29 lines
922 B
Python
29 lines
922 B
Python
"""
|
|
Minimal Authentication package for Azure.
|
|
|
|
Uses client credentials - a secret or a certificate.
|
|
"""
|
|
|
|
import os
|
|
import requests
|
|
|
|
def secret_credentials_auth(
|
|
scope: str = "https://app.vssps.visualstudio.com/.default",
|
|
tenant_id: str = os.environ.get("AZURE_TENANT_ID", ""),
|
|
client_id: str = os.environ.get("AZURE_CLIENT_ID", ""),
|
|
client_secret: str = os.environ.get("AZURE_CLIENT_SECRET")
|
|
) -> str:
|
|
"""
|
|
Authenticate using client credentials. Pass credentials via environment variables,
|
|
or directly as function parameters.
|
|
"""
|
|
token_url = f"https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token"
|
|
r = requests.get(token_url, data={
|
|
"grant_type": "client_credentials",
|
|
"client_id": client_id,
|
|
"client_secret": client_secret,
|
|
"scope": scope
|
|
})
|
|
r.raise_for_status()
|
|
return r.json().get("access_token", "")
|