fix: Refactor to use oauth2 package
This commit is contained in:
parent
907fc9249c
commit
bb4bd5111f
14
go.mod
14
go.mod
|
|
@ -3,18 +3,22 @@ module pkg/spamasaurusrex
|
|||
go 1.19
|
||||
|
||||
require (
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1
|
||||
github.com/breml/rootcerts v0.2.16
|
||||
github.com/gorilla/mux v1.8.1
|
||||
github.com/microsoftgraph/msgraph-sdk-go v1.34.0
|
||||
golang.org/x/oauth2 v0.18.0
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
|
||||
github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
|
||||
github.com/golang/protobuf v1.5.3 // indirect
|
||||
github.com/kylelemons/godebug v1.1.0 // indirect
|
||||
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
|
||||
golang.org/x/crypto v0.18.0 // indirect
|
||||
golang.org/x/sys v0.16.0 // indirect
|
||||
golang.org/x/crypto v0.21.0 // indirect
|
||||
golang.org/x/sys v0.18.0 // indirect
|
||||
google.golang.org/appengine v1.6.7 // indirect
|
||||
google.golang.org/protobuf v1.31.0 // indirect
|
||||
)
|
||||
|
||||
require (
|
||||
|
|
@ -22,7 +26,7 @@ require (
|
|||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect
|
||||
github.com/cjlapao/common-go v0.0.39 // indirect
|
||||
github.com/davecgh/go-spew v1.1.1
|
||||
github.com/davecgh/go-spew v1.1.1 // indirect
|
||||
github.com/go-logr/logr v1.4.1 // indirect
|
||||
github.com/go-logr/stdr v1.2.2 // indirect
|
||||
github.com/google/uuid v1.6.0 // indirect
|
||||
|
|
@ -40,7 +44,7 @@ require (
|
|||
go.opentelemetry.io/otel v1.22.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.22.0 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.22.0 // indirect
|
||||
golang.org/x/net v0.20.0 // indirect
|
||||
golang.org/x/net v0.22.0 // indirect
|
||||
golang.org/x/text v0.14.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
)
|
||||
|
|
|
|||
32
go.sum
32
go.sum
|
|
@ -20,6 +20,11 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
|
|||
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
|
||||
github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw=
|
||||
github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
|
||||
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
|
||||
github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
|
||||
github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
||||
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
|
||||
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
|
|
@ -61,15 +66,30 @@ go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er
|
|||
go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY=
|
||||
go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0=
|
||||
go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo=
|
||||
golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
|
||||
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
|
||||
golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
|
||||
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
|
||||
golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
|
||||
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
|
||||
golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
|
||||
golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
|
||||
golang.org/x/oauth2 v0.18.0 h1:09qnuIAgzdx1XplqJvW6CQqMCtGZykZWcXzPMPUusvI=
|
||||
golang.org/x/oauth2 v0.18.0/go.mod h1:Wf7knwG0MPoWIMMBgFlEaSUDaKskp0dCfrlJRJXbBi8=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
|
||||
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
|
||||
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
|
||||
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
|
||||
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
|
||||
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
|
||||
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||
google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
|
||||
google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
|
||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||
|
|
|
|||
|
|
@ -7,63 +7,51 @@ import (
|
|||
"net/http"
|
||||
"os"
|
||||
"os/signal"
|
||||
"pkg/spamasaurusrex/pkg/graphhelper"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
_ "github.com/breml/rootcerts"
|
||||
"github.com/davecgh/go-spew/spew"
|
||||
"github.com/gorilla/mux"
|
||||
|
||||
"github.com/davecgh/go-spew/spew"
|
||||
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
