Add client secret login and credential handling scripts

2026-02-03 21:50:32 +01:00
parent ed5253b1a1
commit 0cde901ec2
2 changed files with 67 additions and 0 deletions
--- a/bin/client-secret-login.mjs
+++ b/bin/client-secret-login.mjs
@@ -0,0 +1,34 @@
+#!/usr/bin/env node
+
+import { ClientSecretCredential } from "@azure/identity";
+import { config } from "../config.js";
+import { createHash } from "crypto";
+
+// We need to wrap the async code in an IIFE
+// Check, authentication using @azure/identity requires a client secret.
+if (config.clientSecret) {
+  console.log("Client secret is set.");
+  // Create the client
+  const credential = new ClientSecretCredential(
+    config.tenantId,
+    config.clientId,
+    config.clientSecret,
+  );
+
+  const token = await credential.getToken(
+    "https://management.azure.com/.default",
+  );
+  if (token) {
+    console.log("Authentication with client secret successful.");
+    const hash = createHash("sha256").update(token.token).digest("hex");
+    console.log("SHA-256 hash of access token:", hash);
+    console.log("Token expires on:", new Date(token.expiresOnTimestamp).toISOString());
+  } else {
+    console.error("Authentication with client secret failed.");
+    process.exit(1);
+  }
+} else {
+  console.warn(
+    "Warning: No client secret generated. Authentication may fail if the application requires a client secret.",
+  );
+}