chore(release): 1.0.8 [skip ci]

## [1.0.8](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.7...v1.0.8) (2024-03-09)

### Bug Fixes

* Replace bogus scope with correct value ([44bf4e4](44bf4e4888))

.drone.yml

@@ -1,156 +0,0 @@
-kind: pipeline
-type: kubernetes
-name: Container & Helm chart
-
-trigger:
-  event:
-    exclude:
-    - tag
-
-steps:
-- name: Semantic Release (Dry-run)
-  image: library/node:20-slim
-  pull: always
-  commands:
-  - |
-    apt-get update
-  - |
-    apt-get install -y --no-install-recommends \
-      git-core \
-      ca-certificates
-  - |
-    npm install \
-      semantic-release \
-      @semantic-release/commit-analyzer \
-      @semantic-release/exec \
-  - |
-    export GIT_CREDENTIALS=$${GIT_USERNAME}:$${GIT_APIKEY}
-  - |
-    npx semantic-release \
-      --package @semantic-release/exec \
-      --package semantic-release \
-      --branches ${DRONE_BRANCH} \
-      --tag-format "v\$${version}" \
-      --dry-run \
-      --plugins @semantic-release/commit-analyzer,@semantic-release/exec \
-      --analyzeCommits @semantic-release/commit-analyzer \
-      --verifyRelease @semantic-release/exec \
-      --verifyReleaseCmd 'echo "$${nextRelease.version}" > .version'
-  environment:
-    GIT_APIKEY:
-      from_secret: git_apikey
-    GIT_USERNAME: djpbessems
-
-# - name: Container image (Harbor)
-#   depends_on:
-#   - Semantic Release (Dry-run)
-#   image: gcr.io/kaniko-project/executor:debug
-#   pull: always
-#   commands:
-#   - |
-#     export VALID_TAG=$(cat .version 2> /dev/null) && [ -n "$VALID_TAG" ] || (echo 'No release tag - exiting'; exit 0)
-#   - |
-#     wget https://github.com/jqlang/jq/releases/download/jq-1.6/jq-linux64 -qO /bin/jq
-#     chmod +x /bin/jq
-#   - |
-#     /bin/jq '.auths["https://bv11-cr01.bessems.eu/v2/"].auth="'"$(echo -n $HARBOR_USERNAME':'$HARBOR_PASSWORD | base64)"'"' --null-input > /kaniko/.docker/config.json
-#   - |
-#     /kaniko/executor \
-#       --dockerfile=Dockerfile \
-#       --context=dir://. \
-#       --destination=bv11-cr01.bessems.eu/library/json-server:latest \
-#       --destination=bv11-cr01.bessems.eu/library/json-server:$VALID_TAG
-#   environment:
-#     HARBOR_USERNAME:
-#       from_secret: harbor_username
-#     HARBOR_PASSWORD:
-#       from_secret: harbor_password
-
-- name: Container image (docker.io)
-  depends_on:
-  - Semantic Release (Dry-run)
-  image: gcr.io/kaniko-project/executor:debug
-  pull: always
-  commands:
-  - |
-    export VALID_TAG=$(cat .version 2> /dev/null) && [ -n "$VALID_TAG" ] || (echo 'No release tag - exiting'; exit 0)
-  - |
-    wget https://github.com/jqlang/jq/releases/download/jq-1.6/jq-linux64 -qO /bin/jq
-    chmod +x /bin/jq
-  - |
-    /bin/jq '.auths["https://index.docker.io/v1/"].auth="'"$(echo -n $DOCKER_USERNAME':'$DOCKER_PASSWORD | base64)"'"' --null-input > /kaniko/.docker/config.json
-  - |
-    /kaniko/executor \
-      --dockerfile=Dockerfile \
-      --context=dir://. \
-      --destination=docker.io/djpbessems/spamasaurusrex:latest \
-      --destination=docker.io/djpbessems/spamasaurusrex:$VALID_TAG
-  environment:
-    DOCKER_USERNAME:
-      from_secret: docker_username
-    DOCKER_PASSWORD:
-      from_secret: docker_password
-
-# - name: Helm chart (Gitea)
-#   depends_on:
-#   - Semantic Release (Dry-run)
-#   image: bv11-cr01.bessems.eu/proxy/alpine/helm
-#   pull: always
-#   commands:
-#   - |
-#     export VALID_TAG=$(cat .version 2> /dev/null) && [ -n "$VALID_TAG" ] || (echo 'No release tag - exiting'; exit 0)
-#     sed -i 's/{{ chart_version }}/'$VALID_TAG'/g' charts/json-server/Chart.yaml
-#     sed -i 's/{{ image_tag }}/'$VALID_TAG'/g' charts/json-server/values.yaml
-#   - |
-#     helm package ./charts/json-server
-#   - |
-#     helm plugin install https://github.com/chartmuseum/helm-push
-#   - |
-#     helm repo add \
-#       --username $GIT_USERNAME \
-#       --password $GIT_APIKEY \
-#       spamasaurus \
-#       https://code.spamasaurus.com/api/packages/$GIT_USERNAME/helm
-#   - |
-#     helm cm-push \
-#       json-server-*.tgz \
-#       spamasaurus
-#   environment:
-#     GIT_APIKEY:
-#       from_secret: git_apikey
-#     GIT_USERNAME: djpbessems
-
-- name: Semantic Release
-  depends_on:
-  # - Container image (Harbor)
-  - Container image (docker.io)
-  # - Helm chart (Gitea)
-  image: library/node:20-slim
-  pull: always
-  commands:
-  - |
-    export VALID_TAG=$(cat .version 2> /dev/null) && [ -n "$VALID_TAG" ] || (echo 'No release tag - exiting'; exit 0)
-  - |
-    apt-get update
-  - |
-    apt-get install -y --no-install-recommends \
-      git-core \
-      ca-certificates
-  - |
-    npm install \
-      semantic-release \
-      @semantic-release/changelog \
-      @semantic-release/commit-analyzer \
-      @semantic-release/git \
-      @semantic-release/release-notes-generator
-  - |
-    export GIT_CREDENTIALS=$${GIT_USERNAME}:$${GIT_APIKEY}
-  - |
-    npx semantic-release \
-      --branches ${DRONE_BRANCH} \
-      --tag-format "v\$${version}" \
-      --plugins @semantic-release/commit-analyzer,@semantic-release/release-notes-generator,@semantic-release/changelog,@semantic-release/git
-  environment:
-    GIT_APIKEY:
-      from_secret: git_apikey
-    GIT_USERNAME: djpbessems

