diff --git a/providers/dns/azure/azure.go b/providers/dns/azure/azure.go index d079d5e1..97d69238 100644 --- a/providers/dns/azure/azure.go +++ b/providers/dns/azure/azure.go @@ -12,6 +12,8 @@ import ( "strings" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/adal" "github.com/Azure/go-autorest/autorest/azure" "github.com/Azure/go-autorest/autorest/to" "github.com/xenolf/lego/acme" @@ -69,7 +71,9 @@ func (c *DNSProvider) Present(domain, token, keyAuth string) error { } rsc := dns.NewRecordSetsClient(c.subscriptionId) - rsc.Authorizer, err = c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint) + spt, err := c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint) + rsc.Authorizer = autorest.NewBearerAuthorizer(spt) + relative := toRelativeRecord(fqdn, acme.ToFqdn(zone)) rec := dns.RecordSet{ Name: &relative, @@ -103,7 +107,8 @@ func (c *DNSProvider) CleanUp(domain, token, keyAuth string) error { relative := toRelativeRecord(fqdn, acme.ToFqdn(zone)) rsc := dns.NewRecordSetsClient(c.subscriptionId) - rsc.Authorizer, err = c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint) + spt, err := c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint) + rsc.Authorizer = autorest.NewBearerAuthorizer(spt) _, err = rsc.Delete(c.resourceGroup, zone, relative, dns.TXT, "") if err != nil { return err @@ -121,7 +126,11 @@ func (c *DNSProvider) getHostedZoneID(fqdn string) (string, error) { // Now we want to to Azure and get the zone. dc := dns.NewZonesClient(c.subscriptionId) - dc.Authorizer, err = c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint) + + rsc := dns.NewRecordSetsClient(c.subscriptionId) + spt, err := c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint) + rsc.Authorizer = autorest.NewBearerAuthorizer(spt) + zone, err := dc.Get(c.resourceGroup, acme.UnFqdn(authZone)) if err != nil { @@ -134,10 +143,10 @@ func (c *DNSProvider) getHostedZoneID(fqdn string) (string, error) { // NewServicePrincipalTokenFromCredentials creates a new ServicePrincipalToken using values of the // passed credentials map. -func (c *DNSProvider) newServicePrincipalTokenFromCredentials(scope string) (*azure.ServicePrincipalToken, error) { - oauthConfig, err := azure.PublicCloud.OAuthConfigForTenant(c.tenantId) +func (c *DNSProvider) newServicePrincipalTokenFromCredentials(scope string) (*adal.ServicePrincipalToken, error) { + oauthConfig, err := adal.NewOAuthConfig(azure.PublicCloud.ActiveDirectoryEndpoint, c.tenantId) if err != nil { panic(err) } - return azure.NewServicePrincipalToken(*oauthConfig, c.clientId, c.clientSecret, scope) + return adal.NewServicePrincipalToken(*oauthConfig, c.clientId, c.clientSecret, scope) }