From 3a0c288e55d4a717fa89f9548c5006e6c6bd7969 Mon Sep 17 00:00:00 2001 From: djpbessems Date: Fri, 8 Mar 2024 19:24:19 +1100 Subject: [PATCH] fix: Rebase to MSAL library for authentication --- Dockerfile | 2 +- go.mod | 2 +- pkg/spamasaurusrex/main.go | 32 +++++++++++++++++++++++--------- 3 files changed, 25 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 783bb90..52f1b65 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,6 +14,6 @@ WORKDIR /app COPY --from=builder /app/main . -EXPOSE 80 +EXPOSE 8080 CMD ["./main"] diff --git a/go.mod b/go.mod index 44c841a..a088236 100644 --- a/go.mod +++ b/go.mod @@ -3,13 +3,13 @@ module pkg/spamasaurusrex go 1.19 require ( + github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 github.com/breml/rootcerts v0.2.16 github.com/gorilla/mux v1.8.1 github.com/microsoftgraph/msgraph-sdk-go v1.34.0 ) require ( - github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect github.com/golang-jwt/jwt/v5 v5.2.0 // indirect github.com/kylelemons/godebug v1.1.0 // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect diff --git a/pkg/spamasaurusrex/main.go b/pkg/spamasaurusrex/main.go index 0580a2e..1fe7d39 100644 --- a/pkg/spamasaurusrex/main.go +++ b/pkg/spamasaurusrex/main.go @@ -13,23 +13,37 @@ import ( _ "github.com/breml/rootcerts" "github.com/gorilla/mux" + + "github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential" ) func handler(w http.ResponseWriter, r *http.Request) { - graphHelper := graphhelper.NewGraphHelper() - initializeGraph(graphHelper) + clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf" + tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f" + // redirectURI := "https://alias.spamasaurus.com/" + scopes := []string{"email"} - user, err := graphHelper.GetUser() + // confidential clients have a credential, such as a secret or a certificate + cred, err := confidential.NewCredFromSecret("client_secret") if err != nil { - log.Panicf("Error getting user: %v\n", err) + // TODO: handle error } - fmt.Printf("Hello, %s!\n", *user.GetDisplayName()) - w.Write([]byte(fmt.Sprintf("Hello, %s\n", *user.GetDisplayName()))) + confidentialClient, err := confidential.New("https://login.microsoftonline.com/" + tenantId, clientId, cred) + if err != nil { + // TODO: handle error + } - // query := r.URL.Query() - // name := query.Get("name") - // w.Write([]byte(fmt.Sprintf("Hello, %s\n", name))) + result, err := confidentialClient.AcquireTokenSilent(context.TODO(), scopes) + if err != nil { + // cache miss, authenticate with another AcquireToken... method + result, err = confidentialClient.AcquireTokenByCredential(context.TODO(), scopes) + if err != nil { + // TODO: handle error + } + } + // accessToken := result.AccessToken + w.Write([]byte(fmt.Sprintf("Hello, %s\n", result.AccessToken))) } func healthHandler(w http.ResponseWriter, r *http.Request) {