fix: Rebase to MSAL library for authentication

2024-03-08 19:24:19 +11:00 · 2024-03-08 19:24:19 +11:00 · 3a0c288e55
commit 3a0c288e55
parent 87b97ea82e
3 changed files with 25 additions and 11 deletions
--- a/2
+++ b/2
@ -14,6 +14,6 @@ WORKDIR /app

 COPY --from=builder /app/main .

-EXPOSE 80
+EXPOSE 8080

 CMD ["./main"]
--- a/go.mod
+++ b/go.mod
@ -3,13 +3,13 @@ module pkg/spamasaurusrex
 go 1.19

 require (
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1
 	github.com/breml/rootcerts v0.2.16
 	github.com/gorilla/mux v1.8.1
 	github.com/microsoftgraph/msgraph-sdk-go v1.34.0
 )

 require (
-	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
--- a/pkg/spamasaurusrex/main.go
+++ b/pkg/spamasaurusrex/main.go
@ -13,23 +13,37 @@ import (

 	_ "github.com/breml/rootcerts"
 	"github.com/gorilla/mux"
+
+    "github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
 )

 func handler(w http.ResponseWriter, r *http.Request) {
-	graphHelper := graphhelper.NewGraphHelper()
-	initializeGraph(graphHelper)
+	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
+	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
+	// redirectURI := "https://alias.spamasaurus.com/"
+	scopes := []string{"email"}

-	user, err := graphHelper.GetUser()
+	// confidential clients have a credential, such as a secret or a certificate
+	cred, err := confidential.NewCredFromSecret("client_secret")
 	if err != nil {
-		log.Panicf("Error getting user: %v\n", err)
+		// TODO: handle error
 	}

-	fmt.Printf("Hello, %s!\n", *user.GetDisplayName())
-	w.Write([]byte(fmt.Sprintf("Hello, %s\n", *user.GetDisplayName())))
+	confidentialClient, err := confidential.New("https://login.microsoftonline.com/" + tenantId, clientId, cred)
+	if err != nil {
+		// TODO: handle error
+	}

-	// query := r.URL.Query()
-	// name := query.Get("name")
-	// w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
+	result, err := confidentialClient.AcquireTokenSilent(context.TODO(), scopes)
+	if err != nil {
+		// cache miss, authenticate with another AcquireToken... method
+		result, err = confidentialClient.AcquireTokenByCredential(context.TODO(), scopes)
+		if err != nil {
+			// TODO: handle error
+		}
+	}
+	// accessToken := result.AccessToken
+	w.Write([]byte(fmt.Sprintf("Hello, %s\n", result.AccessToken)))
 }

 func healthHandler(w http.ResponseWriter, r *http.Request) {