azureblob: make newServicePrincipalTokenRefresher take parsed principal structure
This commit is contained in:
parent
e3d593d40c
commit
6f3682c12f
2 changed files with 18 additions and 9 deletions
|
@ -467,12 +467,8 @@ type servicePrincipalCredentials struct {
|
||||||
const azureActiveDirectoryEndpoint = "https://login.microsoftonline.com/"
|
const azureActiveDirectoryEndpoint = "https://login.microsoftonline.com/"
|
||||||
const azureStorageEndpoint = "https://storage.azure.com/"
|
const azureStorageEndpoint = "https://storage.azure.com/"
|
||||||
|
|
||||||
// newServicePrincipalTokenRefresher takes the client ID and secret, and returns a refresh-able access token.
|
// newServicePrincipalTokenRefresher takes a servicePrincipalCredentials structure and returns a refresh-able access token.
|
||||||
func newServicePrincipalTokenRefresher(ctx context.Context, credentialsData []byte) (azblob.TokenRefresher, error) {
|
func newServicePrincipalTokenRefresher(ctx context.Context, spCredentials servicePrincipalCredentials) (azblob.TokenRefresher, error) {
|
||||||
var spCredentials servicePrincipalCredentials
|
|
||||||
if err := json.Unmarshal(credentialsData, &spCredentials); err != nil {
|
|
||||||
return nil, fmt.Errorf("error parsing credentials from JSON file: %w", err)
|
|
||||||
}
|
|
||||||
oauthConfig, err := adal.NewOAuthConfig(azureActiveDirectoryEndpoint, spCredentials.Tenant)
|
oauthConfig, err := adal.NewOAuthConfig(azureActiveDirectoryEndpoint, spCredentials.Tenant)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error creating oauth config: %w", err)
|
return nil, fmt.Errorf("error creating oauth config: %w", err)
|
||||||
|
@ -729,8 +725,12 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error opening service principal credentials file: %w", err)
|
return nil, fmt.Errorf("error opening service principal credentials file: %w", err)
|
||||||
}
|
}
|
||||||
|
var spCredentials servicePrincipalCredentials
|
||||||
|
if err := json.Unmarshal(loadedCreds, &spCredentials); err != nil {
|
||||||
|
return nil, fmt.Errorf("error parsing credentials from JSON file: %w", err)
|
||||||
|
}
|
||||||
// Create a token refresher from service principal credentials.
|
// Create a token refresher from service principal credentials.
|
||||||
tokenRefresher, err := newServicePrincipalTokenRefresher(ctx, loadedCreds)
|
tokenRefresher, err := newServicePrincipalTokenRefresher(ctx, spCredentials)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("failed to create a service principal token: %w", err)
|
return nil, fmt.Errorf("failed to create a service principal token: %w", err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,6 +7,7 @@ package azureblob
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"encoding/json"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/rclone/rclone/fs"
|
"github.com/rclone/rclone/fs"
|
||||||
|
@ -42,7 +43,11 @@ func TestServicePrincipalFileSuccess(t *testing.T) {
|
||||||
"tenant": "my active directory tenant ID"
|
"tenant": "my active directory tenant ID"
|
||||||
}
|
}
|
||||||
`
|
`
|
||||||
tokenRefresher, err := newServicePrincipalTokenRefresher(ctx, []byte(credentials))
|
var spCredentials servicePrincipalCredentials
|
||||||
|
jerr := json.Unmarshal([]byte(credentials), &spCredentials)
|
||||||
|
assert.Nil(t, jerr)
|
||||||
|
|
||||||
|
tokenRefresher, err := newServicePrincipalTokenRefresher(ctx, spCredentials)
|
||||||
if assert.NoError(t, err) {
|
if assert.NoError(t, err) {
|
||||||
assert.NotNil(t, tokenRefresher)
|
assert.NotNil(t, tokenRefresher)
|
||||||
}
|
}
|
||||||
|
@ -57,7 +62,11 @@ func TestServicePrincipalFileFailure(t *testing.T) {
|
||||||
"tenant": "my active directory tenant ID"
|
"tenant": "my active directory tenant ID"
|
||||||
}
|
}
|
||||||
`
|
`
|
||||||
_, err := newServicePrincipalTokenRefresher(ctx, []byte(credentials))
|
var spCredentials servicePrincipalCredentials
|
||||||
|
jerr := json.Unmarshal([]byte(credentials), &spCredentials)
|
||||||
|
assert.Nil(t, jerr)
|
||||||
|
|
||||||
|
_, err := newServicePrincipalTokenRefresher(ctx, spCredentials)
|
||||||
assert.Error(t, err)
|
assert.Error(t, err)
|
||||||
assert.EqualError(t, err, "error creating service principal token: parameter 'secret' cannot be empty")
|
assert.EqualError(t, err, "error creating service principal token: parameter 'secret' cannot be empty")
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue