From 9038e4a609b1899f0eb382d03c3e823b70537125 Mon Sep 17 00:00:00 2001 From: Tareq Sharafy Date: Tue, 17 Jan 2023 21:03:26 +0200 Subject: [PATCH] feat: allow getting authorizer from existing file settings (#709) * feat: allow getting authorizer from existing file settings Signed-off-by: Tareq Sharafy * fix test Signed-off-by: Tareq Sharafy Co-authored-by: Joel Hendrix --- autorest/azure/auth/auth.go | 11 +++++++++++ autorest/azure/auth/auth_test.go | 20 ++++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/autorest/azure/auth/auth.go b/autorest/azure/auth/auth.go index e369f7c90..e97589dcd 100644 --- a/autorest/azure/auth/auth.go +++ b/autorest/azure/auth/auth.go @@ -250,6 +250,17 @@ func NewAuthorizerFromFile(resourceBaseURI string) (autorest.Authorizer, error) if err != nil { return nil, err } + return settings.GetAuthorizer(resourceBaseURI) +} + +// GetAuthorizer create an Authorizer in the following order. +// 1. Client credentials +// 2. Client certificate +// resourceBaseURI - used to determine the resource type +func (settings FileSettings) GetAuthorizer(resourceBaseURI string) (autorest.Authorizer, error) { + if resourceBaseURI == "" { + resourceBaseURI = azure.PublicCloud.ServiceManagementEndpoint + } if a, err := settings.ClientCredentialsAuthorizer(resourceBaseURI); err == nil { return a, err } diff --git a/autorest/azure/auth/auth_test.go b/autorest/azure/auth/auth_test.go index 4f111a8f0..0bc140a5c 100644 --- a/autorest/azure/auth/auth_test.go +++ b/autorest/azure/auth/auth_test.go @@ -268,6 +268,26 @@ func TestFileClientCertificateAuthorizer(t *testing.T) { } } +func TestFileGetAuthorizerClientCert(t *testing.T) { + t.Setenv("AZURE_AUTH_LOCATION", "./testdata/credsutf8.json") + settings, err := GetSettingsFromFile() + if err != nil { + t.Logf("failed to load file settings: %v", err) + t.Fail() + } + // add certificate settings + settings.Values[CertificatePath] = "~/fake/path/cert.pfx" + settings.Values[CertificatePassword] = "fake-password" + auth, err := settings.GetAuthorizer("https://management.azure.com") + if err != nil { + t.Logf("failed to get authorizer: %v", err) + t.Fail() + } + if _, ok := auth.(*autorest.BearerAuthorizer); !ok { + t.Fatalf("unexpected authorizer type %T", auth) + } +} + func TestMultitenantClientCredentials(t *testing.T) { setDefaultEnv() os.Setenv(AuxiliaryTenantIDs, "aux-tenant-1;aux-tenant-2;aux-tenant3")