diff --git a/src/devops/index.ts b/src/devops/index.ts index 689043c..d26e0e0 100644 --- a/src/devops/index.ts +++ b/src/devops/index.ts @@ -13,18 +13,18 @@ export type DevOpsClients = { }; export async function getDevOpsClients(orgUrl: string, tenantId?: string, clientId?: string): Promise { - const credential = await getTokenCredential(tenantId, clientId); + return getTokenCredential(tenantId, clientId) + .then((credential) => credential.getToken(RESOURCE_SCOPE_BY_NAME.devops)) + .then(async (accessToken) => { + if (!accessToken?.token) { + throw new Error("Failed to obtain Azure DevOps API token"); + } - const accessToken = await credential.getToken(RESOURCE_SCOPE_BY_NAME.devops); - if (!accessToken?.token) { - throw new Error("Failed to obtain Azure DevOps API token"); - } - - const authHandler = azdev.getBearerHandler(accessToken.token); - const connection = new azdev.WebApi(orgUrl, authHandler); - - const coreClient = await connection.getCoreApi(); - const gitClient = await connection.getGitApi(); - - return { coreClient, gitClient }; + const connection = new azdev.WebApi(orgUrl, azdev.getBearerHandler(accessToken.token)); + const [coreClient, gitClient] = await Promise.all([ + connection.getCoreApi(), + connection.getGitApi(), + ]); + return { coreClient, gitClient }; + }); } diff --git a/src/graph/auth.ts b/src/graph/auth.ts deleted file mode 100644 index e16c5ae..0000000 --- a/src/graph/auth.ts +++ /dev/null @@ -1,55 +0,0 @@ -// SPDX-License-Identifier: MIT - -import { Client } from "@microsoft/microsoft-graph-client"; -import { getAccessToken } from "../azure/index.ts"; -import { DefaultAzureCredential, getBearerTokenProvider } from "@azure/identity"; - -// export async function getGraphClientUsingMsal( -// tenantId: string, -// clientId: string, -// ): Promise { -// const graphApiToken = await getAccessToken(tenantId, clientId, ["graph"]); - -// return Client.init({ -// authProvider: (done) => { -// done(null, graphApiToken); -// }, -// }); -// } - -type GraphAuthProvider = ( - done: (error: Error | null, accessToken: string | null) => void -) => void; - -export function getMsalAuthProvider( - tenantId: string, - clientId: string, -): GraphAuthProvider { - return (done) => { - void getAccessToken(tenantId, clientId, ["graph"]) - .then((accessToken) => done(null, accessToken)) - .catch((err) => done(err as Error, null)); - }; -} - -export function getAzureIdentityAuthProvider(tenantId?: string, clientId?: string) : GraphAuthProvider { - const credentialOptions = - tenantId && clientId - ? { tenantId, managedIdentityClientId: clientId } - : undefined; - - const credential = credentialOptions - ? new DefaultAzureCredential(credentialOptions) - : new DefaultAzureCredential(); - - const getBearerToken = getBearerTokenProvider( - credential, - "https://graph.microsoft.com/.default", - ); - - return (done: (error: Error | null, accessToken: string | null) => void) => { - void getBearerToken() - .then((token) => done(null, token)) - .catch((err) => done(err as Error, null)); - }; -} diff --git a/src/graph/index.ts b/src/graph/index.ts index 505e89e..fc210e8 100644 --- a/src/graph/index.ts +++ b/src/graph/index.ts @@ -1,27 +1,18 @@ // SPDX-License-Identifier: MIT -export * from "./auth.ts"; export * from "./app.ts"; export * from "./sp.ts"; -import { loadAuthConfig, loadConfig } from "../index.ts"; -import { Client, AuthProvider } from "@microsoft/microsoft-graph-client"; - -import { getMsalAuthProvider, getAzureIdentityAuthProvider } from "./auth.ts"; +import { Client } from "@microsoft/microsoft-graph-client"; +import { RESOURCE_SCOPE_BY_NAME, getTokenCredential } from "../azure/index.ts"; export async function getGraphClient(): Promise { - const config = await loadConfig(); - - let authProvider: AuthProvider; - - if (config.authMode === "azure-identity") { - authProvider = getAzureIdentityAuthProvider(); - } else { - const authConfig = await loadAuthConfig("public-config"); - authProvider = getMsalAuthProvider(authConfig.tenantId, authConfig.clientId); - } - return Client.init({ - authProvider: authProvider, + authProvider: (done) => { + void getTokenCredential() + .then((credential) => credential.getToken(RESOURCE_SCOPE_BY_NAME.graph)) + .then((accessToken) => done(null, accessToken?.token ?? null)) + .catch((err) => done(err as Error, null)); + }, }); }