Update: devops submodule convertion to new simpler auth model.
This commit is contained in:
@@ -13,18 +13,18 @@ export type DevOpsClients = {
|
||||
};
|
||||
|
||||
export async function getDevOpsClients(orgUrl: string, tenantId?: string, clientId?: string): Promise<DevOpsClients> {
|
||||
const credential = await getTokenCredential(tenantId, clientId);
|
||||
return getTokenCredential(tenantId, clientId)
|
||||
.then((credential) => credential.getToken(RESOURCE_SCOPE_BY_NAME.devops))
|
||||
.then(async (accessToken) => {
|
||||
if (!accessToken?.token) {
|
||||
throw new Error("Failed to obtain Azure DevOps API token");
|
||||
}
|
||||
|
||||
const accessToken = await credential.getToken(RESOURCE_SCOPE_BY_NAME.devops);
|
||||
if (!accessToken?.token) {
|
||||
throw new Error("Failed to obtain Azure DevOps API token");
|
||||
}
|
||||
|
||||
const authHandler = azdev.getBearerHandler(accessToken.token);
|
||||
const connection = new azdev.WebApi(orgUrl, authHandler);
|
||||
|
||||
const coreClient = await connection.getCoreApi();
|
||||
const gitClient = await connection.getGitApi();
|
||||
|
||||
return { coreClient, gitClient };
|
||||
const connection = new azdev.WebApi(orgUrl, azdev.getBearerHandler(accessToken.token));
|
||||
const [coreClient, gitClient] = await Promise.all([
|
||||
connection.getCoreApi(),
|
||||
connection.getGitApi(),
|
||||
]);
|
||||
return { coreClient, gitClient };
|
||||
});
|
||||
}
|
||||
|
||||
@@ -1,55 +0,0 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
import { Client } from "@microsoft/microsoft-graph-client";
|
||||
import { getAccessToken } from "../azure/index.ts";
|
||||
import { DefaultAzureCredential, getBearerTokenProvider } from "@azure/identity";
|
||||
|
||||
// export async function getGraphClientUsingMsal(
|
||||
// tenantId: string,
|
||||
// clientId: string,
|
||||
// ): Promise<Client> {
|
||||
// const graphApiToken = await getAccessToken(tenantId, clientId, ["graph"]);
|
||||
|
||||
// return Client.init({
|
||||
// authProvider: (done) => {
|
||||
// done(null, graphApiToken);
|
||||
// },
|
||||
// });
|
||||
// }
|
||||
|
||||
type GraphAuthProvider = (
|
||||
done: (error: Error | null, accessToken: string | null) => void
|
||||
) => void;
|
||||
|
||||
export function getMsalAuthProvider(
|
||||
tenantId: string,
|
||||
clientId: string,
|
||||
): GraphAuthProvider {
|
||||
return (done) => {
|
||||
void getAccessToken(tenantId, clientId, ["graph"])
|
||||
.then((accessToken) => done(null, accessToken))
|
||||
.catch((err) => done(err as Error, null));
|
||||
};
|
||||
}
|
||||
|
||||
export function getAzureIdentityAuthProvider(tenantId?: string, clientId?: string) : GraphAuthProvider {
|
||||
const credentialOptions =
|
||||
tenantId && clientId
|
||||
? { tenantId, managedIdentityClientId: clientId }
|
||||
: undefined;
|
||||
|
||||
const credential = credentialOptions
|
||||
? new DefaultAzureCredential(credentialOptions)
|
||||
: new DefaultAzureCredential();
|
||||
|
||||
const getBearerToken = getBearerTokenProvider(
|
||||
credential,
|
||||
"https://graph.microsoft.com/.default",
|
||||
);
|
||||
|
||||
return (done: (error: Error | null, accessToken: string | null) => void) => {
|
||||
void getBearerToken()
|
||||
.then((token) => done(null, token))
|
||||
.catch((err) => done(err as Error, null));
|
||||
};
|
||||
}
|
||||
@@ -1,27 +1,18 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
export * from "./auth.ts";
|
||||
export * from "./app.ts";
|
||||
export * from "./sp.ts";
|
||||
|
||||
import { loadAuthConfig, loadConfig } from "../index.ts";
|
||||
import { Client, AuthProvider } from "@microsoft/microsoft-graph-client";
|
||||
|
||||
import { getMsalAuthProvider, getAzureIdentityAuthProvider } from "./auth.ts";
|
||||
import { Client } from "@microsoft/microsoft-graph-client";
|
||||
import { RESOURCE_SCOPE_BY_NAME, getTokenCredential } from "../azure/index.ts";
|
||||
|
||||
export async function getGraphClient(): Promise<Client> {
|
||||
const config = await loadConfig();
|
||||
|
||||
let authProvider: AuthProvider;
|
||||
|
||||
if (config.authMode === "azure-identity") {
|
||||
authProvider = getAzureIdentityAuthProvider();
|
||||
} else {
|
||||
const authConfig = await loadAuthConfig("public-config");
|
||||
authProvider = getMsalAuthProvider(authConfig.tenantId, authConfig.clientId);
|
||||
}
|
||||
|
||||
return Client.init({
|
||||
authProvider: authProvider,
|
||||
authProvider: (done) => {
|
||||
void getTokenCredential()
|
||||
.then((credential) => credential.getToken(RESOURCE_SCOPE_BY_NAME.graph))
|
||||
.then((accessToken) => done(null, accessToken?.token ?? null))
|
||||
.catch((err) => done(err as Error, null));
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user