diff --git a/go.mod b/go.mod index ad13e24cb..5d5f6a9ac 100644 --- a/go.mod +++ b/go.mod @@ -53,7 +53,7 @@ require ( github.com/grpc-ecosystem/grpc-gateway v1.5.1 // indirect github.com/hashicorp/consul v0.0.0-20171026175957-610f3c86a089 github.com/hashicorp/errwrap v1.0.0 - github.com/hashicorp/go-azure-helpers v0.0.0-20181126135526-ec113df69f49 + github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2 github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de github.com/hashicorp/go-cleanhttp v0.5.0 github.com/hashicorp/go-getter v0.0.0-20180327010114-90bb99a48d86 diff --git a/go.sum b/go.sum index 6dffc05e9..c53c528da 100644 --- a/go.sum +++ b/go.sum @@ -120,8 +120,8 @@ github.com/hashicorp/consul v0.0.0-20171026175957-610f3c86a089/go.mod h1:mFrjN1m github.com/hashicorp/errwrap v0.0.0-20180715044906-d6c0cd880357/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-azure-helpers v0.0.0-20181126135526-ec113df69f49 h1:jkGYE3AQEm95w4n8o/iR59duXnuSjMCf1MCNSwOJxAw= -github.com/hashicorp/go-azure-helpers v0.0.0-20181126135526-ec113df69f49/go.mod h1:Y5ejHZY3jQby82dOASJzyQ2xZw37zs+D5x6AaOC6O5E= +github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2 h1:VBRx+yPYUZaobnn5ANBcOUf4hhWpTHSQgftG4TcDkhI= +github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2/go.mod h1:lu62V//auUow6k0IykxLK2DCNW8qTmpm8KqhYVWattA= github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de h1:XDCSythtg8aWSRSO29uwhgh7b127fWr+m5SemqjSUL8= github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de/go.mod h1:xIwEieBHERyEvaeKF/TcHh1Hu+lxPM+n2vT1+g9I4m4= github.com/hashicorp/go-cleanhttp v0.5.0 h1:wvCrVc9TjDls6+YGAF2hAifE1E5U1+b4tH6KdvN3Gig= diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_parsing.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_parsing.go deleted file mode 100644 index 70ba05a15..000000000 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_parsing.go +++ /dev/null @@ -1,107 +0,0 @@ -package authentication - -import ( - "fmt" - - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/adal" - "github.com/Azure/go-autorest/autorest/azure/cli" - "github.com/hashicorp/go-multierror" -) - -type azureCliParsingAuth struct { - profile *azureCLIProfile -} - -func (a azureCliParsingAuth) build(b Builder) (authMethod, error) { - auth := azureCliParsingAuth{ - profile: &azureCLIProfile{ - clientId: b.ClientID, - environment: b.Environment, - subscriptionId: b.SubscriptionID, - tenantId: b.TenantID, - }, - } - profilePath, err := cli.ProfilePath() - if err != nil { - return nil, fmt.Errorf("Error loading the Profile Path from the Azure CLI: %+v", err) - } - - profile, err := cli.LoadProfile(profilePath) - if err != nil { - return nil, fmt.Errorf("Azure CLI Authorization Profile was not found. Please ensure the Azure CLI is installed and then log-in with `az login`.") - } - - auth.profile.profile = profile - - err = auth.profile.populateFields() - if err != nil { - return nil, err - } - - err = auth.profile.populateClientIdAndAccessToken() - if err != nil { - return nil, fmt.Errorf("Error populating Access Tokens from the Azure CLI: %+v", err) - } - - return auth, nil -} - -func (a azureCliParsingAuth) isApplicable(b Builder) bool { - return b.SupportsAzureCliParsing -} - -func (a azureCliParsingAuth) getAuthorizationToken(oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { - spt, err := adal.NewServicePrincipalTokenFromManualToken(*oauthConfig, a.profile.clientId, endpoint, *a.profile.accessToken) - if err != nil { - return nil, err - } - - err = spt.Refresh() - if err != nil { - return nil, fmt.Errorf("Error refreshing Service Principal Token: %+v", err) - } - - auth := autorest.NewBearerAuthorizer(spt) - return auth, nil -} - -func (a azureCliParsingAuth) name() string { - return "Parsing credentials from the Azure CLI" -} - -func (a azureCliParsingAuth) populateConfig(c *Config) error { - c.ClientID = a.profile.clientId - c.Environment = a.profile.environment - c.SubscriptionID = a.profile.subscriptionId - c.TenantID = a.profile.tenantId - return nil -} - -func (a azureCliParsingAuth) validate() error { - var err *multierror.Error - - errorMessageFmt := "A %s was not found in your Azure CLI Credentials.\n\nPlease login to the Azure CLI again via `az login`" - - if a.profile == nil { - return fmt.Errorf("Azure CLI Profile is nil - this is an internal error and should be reported.") - } - - if a.profile.accessToken == nil { - err = multierror.Append(err, fmt.Errorf(errorMessageFmt, "Access Token")) - } - - if a.profile.clientId == "" { - err = multierror.Append(err, fmt.Errorf(errorMessageFmt, "Client ID")) - } - - if a.profile.subscriptionId == "" { - err = multierror.Append(err, fmt.Errorf(errorMessageFmt, "Subscription ID")) - } - - if a.profile.tenantId == "" { - err = multierror.Append(err, fmt.Errorf(errorMessageFmt, "Tenant ID")) - } - - return err.ErrorOrNil() -} diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_token.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_token.go index 9518cea9f..8f0927527 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_token.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_token.go @@ -40,7 +40,7 @@ func (a azureCliTokenAuth) build(b Builder) (authMethod, error) { err = auth.profile.populateFields() if err != nil { - return nil, err + return nil, fmt.Errorf("Error retrieving the Profile from the Azure CLI: %s Please re-authenticate using `az login`.", err) } err = auth.profile.populateClientId() diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_access_token.