azureenv

package

v0.0.0-...-8ec3e8a Latest Latest Go to latest Published: Aug 10, 2022 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/NoobD0gg/gosip-sandbox

README ¶

Azure AD Environment-Based Auth Flow Sample

The sample shows Gosip custom auth with AAD Environment-Based Authorization.

Custom auth implementation

Checkout the code.

Azure App registration

1. Create or use existing app registration

2. Make sure that the app is configured for a specific auth scenario:

Client credentials (might not work with SharePoint but require a Certificate-based auth)
Certificate
Username/Password
Managed identity

Follow instructions: https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread

O365 Admin -> Azure Active Directory
Generate self-signed certificate

# On a Windows machine
$certName = "MyCert"
$password = "MyPassword"

$startDate = (Get-Date).AddDays(-1)
$endDate = (Get-Date).AddYears(5)
$securePass = (ConvertTo-SecureString -String $password -AsPlainText -Force)

.\Create-SelfSignedCertificate.ps1 -CommonName $certName -StartDate $startDate -EndDate $endDate -Password $securePass

or on a Linux or macOS client via openssl:

chmod +x ./Create-SelfSignedCertificate.sh
./Create-SelfSignedCertificate.sh

New App Registration
- Accounts in this organizational directory only
- API Permissions -> SharePoint :: Application :: Sites.FullControl.All -> Grant Admin Consent
- Certificates & Secrets -> Upload .cer file
Use environment variables to provide creds bindings:
- AZURE_TENANT_ID - Directory (tenant) ID in App Registration
- AZURE_CLIENT_ID - Application (client) ID in App Registration
- AZURE_CERTIFICATE_PATH - path to .pfx file
- AZURE_CERTIFICATE_PASSWORD - password used for self-signed certificate

Auth configuration and usage

package main

import (
	"fmt"
	"log"
	"os"

	"github.com/koltyakov/gosip"
	"github.com/koltyakov/gosip/api"
	strategy "github.com/NoobD0gg/gosip-sandbox/strategies/azureenv"
)

func main() {

	// os.Setenv("AZURE_TENANT_ID", "b1bacba7-c38a-414b-8c8b-65df26a15749")
	// os.Setenv("AZURE_CLIENT_ID", "8ca10ce6-c3d5-47c6-b803-0ef3b619f464")
	// os.Setenv("AZURE_CERTIFICATE_PATH", "/path/to/cert.pfx")
	// os.Setenv("AZURE_CERTIFICATE_PASSWORD", "cert-password")

	authCnfg := &strategy.AuthCnfg{
		SiteURL: os.Getenv("SPAUTH_SITEURL"),
	}

	client := &gosip.SPClient{AuthCnfg: authCnfg}
	sp := api.NewSP(client)

	res, err := sp.Web().Select("Title").Get()
	if err != nil {
		log.Fatal(err)
	}

	fmt.Printf("Site title: %s\n", res.Data().Title)

}

Documentation ¶

Overview ¶

Package azureenv implements AAD Environment-Based Auth Flow See more:

Amongst supported platform versions are:

SharePoint Online + Azure

Azure Environment-Based supported strategies:

Client credentials (might not work with SharePoint but require a Certificate-based auth)
Certificate
Username/Password
Managed identity

Index ¶

type AuthCnfg

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuthCnfg ¶

type AuthCnfg struct {
	SiteURL string            `json:"siteUrl"` // SPSite or SPWeb URL, which is the context target for the API calls
	Env     map[string]string `json:"env"`     // AZURE_ environment variables
	// contains filtered or unexported fields
}

AuthCnfg - AAD Environment-Based Auth Flow No creds settings in auth config are required, the configuration is happening through environment variables: https://docs.microsoft.com/en-us/azure/developer/go/azure-sdk-authorization#use-environment-based-authentication

Config sample:

{ "siteUrl": "https://contoso.sharepoint.com/sites/test" }

func (*AuthCnfg) GetAuth ¶

func (c *AuthCnfg) GetAuth() (string, int64, error)

GetAuth authenticates, receives access token

func (*AuthCnfg) GetSiteURL ¶

func (c *AuthCnfg) GetSiteURL() string

GetSiteURL gets SharePoint siteURL

func (*AuthCnfg) GetStrategy ¶

func (c *AuthCnfg) GetStrategy() string

GetStrategy gets auth strategy name

func (*AuthCnfg) ParseConfig ¶

func (c *AuthCnfg) ParseConfig(byteValue []byte) error

ParseConfig parses credentials from a provided JSON byte array content

func (*AuthCnfg) ReadConfig ¶

func (c *AuthCnfg) ReadConfig(privateFile string) error

ReadConfig reads private config with auth options

func (*AuthCnfg) SetAuth ¶

func (c *AuthCnfg) SetAuth(req *http.Request, httpClient *gosip.SPClient) error

SetAuth authenticates request noinspection GoUnusedParameter

func (*AuthCnfg) SetMasterkey ¶

func (c *AuthCnfg) SetMasterkey(masterKey string)

SetMasterkey defines custom masterkey

func (*AuthCnfg) WriteConfig ¶

func (c *AuthCnfg) WriteConfig(privateFile string) error

WriteConfig writes private config with auth options

Source Files ¶

View all Source files

azureenv.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL