fix: Refactor to use interactivebrowser login
This commit is contained in:
parent
4f441fa6b4
commit
580f64b7f2
@ -2,20 +2,19 @@ package graphhelper
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
|
||||||
"os"
|
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||||
auth "github.com/microsoft/kiota-authentication-azure-go"
|
auth "github.com/microsoft/kiota-authentication-azure-go"
|
||||||
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
|
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
|
||||||
// "github.com/microsoftgraph/msgraph-sdk-go/models"
|
"github.com/microsoftgraph/msgraph-sdk-go/models"
|
||||||
// "github.com/microsoftgraph/msgraph-sdk-go/users"
|
"github.com/microsoftgraph/msgraph-sdk-go/users"
|
||||||
)
|
)
|
||||||
|
|
||||||
type GraphHelper struct {
|
type GraphHelper struct {
|
||||||
deviceCodeCredential *azidentity.DeviceCodeCredential
|
// deviceCodeCredential *azidentity.DeviceCodeCredential
|
||||||
|
InteractiveBrowserCredential *azidentity.InteractiveBrowserCredential
|
||||||
userClient *msgraphsdk.GraphServiceClient
|
userClient *msgraphsdk.GraphServiceClient
|
||||||
graphUserScopes []string
|
graphUserScopes []string
|
||||||
}
|
}
|
||||||
@ -26,25 +25,30 @@ func NewGraphHelper() *GraphHelper {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (g *GraphHelper) InitializeGraphForUserAuth() error {
|
func (g *GraphHelper) InitializeGraphForUserAuth() error {
|
||||||
clientId := os.Getenv("CLIENT_ID")
|
// clientId := os.Getenv("CLIENT_ID")
|
||||||
tenantId := os.Getenv("TENANT_ID")
|
clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
|
||||||
scopes := os.Getenv("GRAPH_USER_SCOPES")
|
// tenantId := os.Getenv("TENANT_ID")
|
||||||
|
tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
|
||||||
|
// scopes := os.Getenv("GRAPH_USER_SCOPES")
|
||||||
|
scopes := "user.read"
|
||||||
g.graphUserScopes = strings.Split(scopes, ",")
|
g.graphUserScopes = strings.Split(scopes, ",")
|
||||||
|
|
||||||
// Create the device code credential
|
// Create the device code credential
|
||||||
credential, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
|
// credential, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
|
||||||
|
credential, err := azidentity.NewInteractiveBrowserCredential(&azidentity.InteractiveBrowserCredentialOptions{
|
||||||
ClientID: clientId,
|
ClientID: clientId,
|
||||||
TenantID: tenantId,
|
TenantID: tenantId,
|
||||||
UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
|
// UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
|
||||||
fmt.Println(message.Message)
|
// fmt.Println(message.Message)
|
||||||
return nil
|
// return nil
|
||||||
},
|
// },
|
||||||
|
RedirectURL: "https://alias.spamasaurus.com/",
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
g.deviceCodeCredential = credential
|
g.InteractiveBrowserCredential = credential
|
||||||
|
|
||||||
// Create an auth provider using the credential
|
// Create an auth provider using the credential
|
||||||
authProvider, err := auth.NewAzureIdentityAuthenticationProviderWithScopes(credential, g.graphUserScopes)
|
authProvider, err := auth.NewAzureIdentityAuthenticationProviderWithScopes(credential, g.graphUserScopes)
|
||||||
@ -66,7 +70,7 @@ func (g *GraphHelper) InitializeGraphForUserAuth() error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (g *GraphHelper) GetUserToken() (*string, error) {
|
func (g *GraphHelper) GetUserToken() (*string, error) {
|
||||||
token, err := g.deviceCodeCredential.GetToken(context.Background(), policy.TokenRequestOptions{
|
token, err := g.InteractiveBrowserCredential.GetToken(context.Background(), policy.TokenRequestOptions{
