From 3a0c288e55d4a717fa89f9548c5006e6c6bd7969 Mon Sep 17 00:00:00 2001
From: djpbessems <danny@bessems.eu>
Date: Fri, 8 Mar 2024 19:24:19 +1100
Subject: [PATCH] fix: Rebase to MSAL library for authentication

---
 Dockerfile                 |  2 +-
 go.mod                     |  2 +-
 pkg/spamasaurusrex/main.go | 32 +++++++++++++++++++++++---------
 3 files changed, 25 insertions(+), 11 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 783bb90..52f1b65 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,6 +14,6 @@ WORKDIR /app
 
 COPY --from=builder /app/main .
 
-EXPOSE 80
+EXPOSE 8080
 
 CMD ["./main"]
diff --git a/go.mod b/go.mod
index 44c841a..a088236 100644
--- a/go.mod
+++ b/go.mod
@@ -3,13 +3,13 @@ module pkg/spamasaurusrex
 go 1.19
 
 require (
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1
 	github.com/breml/rootcerts v0.2.16
 	github.com/gorilla/mux v1.8.1
 	github.com/microsoftgraph/msgraph-sdk-go v1.34.0
 )
 
 require (
-	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
diff --git a/pkg/spamasaurusrex/main.go b/pkg/spamasaurusrex/main.go
index 0580a2e..1fe7d39 100644
--- a/pkg/spamasaurusrex/main.go
+++ b/pkg/spamasaurusrex/main.go
@@ -13,23 +13,37 @@ import (
 
 	_ "github.com/breml/rootcerts"
 	"github.com/gorilla/mux"
+
+    "github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
 )
 
 func handler(w http.ResponseWriter, r *http.Request) {
-	graphHelper := graphhelper.NewGraphHelper()
-	initializeGraph(graphHelper)
+	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
+	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
+	// redirectURI := "https://alias.spamasaurus.com/"
+	scopes := []string{"email"}
 
-	user, err := graphHelper.GetUser()
+	// confidential clients have a credential, such as a secret or a certificate
+	cred, err := confidential.NewCredFromSecret("client_secret")
 	if err != nil {
-		log.Panicf("Error getting user: %v\n", err)
+		// TODO: handle error
 	}
 
-	fmt.Printf("Hello, %s!\n", *user.GetDisplayName())
-	w.Write([]byte(fmt.Sprintf("Hello, %s\n", *user.GetDisplayName())))
+	confidentialClient, err := confidential.New("https://login.microsoftonline.com/" + tenantId, clientId, cred)
+	if err != nil {
+		// TODO: handle error
+	}
 
-	// query := r.URL.Query()
-	// name := query.Get("name")
-	// w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
+	result, err := confidentialClient.AcquireTokenSilent(context.TODO(), scopes)
+	if err != nil {
+		// cache miss, authenticate with another AcquireToken... method
+		result, err = confidentialClient.AcquireTokenByCredential(context.TODO(), scopes)
+		if err != nil {
+			// TODO: handle error
+		}
+	}
+	// accessToken := result.AccessToken
+	w.Write([]byte(fmt.Sprintf("Hello, %s\n", result.AccessToken)))
 }
 
 func healthHandler(w http.ResponseWriter, r *http.Request) {