"golang.org/x/oauth2"
|
||||
"golang.org/x/oauth2/microsoft"
|
||||
)
|
||||
|
||||
func handler(w http.ResponseWriter, r *http.Request) {
|
||||
clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
|
||||
tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
|
||||
redirectURI := "https://alias.spamasaurus.com/"
|
||||
scopes := []string{"user.read"}
|
||||
queryParams := r.URL.Query()
|
||||
var config = oauth2.Config{
|
||||
ClientID: "dccb4b93-3f75-4775-a94a-da39216d7daf",
|
||||
ClientSecret: "tiL8Q~qahoaZUck4ZG4sc5w.V_I.1c60bwkW6aYJ",
|
||||
Endpoint: microsoft.AzureADEndpoint("ceeae22e-f163-4ac9-b7c2-45972d3aed4f"),
|
||||
RedirectURL: "https://alias.spamasaurus.com//callback",
|
||||
Scopes: []string{"User.Read"},
|
||||
}
|
||||
|
||||
ctx := context.Background()
|
||||
func rootHandler(w http.ResponseWriter, r *http.Request) {
|
||||
url := config.AuthCodeURL("state", oauth2.AccessTypeOffline)
|
||||
http.Redirect(w, r, url, http.StatusFound)
|
||||
}
|
||||
|
||||
// confidential clients have a credential, such as a secret or a certificate
|
||||
cred, err := confidential.NewCredFromSecret("client_secret")
|
||||
func callbackHandler(w http.ResponseWriter, r *http.Request) {
|
||||
// Handle the callback after successful authentication
|
||||
code := r.URL.Query().Get("code")
|
||||
token, err := config.Exchange(r.Context(), code)
|
||||
if err != nil {
|
||||
// TODO: handle error
|
||||
}
|
||||
confidentialClient, err := confidential.New("https://login.microsoftonline.com/"+tenantId, clientId, cred)
|
||||
if err != nil {
|
||||
// TODO: handle error
|
||||
http.Error(w, "Error exchanging code for token", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
result, err := confidentialClient.AcquireTokenSilent(ctx, scopes)
|
||||
if err != nil {
|
||||
// cache miss, authenticate with another AcquireToken... method
|
||||
// result, err = confidentialClient.AcquireTokenByCredential(ctx, scopes)
|
||||
result, err = confidentialClient.AcquireTokenByAuthCode(ctx, queryParams["code"][0], redirectURI, scopes)
|
||||
if err != nil {
|
||||
// TODO: handle error
|
||||
}
|
||||
}
|
||||
// accessToken := result.AccessToken
|
||||
w.Write([]byte(fmt.Sprintf("Hello, %s\n", spew.Sdump(result))))
|
||||
// Use the token to make MS Graph queries
|
||||
// Example: Fetch user profile information
|
||||
// ...
|
||||
w.Write([]byte(spew.Sdump(token)))
|
||||
|
||||
fmt.Fprintln(w, "Authentication successful!")
|
||||
}
|
||||
|
||||
func healthHandler(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}
|
||||
|
||||
func loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||
clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
|
||||
tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
|
||||
redirectURI := "https://alias.spamasaurus.com/"
|
||||
|
||||
http.Redirect(w, r,
|
||||
"https://login.microsoftonline.com/"+tenantId+"/oauth2/v2.0/authorize?client_id="+clientId+"&response_type=code&redirect_uri="+redirectURI+"&scope=openid profile offline_access", http.StatusMovedPermanently)
|
||||
}
|
||||
|
||||
func readinessHandler(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}
|
||||
|
|
@ -71,9 +59,9 @@ func readinessHandler(w http.ResponseWriter, r *http.Request) {
|
|||
func main() {
|
||||
r := mux.NewRouter()
|
||||
|
||||
r.HandleFunc("/", handler)
|
||||
r.HandleFunc("/", rootHandler)
|
||||
r.HandleFunc("/health", healthHandler)
|
||||
r.HandleFunc("/login", loginHandler)
|
||||
r.HandleFunc("/callback", callbackHandler)
|
||||
r.HandleFunc("/readiness", readinessHandler)
|
||||
|
||||
srv := &http.Server{
|
||||
|
|
@ -110,24 +98,3 @@ func waitForShutdown(srv *http.Server) {
|
|||
log.Println("Shutting down")
|
||||
os.Exit(0)
|
||||
}
|
||||
|
||||
func initializeGraph(graphHelper *graphhelper.GraphHelper) {
|
||||
err := graphHelper.InitializeGraphForUserAuth()
|
||||
if err != nil {
|
||||
log.Panicf("Error initializing Graph for user auth: %v\n", err)
|
||||
}
|
||||
}
|
||||
|
||||
func displayAccessToken(graphHelper *graphhelper.GraphHelper) {
|
||||
token, err := graphHelper.GetUserToken()
|
||||
if err != nil {
|
||||
log.Panicf("Error getting user token: %v\n", err)
|
||||
}
|
||||
|
||||
fmt.Printf("User token: %s", *token)
|
||||
fmt.Println()
|
||||
}
|
||||
|
||||
func makeGraphCall(graphHelper *graphhelper.GraphHelper) {
|
||||
// TODO
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue