-
Notifications
You must be signed in to change notification settings - Fork 796
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding samples for using azidentity with track1 (#12614)
* Adding samples for using azidentity with track1 * Improve comments * Adding comments, focusing examples on credentials * Updating comments and explaining relationships to track1 authorizers * Leave DefaultAzureCredentialAdapter with nil options and update comment * Updating comments
- Loading branch information
1 parent
b747047
commit 0d9d349
Showing
3 changed files
with
208 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,143 @@ | ||
// Copyright (c) Microsoft Corporation. All rights reserved. | ||
// Licensed under the MIT License. | ||
|
||
package azidentitysamples | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
"os" | ||
|
||
"github.com/Azure/azure-sdk-for-go/sdk/azcore" | ||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity" | ||
"github.com/Azure/azure-sdk-for-go/sdk/to" | ||
"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-05-01/resources" | ||
|
||
"github.com/jongio/azidext/go/azidext" | ||
) | ||
|
||
// Please note that the examples in this file are using the Azure SDK for Go V1 code base, along | ||
// with azidentity package from the Azure SDK for Go V2. | ||
// The adapter in the azidext package provides a simple way to integrate azidentity credentials | ||
// as authorizers for the V1 code base. | ||
|
||
const ( | ||
groupName = "samplegroup" | ||
) | ||
|
||
// Environment variables required for EnvironmentCredential to work and/or DefaultAzureCredential | ||
var ( | ||
clientID = os.Getenv("AZURE_CLIENT_ID") | ||
clientSecret = os.Getenv("AZURE_CLIENT_SECRET") | ||
subscriptionID = os.Getenv("AZURE_SUBSCRIPTION_ID") | ||
tenantID = os.Getenv("AZURE_TENANT_ID") | ||
) | ||
|
||
var ( | ||
location = os.Getenv("AZURE_LOCATION") | ||
userAgent = "azidentitysample" | ||
) | ||
|
||
// ExampleGroupsClientWithDefaultAzureCredential for using the DefaultAzureCredential through the NewDefaultAzureCredentialAdapter and assigning the credential to the | ||
// SDK V1 authorizer. | ||
// NewDefaultAzureCredentialAdapter should be used to replace auth.NewAuthorizerFromEnvironment(). DefaultAzureCredential, similarly to NewAuthorizerFromEnvironment, checks for | ||
// environment variables that can construct ClientSecretCredentials, ClientCertificateCredentials, UsernamePasswordCredentials, ManagedIdentityCredentials and AzureCLICredentials. | ||
func ExampleGroupsClientWithDefaultAzureCredential() { | ||
groupsClient := resources.NewGroupsClient(subscriptionID) | ||
// call azidext.NewDefaultAzureCredentialAdapter in order to get an authorizer with a DefaultAzureCredential | ||
// leave azidext.DefaultAzureCredentialOptions as nil to get the default scope for management APIs. | ||
// The default scope is: https://management.azure.com//.default. | ||
// NOTE: Scopes define the set of resources and permissions that the credential will have assigned to it. | ||
// To read more about scopes, see: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent | ||
a, err := azidext.NewDefaultAzureCredentialAdapter(nil) | ||
if err != nil { | ||
panic("failed to get credential") | ||
} | ||
groupsClient.Authorizer = a | ||
// use the groups client with the azidentity credential in the authorizer | ||
group, err := groupsClient.CreateOrUpdate( | ||
context.Background(), | ||
groupName, | ||
resources.Group{ | ||
Location: to.StringPtr(location), | ||
}) | ||
if err != nil { | ||
panic(err) | ||
} | ||
fmt.Println(*group.Name) | ||
// Output: | ||
// samplegroup | ||
} | ||
|
||
// ExampleGroupsClientWithClientSecretCredential for using the ClientSecretCredential with the NewAzureIdentityCredentialAdapter and assigning the credential to the | ||
// SDK V1 authorizer. | ||
// NewAzureIdentityCredentialAdapter can take any credential type defined in azidentity and convert it to an authorizer that is compatible with the Azure SDK for Go | ||
// V1 implementation. For a list of the credentials that azidentity includes, please see: https://github.com/Azure/azure-sdk-for-go/tree/master/sdk/azidentity. | ||
// NewClientSecretCredential can be used in place of auth.NewClientCredentialsConfig(). | ||
func ExampleGroupsClientWithClientSecretCredential() { | ||
groupsClient := resources.NewGroupsClient(subscriptionID) | ||
// instantiate a new ClientSecretCredential as specified in the documentation | ||
cred, err := azidentity.NewClientSecretCredential(tenantID, clientID, clientSecret, nil) | ||
if err != nil { | ||
panic(err) | ||
} | ||
// call azidext.NewAzureIdentityCredentialAdapter with the azidentity credential and necessary scope | ||
// NOTE: Scopes define the set of resources and permissions that the credential will have assigned to it. | ||
// To read more about scopes, see: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent | ||
a := azidext.NewAzureIdentityCredentialAdapter( | ||
cred, | ||
azcore.AuthenticationPolicyOptions{ | ||
Options: azcore.TokenRequestOptions{ | ||
Scopes: []string{"https://management.azure.com/.default"}}}) | ||
if err != nil { | ||
panic("failed to get credential") | ||
} | ||
// assign the authorizer to your client's authorizer | ||
groupsClient.Authorizer = a | ||
// perform an operation with the complete client | ||
list, err := groupsClient.ListComplete(context.Background(), "", nil) | ||
if err != nil { | ||
panic(err) | ||
} | ||
for list.NotDone() { | ||
fmt.Println(*list.Value().Name) | ||
list.Next() | ||
} | ||
// Output: | ||
// samplegroup | ||
} | ||
|
||
// ExampleGroupsClientWithEnvironmentCredential for using the EnvironmentCredential with the NewAzureIdentityCredentialAdapter and assigning the credential to the | ||
// SDK V1 authorizer. | ||
// NewAzureIdentityCredentialAdapter can take any credential type defined in azidentity and convert it to an authorizer that is compatible with the Azure SDK for Go | ||
// V1 implementation. For a list of the credentials that azidentity includes, please see: https://github.com/Azure/azure-sdk-for-go/tree/master/sdk/azidentity. | ||
// NewEnvironmentCredential can be used in place of auth.NewAuthorizerFromEnvironment(). An important distinction is that NewEnvironmentCredential does not include Managed | ||
// Identity credential, for a credential that also checks the environment for Managed Identity credential use the NewDefaultAzureCredentialAdapter. Alternatively, | ||
// create a custom credential chain with NewChainedTokenCredential and add all desired token credentials to try into the chain. | ||
func ExampleGroupsClientWithEnvironmentCredential() { | ||
groupsClient := resources.NewGroupsClient(subscriptionID) | ||
cred, err := azidentity.NewEnvironmentCredential(nil) | ||
if err != nil { | ||
panic(err) | ||
} | ||
// call azidext.NewAzureIdentityCredentialAdapter with the azidentity credential and necessary scopes | ||
// NOTE: Scopes define the set of resources and/or permissions that the credential will have assigned to it. | ||
// To read more about scopes, see: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent | ||
a := azidext.NewAzureIdentityCredentialAdapter( | ||
cred, | ||
azcore.AuthenticationPolicyOptions{ | ||
Options: azcore.TokenRequestOptions{ | ||
Scopes: []string{"https://management.azure.com/.default"}}}) | ||
if err != nil { | ||
panic("failed to get credential") | ||
} | ||
// assign the authorizer to your client's authorizer | ||
groupsClient.Authorizer = a | ||
// perform an operation with the complete client | ||
_, err = groupsClient.Delete(context.Background(), groupName) | ||
if err == nil { | ||
fmt.Println("Delete in progress..") | ||
} | ||
// Output: | ||
// Delete in progress.. | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
module azidentitysamples | ||
|
||
go 1.15 | ||
|
||
require ( | ||
github.com/Azure/azure-sdk-for-go v46.3.0+incompatible | ||
github.com/Azure/azure-sdk-for-go/sdk/azcore v0.10.0 | ||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.2.0 | ||
github.com/Azure/azure-sdk-for-go/sdk/to v0.1.1 | ||
github.com/jongio/azidext/go/azidext v0.1.0 | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
github.com/Azure/azure-sdk-for-go v46.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= | ||
github.com/Azure/azure-sdk-for-go v46.3.0+incompatible h1:m4oQOm3HXtQh2Ipata+pLSS1kGUD/7ikkvNq81XM/7s= | ||
github.com/Azure/azure-sdk-for-go v46.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= | ||
github.com/Azure/azure-sdk-for-go/sdk/azcore v0.10.0 h1:bicoLZMjsxg6LqSFRpLaAmVGqZtOS9hrCVi0KdqcCco= | ||
github.com/Azure/azure-sdk-for-go/sdk/azcore v0.10.0/go.mod h1:R+GJZ0mj7yxXtTENNLTzwkwro5zWzrEiZOdpIiN7Ypc= | ||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.2.0 h1:0s/9rnsRwEwd6heP3N+iUv3xRgommZUvu9SJZkcECNI= | ||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.2.0/go.mod h1:/XqWZ+BVfDwHnN6x+Ns+VH2Le0x0Yhks6I2DHkIyGGo= | ||
github.com/Azure/azure-sdk-for-go/sdk/internal v0.3.0 h1:l7b+GcynB+tNmqq4yrQG2mMzp34gNu65CC5iGTKVlOA= | ||
github.com/Azure/azure-sdk-for-go/sdk/internal v0.3.0/go.mod h1:Q+TCQnSr+clUU0JU+xrHZ3slYCxw17AOFdvWFpQXjAY= | ||
github.com/Azure/azure-sdk-for-go/sdk/to v0.1.1 h1:xfQtpQrdXC5By+/gOhE6rLRevCw17TLfjSWzkGkT58Y= | ||
github.com/Azure/azure-sdk-for-go/sdk/to v0.1.1/go.mod h1:UL/d4lvWAzSJUuX+19uKdN0ktyjoOyQhgY+HWNgtIYI= | ||
github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= | ||
github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= | ||
github.com/Azure/go-autorest/autorest v0.11.4 h1:iWJqGEvip7mjibEqC/srXNdo+4wLEPiwlP/7dZLtoPc= | ||
github.com/Azure/go-autorest/autorest v0.11.4/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= | ||
github.com/Azure/go-autorest/autorest/adal v0.9.0 h1:SigMbuFNuKgc1xcGhaeapbh+8fgsu+GxgDRFyg7f5lM= | ||
github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= | ||
github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= | ||
github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= | ||
github.com/Azure/go-autorest/autorest/mocks v0.4.0 h1:z20OWOSG5aCye0HEkDp6TPmP17ZcfeMxPi6HnSALa8c= | ||
github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= | ||
github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk= | ||
github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= | ||
github.com/Azure/go-autorest/autorest/validation v0.3.0 h1:3I9AAI63HfcLtphd9g39ruUwRI+Ca+z/f36KHPFRUss= | ||
github.com/Azure/go-autorest/autorest/validation v0.3.0/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= | ||
github.com/Azure/go-autorest/logger v0.2.0 h1:e4RVHVZKC5p6UANLJHkM4OfR1UKZPj8Wt8Pcx+3oqrE= | ||
github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= | ||
github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= | ||
github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= | ||
github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= | ||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= | ||
github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= | ||
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= | ||
github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc= | ||
github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= | ||
github.com/jongio/azidext/go/azidext v0.1.0 h1:FlT+pmODYf82hqyQtE5C/Fajdt64wos88k2d7yhnhHk= | ||
github.com/jongio/azidext/go/azidext v0.1.0/go.mod h1:v7DP8YodvY0fd6An/6j1A6OlU8SxPH1L7pjWcE/svik= | ||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= | ||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= | ||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= | ||
github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= | ||
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= | ||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= | ||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= | ||
golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a h1:vclmkQCjlDX5OydZ9wv8rBCcS0QyQY66Mpf/7BZbInM= | ||
golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= | ||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= | ||
golang.org/x/net v0.0.0-20200904194848-62affa334b73 h1:MXfv8rhZWmFeqX3GNZRsd6vOLoaCHjYEX3qkRo3YBUA= | ||
golang.org/x/net v0.0.0-20200904194848-62affa334b73/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= | ||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= | ||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= | ||
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= | ||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= |