with the given parameters and grabs a token. Returns an error if the token cannot be initialized. The default Microsoft Identity Platfrom URL is used.
func NewWithCustomEndpoint ¶
func NewWithCustomEndpoint(tenantID, applicationID, clientSecret string, azureADAuthEndpoint, resource string) (*Client, error)
NewWithCustomEndpoint creates a new Microsoft Identity Platform client instance with the given parameters and tries to get a valid token. All available public endpoints for azureADAuthEndpoint and serviceRootEndpoint are available via msauth.azureADAuthEndpoint*
For available endpoints from Microsoft, see documentation:
type Token ¶
type Token struct {
TokenType string // should always be "Bearer" for msgraph API-calls
NotBefore time.Time // time when the access token starts to be valid
ExpiresOn time.Time // time when the access token expires
Resource string // will most likely be https://graph.microsoft.*, hence the Service Root Endpoint
AccessToken string // the access-token itself
}
Token struct holds the Microsoft Graph API authentication token used by GraphClient to authenticate API-requests to the ms graph API
func (Token) GetAccessToken ¶
GetAccessToken teturns the API access token in Bearer format representation ready to send to the API interface.
func (Token) HasExpired ¶
HasExpired returns true if the token has already expired.
Hint: this is a wrapper for >>!token.IsStillValid()<<
func (Token) IsAlreadyValid ¶
IsAlreadyValid returns true if the token is already valid, hence the NotBefore is before the current time. Otherwise false.
Hint: The current time is determined by time.Now()
func (Token) IsStillValid ¶
IsStillValid returns true if the token is still valid, hence the current time is before ExpiresOn. Does NOT check it the token is yet valid or in the future.
Hint: The current time is determined by time.Now()
func (Token) IsValid ¶
IsValid returns true if the token is already valid and is still valid. Otherwise false.
Hint: this is a wrapper for >>token.IsAlreadyValid() && token.IsStillValid()<<
func (*Token) UnmarshalJSON ¶
UnmarshalJSON implements the json unmarshal to be used by the json-library.
Hint: the UnmarshalJSON also checks immediately if the token is valid, hence the current time.Now() is after NotBefore and before ExpiresOn
func (Token) WantsToBeRefreshed ¶
WantsToBeRefreshed returns true if the token is already invalid or close to expire (10 second before ExpiresOn), otherwise false. time.Now() is used to determine the current time.
Source Files