/
azuread.go
32 lines (26 loc) · 932 Bytes
/
azuread.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
package authentication
import (
"context"
"strings"
"github.com/lestrrat-go/jwx/jwk"
)
const (
// JWKS for Azure AD
// Source: https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
AzureAdJwksUri = "https://login.microsoftonline.com/common/discovery/v2.0/keys"
azureAdTenantIdToken = "{tenantId}"
AzureAdV2IssuerFormat = "https://login.microsoftonline.com/" + azureAdTenantIdToken + "/v2.0/"
AzureAdV1IssuerFormat = "https://sts.windows.net/" + azureAdTenantIdToken + "/"
)
// fetchs the Azure AD key set
func FetchAzureADKeySet(ctx context.Context) (jwk.Set, error) {
keySet, err := jwk.Fetch(ctx, AzureAdJwksUri)
return keySet, err
}
func GetAzureAdIssuers(tenantId string) []string {
issuers := []string {
strings.Replace(AzureAdV2IssuerFormat, azureAdTenantIdToken, tenantId, 1),
strings.Replace(AzureAdV1IssuerFormat, azureAdTenantIdToken, tenantId, 1),
}
return issuers
}