Exemplo n.º 1
0
Arquivo: auth.go Projeto: bac/juju
// AuthToken returns a service principal token, suitable for authorizing
// Resource Manager API requests, based on the supplied CloudSpec.
func AuthToken(cloud environs.CloudSpec, sender autorest.Sender) (*azure.ServicePrincipalToken, error) {
	if authType := cloud.Credential.AuthType(); authType != clientCredentialsAuthType {
		// We currently only support a single auth-type for
		// non-interactive authentication. Interactive auth
		// is used only to generate a service-principal.
		return nil, errors.NotSupportedf("auth-type %q", authType)
	}

	credAttrs := cloud.Credential.Attributes()
	subscriptionId := credAttrs[credAttrSubscriptionId]
	appId := credAttrs[credAttrAppId]
	appPassword := credAttrs[credAttrAppPassword]
	client := subscriptions.Client{subscriptions.NewWithBaseURI(cloud.Endpoint)}
	client.Sender = sender
	oauthConfig, _, err := azureauth.OAuthConfig(client, cloud.Endpoint, subscriptionId)
	if err != nil {
		return nil, errors.Trace(err)
	}

	resource := azureauth.TokenResource(cloud.Endpoint)
	token, err := azure.NewServicePrincipalToken(
		*oauthConfig,
		appId,
		appPassword,
		resource,
	)
	if err != nil {
		return nil, errors.Annotate(err, "constructing service principal token")
	}
	if sender != nil {
		token.SetSender(sender)
	}
	return token, nil
}
Exemplo n.º 2
0
func (s *TokenResourceSuite) TestTokenResource(c *gc.C) {
	out := azureauth.TokenResource("https://graph.windows.net")
	c.Assert(out, gc.Equals, "https://graph.windows.net/")
	out = azureauth.TokenResource("https://graph.windows.net/")
	c.Assert(out, gc.Equals, "https://graph.windows.net/")
}