CHANGELOG.md

@@ -1,3 +1,59 @@
+## [1.0.8](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.7...v1.0.8) (2024-03-09)
+
+
+### Bug Fixes
+
+* Replace bogus scope with correct value ([44bf4e4](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/44bf4e4888738afebd28ad717153113753afd5f2))
+
+## [1.0.7](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.6...v1.0.7) (2024-03-09)
+
+
+### Bug Fixes
+
+* Expand scope of debugging variable ([3dbfb4a](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/3dbfb4a917fa5f886c52f0ae11c1cab73ecb7713))
+
+## [1.0.6](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.5...v1.0.6) (2024-03-09)
+
+
+### Bug Fixes
+
+* Add verbose debugging output ([b4d866b](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/b4d866bbe8cf3f9632fdf69de4f15779c0099a9f))
+
+## [1.0.5](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.4...v1.0.5) (2024-03-08)
+
+
+### Bug Fixes
+
+* Rebase to MSAL library for authentication ([3a0c288](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/3a0c288e55d4a717fa89f9548c5006e6c6bd7969))
+
+## [1.0.4](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.3...v1.0.4) (2024-03-08)
+
+
+### Bug Fixes
+
+* Include Mozilla CA certificate list for TLS trust ([72ed807](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/72ed8073bf65a04efc68a4de28f5319b3931f6bc))
+
+## [1.0.3](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.2...v1.0.3) (2024-03-08)
+
+
+### Bug Fixes
+
+* Refactor to use interactivebrowser login ([580f64b](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/580f64b7f203a2a55e0df1d34545e19fc070fecd))
+
+## [1.0.2](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.1...v1.0.2) (2024-03-01)
+
+
+### Bug Fixes
+
+* Add basic graph functionality ([4f441fa](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/4f441fa6b4c8d94703c4bd5364b39b2541b38ea8))
+
+## [1.0.1](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.0...v1.0.1) (2024-02-28)
+
+
+### Bug Fixes
+
+* Align chart port configuration and health/readiness endpoints w/ golang code ([d81ca32](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/d81ca32460e5c87b49507f8163c6e64c3d2c8f15))
+
 # 1.0.0 (2024-02-28)
 
 

Dockerfile

@@ -14,6 +14,6 @@ WORKDIR /app
 
 COPY --from=builder /app/main .
 
-EXPOSE 80
+EXPOSE 8080
 
 CMD ["./main"]

chart-values.yml

@@ -0,0 +1,6 @@
+ingress:
+  hosts:
+    - host: alias.spamasaurus.com
+      paths:
+        - path: /
+          pathType: ImplementationSpecific

charts/spamasaurusrex/templates/configmap.yaml

@@ -1,96 +0,0 @@
-{{- if not .Values.jsonServer.seedData.existingConfigMap }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ .Release.Name }}-configmap
-data:
-  index.html: |
-    <html>
-      <head>
-        <link
-          rel="stylesheet"
-          href="https://use.fontawesome.com/releases/v5.8.2/css/all.css"
-          integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay"
-          crossorigin="anonymous"
-        />
-        <link rel="stylesheet" href="style.css" />
-        <title>JSON Server</title>
-      </head>
-
-      <body>
-        <header>
-          <div class="container">
-            <nav>
-              <ul>
-                <li class="title">
-                  JSON Server
-                </li>
-              </ul>
-            </nav>
-          </div>
-        </header>
-        <main>
-          <div class="container">
-            <h1>Congrats!</h1>
-            <p>
-              You're successfully running JSON Server
-              <br />
-              ✧*｡٩(ˊᗜˋ*)و✧*｡
-            </p>
-
-            <div id="resources"></div>
-
-          </div>
-        </main>
-
-        <footer>
-          <div class="container">
-            <p>
-              Howdy mates!
-            </p>
-          </div>
-        </footer>
-
-        <script src="script.js"></script>
-      </body>
-    </html>
-  update.sh: |
-    #!/bin/bash
-
-    while getopts u: flag
-    do
-      case "${flag}" in
-        u) URL=${OPTARG};;
-      esac
-    done
-
-    [[ $(getent hosts $URL) ]] || {
-      echo 'Could not resolve' $URL
-      exit 1
-    }
-
-    echo '['$(date "+%Y-%m-%d %H:%M:%S")'] Started polling helm releases with 60 second interval'
-
-    while sleep 60;
-    do
-      echo '['$(date "+%Y-%m-%d %H:%M:%S")']' $(curl -ks https://$URL/components | jq length) 'known releases in database'
-
-      for entry in $(helm list --all-namespaces --output json | jq -r '.[] | @base64'); do
-        RELEASE=$(echo $entry | base64 -d | jq -cS '.type="helm" | del(.namespace, .revision, .status)')
-        APP_NAME=$(echo $RELEASE | jq -r '.name')
-        APP_ID=$(curl -ks https://$URL/components?name=$APP_NAME | jq -r '.[0].id')
-
-        # Release is not yet in database
-        [ "$APP_ID" == null ] && {
-          curl -ks -X POST https://$URL/components -H 'Content-Type: application/json' --data "$RELEASE" -o /dev/null
-        }
-        # Release is already in database
-        [ "$APP_ID" != null ] && {
-          curl -ks -X PATCH https://$URL/components/$APP_ID -H 'Content-Type: application/json' --data "$RELEASE" -o /dev/null
-        }
-      done
-
-    done
-  db.json: |
-{{ include "common.tplvalues.render" ( dict "value" .Values.jsonServer.seedData.configInline "context" $) | indent 4 }}
-{{- end -}}

