azure: support deriving credentials from client id, client secret and provider url (#1300)

2025-05-27 16:07:19 +02:00 · 2020-08-18 10:17:28 -06:00 · 2020-08-18 10:17:28 -06:00 · c4c8ef8e53
commit c4c8ef8e53
parent 882b6b54ee
6 changed files with 104 additions and 13 deletions
--- a/internal/directory/azure/azure_test.go
+++ b/internal/directory/azure/azure_test.go
@ -2,6 +2,7 @@ package azure

 import (
 	"context"
+	"encoding/base64"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
@ -107,6 +108,43 @@ func Test(t *testing.T) {
 	}, groups)
 }

+func TestParseServiceAccount(t *testing.T) {
+	t.Run("by options", func(t *testing.T) {
+		serviceAccount, err := ParseServiceAccount(directory.Options{
+			ProviderURL:  "https://login.microsoftonline.com/0303f438-3c5c-4190-9854-08d3eb31bd9f/v2.0",
+			ClientID:     "CLIENT_ID",
+			ClientSecret: "CLIENT_SECRET",
+		})
+		if !assert.NoError(t, err) {
+			return
+		}
+
+		assert.Equal(t, &ServiceAccount{
+			ClientID:     "CLIENT_ID",
+			ClientSecret: "CLIENT_SECRET",
+			DirectoryID:  "0303f438-3c5c-4190-9854-08d3eb31bd9f",
+		}, serviceAccount)
+	})
+	t.Run("by service account", func(t *testing.T) {
+		serviceAccount, err := ParseServiceAccount(directory.Options{
+			ServiceAccount: base64.StdEncoding.EncodeToString([]byte(`{
+				"client_id": "CLIENT_ID",
+				"client_secret": "CLIENT_SECRET",
+				"directory_id": "0303f438-3c5c-4190-9854-08d3eb31bd9f"
+			}`)),
+		})
+		if !assert.NoError(t, err) {
+			return
+		}
+
+		assert.Equal(t, &ServiceAccount{
+			ClientID:     "CLIENT_ID",
+			ClientSecret: "CLIENT_SECRET",
+			DirectoryID:  "0303f438-3c5c-4190-9854-08d3eb31bd9f",
+		}, serviceAccount)
+	})
+}
+
 func mustParseURL(rawurl string) *url.URL {
 	u, err := url.Parse(rawurl)
 	if err != nil {