Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex

fix: Expand scope of debugging variable
chore(release): 1.0.6 [skip ci]
2024-03-09 18:09:28 +11:00 · 2024-03-09 18:09:26 +11:00 · 2024-03-09 07:07:01 +00:00 · 2024-03-09 17:56:49 +11:00 · 2024-03-09 17:56:47 +11:00 · 2024-03-08 08:29:55 +00:00
6 changed files with 106 additions and 36 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,31 @@
 ## [1.0.6](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.5...v1.0.6) (2024-03-09)
 ### Bug Fixes
 * Add verbose debugging output ([b4d866b](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/b4d866bbe8cf3f9632fdf69de4f15779c0099a9f))
 ## [1.0.5](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.4...v1.0.5) (2024-03-08)
 ### Bug Fixes
 * Rebase to MSAL library for authentication ([3a0c288](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/3a0c288e55d4a717fa89f9548c5006e6c6bd7969))
 ## [1.0.4](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.3...v1.0.4) (2024-03-08)
 ### Bug Fixes
 * Include Mozilla CA certificate list for TLS trust ([72ed807](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/72ed8073bf65a04efc68a4de28f5319b3931f6bc))
 ## [1.0.3](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.2...v1.0.3) (2024-03-08)
 ### Bug Fixes
 * Refactor to use interactivebrowser login ([580f64b](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/580f64b7f203a2a55e0df1d34545e19fc070fecd))
 ## [1.0.2](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.1...v1.0.2) (2024-03-01)
--- a/2
+++ b/2
@@ -14,6 +14,6 @@ WORKDIR /app
 COPY --from=builder /app/main .
-EXPOSE 80
+EXPOSE 8080
 CMD ["./main"]
--- a/go.mod
+++ b/go.mod
@@ -3,12 +3,13 @@ module pkg/spamasaurusrex
 go 1.19
 require (
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1
 	github.com/breml/rootcerts v0.2.16
 	github.com/gorilla/mux v1.8.1
 	github.com/microsoftgraph/msgraph-sdk-go v1.34.0
 )
 require (
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
@@ -21,7 +22,7 @@ require (
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect
 	github.com/cjlapao/common-go v0.0.39 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/davecgh/go-spew v1.1.1
 	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/google/uuid v1.6.0 // indirect
--- a/go.sum
+++ b/go.sum
@@ -6,6 +6,8 @@ github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aM
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc=
 github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 h1:DzHpqpoJVaCgOUdVHxE8QB52S6NiVdDQvGlny1qvPqA=
 github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
 github.com/breml/rootcerts v0.2.16 h1:yN1TGvicfHx8dKz3OQRIrx/5nE/iN3XT1ibqGbd6urc=
 github.com/breml/rootcerts v0.2.16/go.mod h1:S/PKh+4d1HUn4HQovEB8hPJZO6pUZYrIhmXBhsegfXw=
 github.com/cjlapao/common-go v0.0.39 h1:bAAUrj2B9v0kMzbAOhzjSmiyDy+rd56r2sy7oEiQLlA=
 github.com/cjlapao/common-go v0.0.39/go.mod h1:M3dzazLjTjEtZJbbxoA5ZDiGCiHmpwqW9l4UWaddwOA=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
--- a/pkg/graphhelper/graphhelper.go
+++ b/pkg/graphhelper/graphhelper.go
@@ -2,22 +2,21 @@ package graphhelper
 import (
 	"context"
 	"fmt"
 	"os"
 	"strings"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
 	auth "github.com/microsoft/kiota-authentication-azure-go"
 	msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
-	// "github.com/microsoftgraph/msgraph-sdk-go/models"
+	"github.com/microsoftgraph/msgraph-sdk-go/models"
-	// "github.com/microsoftgraph/msgraph-sdk-go/users"
+	"github.com/microsoftgraph/msgraph-sdk-go/users"
 )
 type GraphHelper struct {
-	deviceCodeCredential *azidentity.DeviceCodeCredential
+	// deviceCodeCredential *azidentity.DeviceCodeCredential
-	userClient           *msgraphsdk.GraphServiceClient
+	InteractiveBrowserCredential *azidentity.InteractiveBrowserCredential
-	graphUserScopes      []string
+	userClient                   *msgraphsdk.GraphServiceClient
 	graphUserScopes              []string
 }
 func NewGraphHelper() *GraphHelper {
@@ -26,25 +25,30 @@ func NewGraphHelper() *GraphHelper {
 }
 func (g *GraphHelper) InitializeGraphForUserAuth() error {