charts/spamasaurusrex/templates/deployment.yaml

@@ -29,56 +29,22 @@ spec:
         - name: {{ .Chart.Name }}
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.jsonServer.image.repository }}:{{ .Values.jsonServer.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.jsonServer.image.pullPolicy }}
+          image: "{{ .Values.spamasaurusRex.image.repository }}:{{ .Values.spamasaurusRex.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.spamasaurusRex.image.pullPolicy }}
           ports:
             - name: http
               containerPort: {{ .Values.service.port }}
               protocol: TCP
           livenessProbe:
             httpGet:
-              path: /
+              path: /health
               port: http
           readinessProbe:
             httpGet:
-              path: /
+              path: /readiness
               port: http
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
-          volumeMounts:
-          - name: {{ .Release.Name }}-configmap
-            mountPath: /data/db.json
-            subPath: db.json
-          - name: {{ .Release.Name }}-configmap
-            mountPath: /usr/local/lib/node_modules/spamasaurusrex/public/index.html
-            subPath: index.html
-        - name: {{ .Chart.Name }}-sidecar
-          securityContext:
-            {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
-          imagePullPolicy: {{ .Values.sidecar.image.pullPolicy }}
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          command:
-          - /bin/bash
-          - -c
-          - "/opt/update.sh -u {{ .Values.sidecar.targetUrl }}"
-          volumeMounts:
-          - name: {{ .Release.Name }}-configmap
-            mountPath: /opt/update.sh
-            subPath: update.sh
-      volumes:
-      - name: {{ .Release.Name }}-configmap
-        configMap:
-          name: {{ .Release.Name }}-configmap
-          items:
-          - key: db.json
-            path: db.json
-          - key: index.html
-            path: index.html
-          - key: update.sh
-            path: update.sh
-            mode: 0744
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

charts/spamasaurusrex/values.yaml

@@ -37,7 +37,7 @@ securityContext: {}
 
 service:
   type: ClusterIP
-  port: 80
+  port: 8080
 
 ingress:
   enabled: true

go.mod

@@ -2,4 +2,45 @@ module pkg/spamasaurusrex
 
 go 1.19
 
-require github.com/gorilla/mux v1.8.1
+require (
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1
+	github.com/breml/rootcerts v0.2.16
+	github.com/gorilla/mux v1.8.1
+	github.com/microsoftgraph/msgraph-sdk-go v1.34.0
+)
+
+require (
+	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
+	github.com/kylelemons/godebug v1.1.0 // indirect
+	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
+	golang.org/x/crypto v0.18.0 // indirect
+	golang.org/x/sys v0.16.0 // indirect
+)
+
+require (
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.2
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect
+	github.com/cjlapao/common-go v0.0.39 // indirect
+	github.com/davecgh/go-spew v1.1.1
+	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/microsoft/kiota-abstractions-go v1.5.6 // indirect
+	github.com/microsoft/kiota-authentication-azure-go v1.0.2
+	github.com/microsoft/kiota-http-go v1.3.0 // indirect
+	github.com/microsoft/kiota-serialization-form-go v1.0.0 // indirect
+	github.com/microsoft/kiota-serialization-json-go v1.0.6 // indirect
+	github.com/microsoft/kiota-serialization-multipart-go v1.0.0 // indirect
+	github.com/microsoft/kiota-serialization-text-go v1.0.0 // indirect
+	github.com/microsoftgraph/msgraph-sdk-go-core v1.0.2 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/std-uritemplate/std-uritemplate/go v0.0.50 // indirect
+	github.com/stretchr/testify v1.8.4 // indirect
+	go.opentelemetry.io/otel v1.22.0 // indirect
+	go.opentelemetry.io/otel/metric v1.22.0 // indirect
+	go.opentelemetry.io/otel/trace v1.22.0 // indirect
+	golang.org/x/net v0.20.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)