|
||||||
Scopes: g.graphUserScopes,
|
Scopes: g.graphUserScopes,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -75,3 +79,15 @@ func (g *GraphHelper) GetUserToken() (*string, error) {
|
|||||||
|
|
||||||
return &token.Token, nil
|
return &token.Token, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (g *GraphHelper) GetUser() (models.Userable, error) {
|
||||||
|
query := users.UserItemRequestBuilderGetQueryParameters{
|
||||||
|
// Only request specific properties
|
||||||
|
Select: []string{"displayName", "mail", "userPrincipalName"},
|
||||||
|
}
|
||||||
|
|
||||||
|
return g.userClient.Me().Get(context.Background(),
|
||||||
|
&users.UserItemRequestBuilderGetRequestConfiguration{
|
||||||
|
QueryParameters: &query,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|||||||
@ -15,25 +15,35 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
func handler(w http.ResponseWriter, r *http.Request) {
|
func handler(w http.ResponseWriter, r *http.Request) {
|
||||||
query := r.URL.Query()
|
|
||||||
name := query.Get("name")
|
|
||||||
|
|
||||||
graphHelper := graphhelper.NewGraphHelper()
|
graphHelper := graphhelper.NewGraphHelper()
|
||||||
|
|
||||||
initializeGraph(graphHelper)
|
initializeGraph(graphHelper)
|
||||||
greetUser(graphHelper)
|
|
||||||
|
|
||||||
if name == "" {
|
user, err := graphHelper.GetUser()
|
||||||
name = "Guest"
|
if err != nil {
|
||||||
|
log.Panicf("Error getting user: %v\n", err)
|
||||||
}
|
}
|
||||||
log.Printf("Received request for %s\n", name)
|
|
||||||
w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
|
fmt.Printf("Hello, %s!\n", *user.GetDisplayName())
|
||||||
|
w.Write([]byte(fmt.Sprintf("Hello, %s\n", *user.GetDisplayName())))
|
||||||
|
|
||||||
|
// query := r.URL.Query()
|
||||||
|
// name := query.Get("name")
|
||||||
|
// w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
|
||||||
}
|
}
|
||||||
|
|
||||||
func healthHandler(w http.ResponseWriter, r *http.Request) {
|
func healthHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusOK)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
|
clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
|
||||||
|
tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
|
||||||
|
redirectURI := "https://alias.spamasaurus.com/"
|
||||||
|
|
||||||
|
http.Redirect(w, r,
|
||||||
|
"https://login.microsoftonline.com/"+tenantId+"/oauth2/v2.0/authorize?client_id="+clientId+"&response_type=code&redirect_uri="+redirectURI+"&scope=openid profile offline_access", http.StatusMovedPermanently)
|
||||||
|
}
|
||||||
|
|
||||||
func readinessHandler(w http.ResponseWriter, r *http.Request) {
|
func readinessHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusOK)
|
||||||
}
|
}
|
||||||
@ -44,6 +54,7 @@ func main() {
|
|||||||
|
|
||||||
r.HandleFunc("/", handler)
|
r.HandleFunc("/", handler)
|
||||||
r.HandleFunc("/health", healthHandler)
|
r.HandleFunc("/health", healthHandler)
|
||||||
|
r.HandleFunc("/login", loginHandler)
|
||||||
r.HandleFunc("/readiness", readinessHandler)
|
r.HandleFunc("/readiness", readinessHandler)
|
||||||
|
|
||||||
srv := &http.Server{
|
srv := &http.Server{
|
||||||
@ -88,10 +99,6 @@ func initializeGraph(graphHelper *graphhelper.GraphHelper) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func greetUser(graphHelper *graphhelper.GraphHelper) {
|
|
||||||
// TODO
|
|
||||||
}
|
|
||||||
|
|
||||||
func displayAccessToken(graphHelper *graphhelper.GraphHelper) {
|
func displayAccessToken(graphHelper *graphhelper.GraphHelper) {
|
||||||
token, err := graphHelper.GetUserToken()
|
token, err := graphHelper.GetUserToken()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user