-	clientId := os.Getenv("CLIENT_ID")
+	// clientId := os.Getenv("CLIENT_ID")
-	tenantId := os.Getenv("TENANT_ID")
+	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
-	scopes := os.Getenv("GRAPH_USER_SCOPES")
+	// tenantId := os.Getenv("TENANT_ID")
 	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
 	// scopes := os.Getenv("GRAPH_USER_SCOPES")
 	scopes := "user.read"
 	g.graphUserScopes = strings.Split(scopes, ",")
 	// Create the device code credential
-	credential, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
+	// credential, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
 	credential, err := azidentity.NewInteractiveBrowserCredential(&azidentity.InteractiveBrowserCredentialOptions{
 		ClientID: clientId,
 		TenantID: tenantId,
-		UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
+		// UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
-			fmt.Println(message.Message)
+		// 	fmt.Println(message.Message)
-			return nil
+		// 	return nil
-		},
+		// },
 		RedirectURL: "https://alias.spamasaurus.com/",
 	})
 	if err != nil {
 		return err
 	}
-	g.deviceCodeCredential = credential
+	g.InteractiveBrowserCredential = credential
 	// Create an auth provider using the credential
 	authProvider, err := auth.NewAzureIdentityAuthenticationProviderWithScopes(credential, g.graphUserScopes)
@@ -66,7 +70,7 @@ func (g *GraphHelper) InitializeGraphForUserAuth() error {
 }
 func (g *GraphHelper) GetUserToken() (*string, error) {
-	token, err := g.deviceCodeCredential.GetToken(context.Background(), policy.TokenRequestOptions{
+	token, err := g.InteractiveBrowserCredential.GetToken(context.Background(), policy.TokenRequestOptions{
 		Scopes: g.graphUserScopes,
 	})
 	if err != nil {
@@ -75,3 +79,15 @@ func (g *GraphHelper) GetUserToken() (*string, error) {
 	return &token.Token, nil
 }
 func (g *GraphHelper) GetUser() (models.Userable, error) {
 	query := users.UserItemRequestBuilderGetQueryParameters{
 		// Only request specific properties
 		Select: []string{"displayName", "mail", "userPrincipalName"},
 	}
 	return g.userClient.Me().Get(context.Background(),
 		&users.UserItemRequestBuilderGetRequestConfiguration{
 			QueryParameters: &query,
 		})
 }
--- a/pkg/spamasaurusrex/main.go
+++ b/pkg/spamasaurusrex/main.go
@@ -11,39 +11,66 @@ import (
 	"syscall"
 	"time"
 	_ "github.com/breml/rootcerts"
 	"github.com/gorilla/mux"
 	"github.com/davecgh/go-spew/spew"
 	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
 )
 func handler(w http.ResponseWriter, r *http.Request) {
-	query := r.URL.Query()
+	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
-	name := query.Get("name")
+	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
 	// redirectURI := "https://alias.spamasaurus.com/"
 	scopes := []string{"email"}
-	graphHelper := graphhelper.NewGraphHelper()
+	// confidential clients have a credential, such as a secret or a certificate
-
+	cred, err := confidential.NewCredFromSecret("client_secret")
-	initializeGraph(graphHelper)
+	if err != nil {
-	greetUser(graphHelper)
+		// TODO: handle error
 	if name == "" {
 		name = "Guest"
 	}
-	log.Printf("Received request for %s\n", name)
+
-	w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
+	confidentialClient, err := confidential.New("https://login.microsoftonline.com/"+tenantId, clientId, cred)
 	if err != nil {
 		// TODO: handle error
 	}
 	result, err := confidentialClient.AcquireTokenSilent(context.TODO(), scopes)
 	if err != nil {
 		// cache miss, authenticate with another AcquireToken... method
 		result, err = confidentialClient.AcquireTokenByCredential(context.TODO(), scopes)
 		if err != nil {
 			// TODO: handle error
 		}
 	}
 	// accessToken := result.AccessToken
 	w.Write([]byte(fmt.Sprintf("Hello, %s\n", spew.Sdump(result))))
 }
 func healthHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 }
 func loginHandler(w http.ResponseWriter, r *http.Request) {
 	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
 	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
 	redirectURI := "https://alias.spamasaurus.com/"
 	http.Redirect(w, r,
 		"https://login.microsoftonline.com/"+tenantId+"/oauth2/v2.0/authorize?client_id="+clientId+"&response_type=code&redirect_uri="+redirectURI+"&scope=openid profile offline_access", http.StatusMovedPermanently)
 }
 func readinessHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 }
 func main() {
 	// Create Server and Route Handlers
 	r := mux.NewRouter()
 	r.HandleFunc("/", handler)
 	r.HandleFunc("/health", healthHandler)
 	r.HandleFunc("/login", loginHandler)
 	r.HandleFunc("/readiness", readinessHandler)
 	srv := &http.Server{
@@ -88,10 +115,6 @@ func initializeGraph(graphHelper *graphhelper.GraphHelper) {
 	}
 }
 func greetUser(graphHelper *graphhelper.GraphHelper) {
 	// TODO
 }
 func displayAccessToken(graphHelper *graphhelper.GraphHelper) {
 	token, err := graphHelper.GetUserToken()
 	if err != nil {
Author	SHA1	Message	Date
djpbessems	f02370d5bc	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 24s Details Container & Helm chart / Helm chart (push) Successful in 15s Details Container & Helm chart / Container image (push) Successful in 9m44s Details Container & Helm chart / Semantic Release (push) Successful in 32s Details	2024-03-09 18:09:28 +11:00
djpbessems	3dbfb4a917	fix: Expand scope of debugging variable	2024-03-09 18:09:26 +11:00
semantic-release-bot	ddb220a889	chore(release): 1.0.6 [skip ci] ## [1.0.6](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.5...v1.0.6) (2024-03-09) ### Bug Fixes * Add verbose debugging output ([`b4d866b`](`b4d866bbe8`))	2024-03-09 07:07:01 +00:00
djpbessems	ddbc209324	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 32s Details Container & Helm chart / Helm chart (push) Successful in 16s Details Container & Helm chart / Container image (push) Successful in 9m3s Details Container & Helm chart / Semantic Release (push) Successful in 33s Details	2024-03-09 17:56:49 +11:00
djpbessems	b4d866bbe8	fix: Add verbose debugging output	2024-03-09 17:56:47 +11:00
semantic-release-bot	4f14b47137	chore(release): 1.0.5 [skip ci] ## [1.0.5](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.4...v1.0.5) (2024-03-08) ### Bug Fixes * Rebase to MSAL library for authentication ([`3a0c288`](`3a0c288e55`))	2024-03-08 08:29:55 +00:00
djpbessems	905f2aed8e	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 27s Details Container & Helm chart / Helm chart (push) Successful in 15s Details Container & Helm chart / Container image (push) Successful in 4m36s Details Container & Helm chart / Semantic Release (push) Successful in 29s Details	2024-03-08 19:24:21 +11:00
djpbessems	3a0c288e55	fix: Rebase to MSAL library for authentication	2024-03-08 19:24:19 +11:00
semantic-release-bot	d650c1437c	chore(release): 1.0.4 [skip ci] ## [1.0.4](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.3...v1.0.4) (2024-03-08) ### Bug Fixes * Include Mozilla CA certificate list for TLS trust ([`72ed807`](`72ed8073bf`))	2024-03-08 01:37:44 +00:00
djpbessems	87b97ea82e	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 26s Details Container & Helm chart / Helm chart (push) Successful in 15s Details Container & Helm chart / Container image (push) Successful in 5m24s Details Container & Helm chart / Semantic Release (push) Successful in 28s Details	2024-03-08 12:31:19 +11:00
djpbessems	72ed8073bf	fix: Include Mozilla CA certificate list for TLS trust	2024-03-08 12:31:17 +11:00
semantic-release-bot	4058432f17	chore(release): 1.0.3 [skip ci] ## [1.0.3](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.2...v1.0.3) (2024-03-08) ### Bug Fixes * Refactor to use interactivebrowser login ([`580f64b`](`580f64b7f2`))	2024-03-08 00:58:33 +00:00
djpbessems	8b4a635d15	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 1m29s Details Container & Helm chart / Helm chart (push) Successful in 36s Details Container & Helm chart / Container image (push) Successful in 6m31s Details Container & Helm chart / Semantic Release (push) Successful in 27s Details	2024-03-08 11:50:03 +11:00
djpbessems	580f64b7f2	fix: Refactor to use interactivebrowser login	2024-03-08 11:50:00 +11:00