go.sum

@@ -1,2 +1,77 @@
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.2 h1:c4k2FIYIh4xtwqrQwV0Ct1v5+ehlNXj5NI/MWVsiTkQ=
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.2/go.mod h1:5FDJtLEO/GxwNgUxbwrY3LP0pEoThTQJtk2oysdXHxM=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aMclParm9/5Vgp+TY51uBQ=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 h1:DzHpqpoJVaCgOUdVHxE8QB52S6NiVdDQvGlny1qvPqA=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
+github.com/breml/rootcerts v0.2.16 h1:yN1TGvicfHx8dKz3OQRIrx/5nE/iN3XT1ibqGbd6urc=
+github.com/breml/rootcerts v0.2.16/go.mod h1:S/PKh+4d1HUn4HQovEB8hPJZO6pUZYrIhmXBhsegfXw=
+github.com/cjlapao/common-go v0.0.39 h1:bAAUrj2B9v0kMzbAOhzjSmiyDy+rd56r2sy7oEiQLlA=
+github.com/cjlapao/common-go v0.0.39/go.mod h1:M3dzazLjTjEtZJbbxoA5ZDiGCiHmpwqW9l4UWaddwOA=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
+github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
+github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
+github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
+github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw=
+github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
 github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
+github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
+github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
+github.com/microsoft/kiota-abstractions-go v1.5.6 h1:3hd1sACWB2B9grv8KG1T8g/gGQ4A8kTLv91OUxHSxkE=
+github.com/microsoft/kiota-abstractions-go v1.5.6/go.mod h1:2WX7Oh8V9SAdZ80OGeE53rcbdys54Pd38rAeDUghrpM=
+github.com/microsoft/kiota-authentication-azure-go v1.0.2 h1:tClGeyFZJ+4Bakf8u0euPM4wqy4ethycdOgx3jyH3pI=
+github.com/microsoft/kiota-authentication-azure-go v1.0.2/go.mod h1:aTcti0bUJEcq7kBfQG4Sr4ElvRNuaalXcFEu4iEyQ6M=
+github.com/microsoft/kiota-http-go v1.3.0 h1:+DhZ6YGi9iDzPYK5v181H8qFthUm38tM6iuL/36EBpY=
+github.com/microsoft/kiota-http-go v1.3.0/go.mod h1:K51qqc8bo6iNgJ0J2CGMk8HH//IPhrM/87Z0y2I/7I8=
+github.com/microsoft/kiota-serialization-form-go v1.0.0 h1:UNdrkMnLFqUCccQZerKjblsyVgifS11b3WCx+eFEsAI=
+github.com/microsoft/kiota-serialization-form-go v1.0.0/go.mod h1:h4mQOO6KVTNciMF6azi1J9QB19ujSw3ULKcSNyXXOMA=
+github.com/microsoft/kiota-serialization-json-go v1.0.6 h1:8v8IXMGurLCRYZs1l0Ck75lN0wzKDLko69mNdQGVWeQ=
+github.com/microsoft/kiota-serialization-json-go v1.0.6/go.mod h1:I0CiXKgvKDFOO35lQ5VpYmd2nFLXHdJUsHnG8z/TX7A=
+github.com/microsoft/kiota-serialization-multipart-go v1.0.0 h1:3O5sb5Zj+moLBiJympbXNaeV07K0d46IfuEd5v9+pBs=
+github.com/microsoft/kiota-serialization-multipart-go v1.0.0/go.mod h1:yauLeBTpANk4L03XD985akNysG24SnRJGaveZf+p4so=
+github.com/microsoft/kiota-serialization-text-go v1.0.0 h1:XOaRhAXy+g8ZVpcq7x7a0jlETWnWrEum0RhmbYrTFnA=
+github.com/microsoft/kiota-serialization-text-go v1.0.0/go.mod h1:sM1/C6ecnQ7IquQOGUrUldaO5wj+9+v7G2W3sQ3fy6M=
+github.com/microsoftgraph/msgraph-sdk-go v1.34.0 h1:bYTX+95g9kw85FFipvD/wQSsF+9jitgfvAxAeMP6Rfs=
+github.com/microsoftgraph/msgraph-sdk-go v1.34.0/go.mod h1:vrsU4lnP+OnIbVqPBv3wbRZpN8zhHOYWzoLf6led9ms=
+github.com/microsoftgraph/msgraph-sdk-go-core v1.0.2 h1:GsZ2bUe+aMdPo9B6ivm0T9vlU9s4ufTScu+GqZnYNNw=
+github.com/microsoftgraph/msgraph-sdk-go-core v1.0.2/go.mod h1:3c/v/N/iuH8UWDf4r4Z9FBiSyGeNZ54BHe2y+9Ccxtc=
+github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
+github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/std-uritemplate/std-uritemplate/go v0.0.50 h1:LAE6WYRmLlDXPtEzr152BnD/MHxGCKmcp5D2Pw0NvmU=
+github.com/std-uritemplate/std-uritemplate/go v0.0.50/go.mod h1:CLZ1543WRCuUQQjK0BvPM4QrG2toY8xNZUm8Vbt7vTc=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+go.opentelemetry.io/otel v1.22.0 h1:xS7Ku+7yTFvDfDraDIJVpw7XPyuHlB9MCiqqX5mcJ6Y=
+go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI=
+go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er4d8Hhg=
+go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY=
+go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0=
+go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo=
+golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
+golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
+golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
+golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
+golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

pkg/graphhelper/graphhelper.go

@@ -0,0 +1,93 @@
+package graphhelper
+
+import (
+	"context"
+	"strings"
+
+	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
+	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
+	auth "github.com/microsoft/kiota-authentication-azure-go"
+	msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
+	"github.com/microsoftgraph/msgraph-sdk-go/models"
+	"github.com/microsoftgraph/msgraph-sdk-go/users"
+)
+
+type GraphHelper struct {
+	// deviceCodeCredential *azidentity.DeviceCodeCredential
+	InteractiveBrowserCredential *azidentity.InteractiveBrowserCredential
+	userClient                   *msgraphsdk.GraphServiceClient
+	graphUserScopes              []string
+}
+
+func NewGraphHelper() *GraphHelper {
+	g := &GraphHelper{}
+	return g
+}
+
+func (g *GraphHelper) InitializeGraphForUserAuth() error {
+	// clientId := os.Getenv("CLIENT_ID")
+	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
+	// tenantId := os.Getenv("TENANT_ID")
+	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
+	// scopes := os.Getenv("GRAPH_USER_SCOPES")
+	scopes := "user.read"
+	g.graphUserScopes = strings.Split(scopes, ",")
+
+	// Create the device code credential
+	// credential, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
+	credential, err := azidentity.NewInteractiveBrowserCredential(&azidentity.InteractiveBrowserCredentialOptions{
+		ClientID: clientId,
+		TenantID: tenantId,
+		// UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
+		// 	fmt.Println(message.Message)
+		// 	return nil
+		// },
+		RedirectURL: "https://alias.spamasaurus.com/",
+	})
+	if err != nil {
+		return err
+	}
+
+	g.InteractiveBrowserCredential = credential
+
+	// Create an auth provider using the credential
+	authProvider, err := auth.NewAzureIdentityAuthenticationProviderWithScopes(credential, g.graphUserScopes)
+	if err != nil {
+		return err
+	}
+
+	// Create a request adapter using the auth provider
+	adapter, err := msgraphsdk.NewGraphRequestAdapter(authProvider)
+	if err != nil {
+		return err
+	}
+
+	// Create a Graph client using request adapter
+	client := msgraphsdk.NewGraphServiceClient(adapter)
+	g.userClient = client
+
+	return nil
+}
+
+func (g *GraphHelper) GetUserToken() (*string, error) {
+	token, err := g.InteractiveBrowserCredential.GetToken(context.Background(), policy.TokenRequestOptions{
+		Scopes: g.graphUserScopes,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return &token.Token, nil
+}
+
+func (g *GraphHelper) GetUser() (models.Userable, error) {
+	query := users.UserItemRequestBuilderGetQueryParameters{
+		// Only request specific properties
+		Select: []string{"displayName", "mail", "userPrincipalName"},
+	}
+
+	return g.userClient.Me().Get(context.Background(),
+		&users.UserItemRequestBuilderGetRequestConfiguration{
+			QueryParameters: &query,
+		})
+}

