Update: devops submodule convertion to new simpler auth model.
This commit is contained in:
@@ -13,18 +13,18 @@ export type DevOpsClients = {
|
|||||||
};
|
};
|
||||||
|
|
||||||
export async function getDevOpsClients(orgUrl: string, tenantId?: string, clientId?: string): Promise<DevOpsClients> {
|
export async function getDevOpsClients(orgUrl: string, tenantId?: string, clientId?: string): Promise<DevOpsClients> {
|
||||||
const credential = await getTokenCredential(tenantId, clientId);
|
return getTokenCredential(tenantId, clientId)
|
||||||
|
.then((credential) => credential.getToken(RESOURCE_SCOPE_BY_NAME.devops))
|
||||||
|
.then(async (accessToken) => {
|
||||||
|
if (!accessToken?.token) {
|
||||||
|
throw new Error("Failed to obtain Azure DevOps API token");
|
||||||
|
}
|
||||||
|
|
||||||
const accessToken = await credential.getToken(RESOURCE_SCOPE_BY_NAME.devops);
|
const connection = new azdev.WebApi(orgUrl, azdev.getBearerHandler(accessToken.token));
|
||||||
if (!accessToken?.token) {
|
const [coreClient, gitClient] = await Promise.all([
|
||||||
throw new Error("Failed to obtain Azure DevOps API token");
|
connection.getCoreApi(),
|
||||||
}
|
connection.getGitApi(),
|
||||||
|
]);
|
||||||
const authHandler = azdev.getBearerHandler(accessToken.token);
|
return { coreClient, gitClient };
|
||||||
const connection = new azdev.WebApi(orgUrl, authHandler);
|
});
|
||||||
|
|
||||||
const coreClient = await connection.getCoreApi();
|
|
||||||
const gitClient = await connection.getGitApi();
|
|
||||||
|
|
||||||
return { coreClient, gitClient };
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,55 +0,0 @@
|
|||||||
// SPDX-License-Identifier: MIT
|
|
||||||
|
|
||||||
import { Client } from "@microsoft/microsoft-graph-client";
|
|
||||||
import { getAccessToken } from "../azure/index.ts";
|
|
||||||
import { DefaultAzureCredential, getBearerTokenProvider } from "@azure/identity";
|
|
||||||
|
|
||||||
// export async function getGraphClientUsingMsal(
|
|
||||||
// tenantId: string,
|
|
||||||
// clientId: string,
|
|
||||||
// ): Promise<Client> {
|
|
||||||
// const graphApiToken = await getAccessToken(tenantId, clientId, ["graph"]);
|
|
||||||
|
|
||||||
// return Client.init({
|
|
||||||
// authProvider: (done) => {
|
|
||||||
// done(null, graphApiToken);
|
|
||||||
// },
|
|
||||||
// });
|
|
||||||
// }
|
|
||||||
|
|
||||||
type GraphAuthProvider = (
|
|
||||||
done: (error: Error | null, accessToken: string | null) => void
|
|
||||||
) => void;
|
|
||||||
|
|
||||||
export function getMsalAuthProvider(
|
|
||||||
tenantId: string,
|
|
||||||
clientId: string,
|
|
||||||
): GraphAuthProvider {
|
|
||||||
return (done) => {
|
|
||||||
void getAccessToken(tenantId, clientId, ["graph"])
|
|
||||||
.then((accessToken) => done(null, accessToken))
|
|
||||||
.catch((err) => done(err as Error, null));
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
export function getAzureIdentityAuthProvider(tenantId?: string, clientId?: string) : GraphAuthProvider {
|
|
||||||
const credentialOptions =
|
|
||||||
tenantId && clientId
|
|
||||||
? { tenantId, managedIdentityClientId: clientId }
|
|
||||||
: undefined;
|
|
||||||
|
|
||||||
const credential = credentialOptions
|
|
||||||
? new DefaultAzureCredential(credentialOptions)
|
|
||||||
: new DefaultAzureCredential();
|
|
||||||
|
|
||||||
const getBearerToken = getBearerTokenProvider(
|
|
||||||
credential,
|
|
||||||
"https://graph.microsoft.com/.default",
|
|
||||||
);
|
|
||||||
|
|
||||||
return (done: (error: Error | null, accessToken: string | null) => void) => {
|
|
||||||
void getBearerToken()
|
|
||||||
.then((token) => done(null, token))
|
|
||||||
.catch((err) => done(err as Error, null));
|
|
||||||
};
|
|
||||||
}
|
|
||||||
@@ -1,27 +1,18 @@
|
|||||||
// SPDX-License-Identifier: MIT
|
// SPDX-License-Identifier: MIT
|
||||||
|
|
||||||
export * from "./auth.ts";
|
|
||||||
export * from "./app.ts";
|
export * from "./app.ts";
|
||||||
export * from "./sp.ts";
|
export * from "./sp.ts";
|
||||||
|
|
||||||
import { loadAuthConfig, loadConfig } from "../index.ts";
|
import { Client } from "@microsoft/microsoft-graph-client";
|
||||||
import { Client, AuthProvider } from "@microsoft/microsoft-graph-client";
|
import { RESOURCE_SCOPE_BY_NAME, getTokenCredential } from "../azure/index.ts";
|
||||||
|
|
||||||
import { getMsalAuthProvider, getAzureIdentityAuthProvider } from "./auth.ts";
|
|
||||||
|
|
||||||
export async function getGraphClient(): Promise<Client> {
|
export async function getGraphClient(): Promise<Client> {
|
||||||
const config = await loadConfig();
|
|
||||||
|
|
||||||
let authProvider: AuthProvider;
|
|
||||||
|
|
||||||
if (config.authMode === "azure-identity") {
|
|
||||||
authProvider = getAzureIdentityAuthProvider();
|
|
||||||
} else {
|
|
||||||
const authConfig = await loadAuthConfig("public-config");
|
|
||||||
authProvider = getMsalAuthProvider(authConfig.tenantId, authConfig.clientId);
|
|
||||||
}
|
|
||||||
|
|
||||||
return Client.init({
|
return Client.init({
|
||||||
authProvider: authProvider,
|
authProvider: (done) => {
|
||||||
|
void getTokenCredential()
|
||||||
|
.then((credential) => credential.getToken(RESOURCE_SCOPE_BY_NAME.graph))
|
||||||
|
.then((accessToken) => done(null, accessToken?.token ?? null))
|
||||||
|
.catch((err) => done(err as Error, null));
|
||||||
|
},
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user