pkg/spamasaurusrex/main.go

@@ -7,36 +7,72 @@ import (
 	"net/http"
 	"os"
 	"os/signal"
+	"pkg/spamasaurusrex/pkg/graphhelper"
 	"syscall"
 	"time"
 
+	_ "github.com/breml/rootcerts"
 	"github.com/gorilla/mux"
+
+	"github.com/davecgh/go-spew/spew"
+
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
 )
 
 func handler(w http.ResponseWriter, r *http.Request) {
-	query := r.URL.Query()
-	name := query.Get("name")
-	if name == "" {
-		name = "Guest"
+	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
+	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
+	// redirectURI := "https://alias.spamasaurus.com/"
+	scopes := []string{"user.read"}
+
+	ctx := context.Background()
+
+	// confidential clients have a credential, such as a secret or a certificate
+	cred, err := confidential.NewCredFromSecret("client_secret")
+	if err != nil {
+		// TODO: handle error
 	}
-	log.Printf("Received request for %s\n", name)
-	w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
+
+	confidentialClient, err := confidential.New("https://login.microsoftonline.com/"+tenantId, clientId, cred)
+	if err != nil {
+		// TODO: handle error
+	}
+
+	result, err := confidentialClient.AcquireTokenSilent(ctx, scopes)
+	if err != nil {
+		// cache miss, authenticate with another AcquireToken... method
+		result, err = confidentialClient.AcquireTokenByCredential(ctx, scopes)
+		if err != nil {
+			// TODO: handle error
+		}
+	}
+	// accessToken := result.AccessToken
+	w.Write([]byte(fmt.Sprintf("Hello, %s\n", spew.Sdump(result))))
 }
 
 func healthHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 }
 
+func loginHandler(w http.ResponseWriter, r *http.Request) {
+	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
+	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
+	redirectURI := "https://alias.spamasaurus.com/"
+
+	http.Redirect(w, r,
+		"https://login.microsoftonline.com/"+tenantId+"/oauth2/v2.0/authorize?client_id="+clientId+"&response_type=code&redirect_uri="+redirectURI+"&scope=openid profile offline_access", http.StatusMovedPermanently)
+}
+
 func readinessHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 }
 
 func main() {
-	// Create Server and Route Handlers
 	r := mux.NewRouter()
 
 	r.HandleFunc("/", handler)
 	r.HandleFunc("/health", healthHandler)
+	r.HandleFunc("/login", loginHandler)
 	r.HandleFunc("/readiness", readinessHandler)
 
 	srv := &http.Server{
@@ -73,3 +109,24 @@ func waitForShutdown(srv *http.Server) {
 	log.Println("Shutting down")
 	os.Exit(0)
 }
+
+func initializeGraph(graphHelper *graphhelper.GraphHelper) {
+	err := graphHelper.InitializeGraphForUserAuth()
+	if err != nil {
+		log.Panicf("Error initializing Graph for user auth: %v\n", err)
+	}
+}
+
+func displayAccessToken(graphHelper *graphhelper.GraphHelper) {
+	token, err := graphHelper.GetUserToken()
+	if err != nil {
+		log.Panicf("Error getting user token: %v\n", err)
+	}
+
+	fmt.Printf("User token: %s", *token)
+	fmt.Println()
+}
+
+func makeGraphCall(graphHelper *graphhelper.GraphHelper) {
+	// TODO
+}