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_access_token.go index 4e66dfcef..822fb2d77 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_access_token.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_access_token.go @@ -4,7 +4,6 @@ import ( "fmt" "log" "strings" - "time" "github.com/Azure/go-autorest/autorest/adal" "github.com/Azure/go-autorest/autorest/azure/cli" @@ -15,23 +14,13 @@ type azureCliAccessToken struct { AccessToken *adal.Token } -func findValidAccessTokenForTenant(tokens []cli.Token, tenantId string, allowExpired bool) (*azureCliAccessToken, error) { +func findValidAccessTokenForTenant(tokens []cli.Token, tenantId string) (*azureCliAccessToken, error) { for _, accessToken := range tokens { token, err := accessToken.ToADALToken() if err != nil { return nil, fmt.Errorf("[DEBUG] Error converting access token to token: %+v", err) } - expirationDate, err := cli.ParseExpirationDate(accessToken.ExpiresOn) - if err != nil { - return nil, fmt.Errorf("Error parsing expiration date: %q", accessToken.ExpiresOn) - } - - if expirationDate.UTC().Before(time.Now().UTC()) && !allowExpired { - log.Printf("[DEBUG] Token %q has expired", token.AccessToken) - continue - } - if !strings.Contains(accessToken.Resource, "management") { log.Printf("[DEBUG] Resource %q isn't a management domain", accessToken.Resource) continue diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_profile.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_profile.go index b18d02f7e..39fb30ddd 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_profile.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_profile.go @@ -1,7 +1,6 @@ package authentication import ( - "github.com/Azure/go-autorest/autorest/adal" "github.com/Azure/go-autorest/autorest/azure/cli" ) @@ -12,7 +11,6 @@ type azureCLIProfile struct { environment string subscriptionId string tenantId string - accessToken *adal.Token } func (a *azureCLIProfile) populateFields() error { diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_profile_population.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_profile_population.go index 000875282..9c84fd1f5 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_profile_population.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/azure_cli_profile_population.go @@ -39,7 +39,7 @@ func (a *azureCLIProfile) populateClientId() error { return fmt.Errorf("No Authorization Tokens were found - please ensure the Azure CLI is installed and then log-in with `az login`.") } - validToken, err := findValidAccessTokenForTenant(tokens, a.tenantId, true) + validToken, err := findValidAccessTokenForTenant(tokens, a.tenantId) if err != nil { return fmt.Errorf("No Authorization Tokens were found - please re-authenticate using `az login`.") } @@ -50,30 +50,6 @@ func (a *azureCLIProfile) populateClientId() error { return nil } -func (a *azureCLIProfile) populateClientIdAndAccessToken() error { - // we can now pull out the ClientID and the Access Token to use from the Access Token - tokensPath, err := cli.AccessTokensPath() - if err != nil { - return fmt.Errorf("Error loading the Tokens Path from the Azure CLI: %+v", err) - } - - tokens, err := cli.LoadTokens(tokensPath) - if err != nil { - return fmt.Errorf("No Authorization Tokens were found - please ensure the Azure CLI is installed and then log-in with `az login`.") - } - - validToken, err := findValidAccessTokenForTenant(tokens, a.tenantId, false) - if err != nil { - return fmt.Errorf("No (unexpired) Authorization Tokens were found - please re-authenticate using `az login`.") - } - - token := *validToken - a.accessToken = token.AccessToken - a.clientId = token.ClientID - - return nil -} - func (a *azureCLIProfile) populateEnvironment() error { subscription, err := a.findSubscription(a.subscriptionId) if err != nil { diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/builder.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/builder.go index 5eb023493..e37e8b137 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/builder.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/builder.go @@ -18,9 +18,6 @@ type Builder struct { // only applicable for Azure Stack at this time. CustomResourceManagerEndpoint string - // Azure CLI Parsing - SupportsAzureCliParsing bool - // Azure CLI Tokens Auth SupportsAzureCliToken bool @@ -56,7 +53,6 @@ func (b Builder) Build() (*Config, error) { servicePrincipalClientSecretAuth{}, managedServiceIdentityAuth{}, azureCliTokenAuth{}, - azureCliParsingAuth{}, } for _, method := range supportedAuthenticationMethods { diff --git a/vendor/github.com/hashicorp/go-azure-helpers/storage/sas_token.go b/vendor/github.com/hashicorp/go-azure-helpers/storage/sas_token.go index 94fbd2eca..205baaeee 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/storage/sas_token.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/storage/sas_token.go @@ -14,9 +14,9 @@ const ( connStringAccountNameKey = "AccountName" ) -// ComputeSASToken computes the SAS Token for a Storage Account based on the +// ComputeAccountSASToken computes the SAS Token for a Storage Account based on the // access key & given permissions -func ComputeSASToken(accountName string, +func ComputeAccountSASToken(accountName string, accountKey string, permissions string, services string, @@ -67,8 +67,8 @@ func ComputeSASToken(accountName string, return sasToken, nil } -// ParseStorageAccountConnectionString parses the Connection String for a Storage Account -func ParseStorageAccountConnectionString(connString string) (map[string]string, error) { +// ParseAccountSASConnectionString parses the Connection String for a Storage Account +func ParseAccountSASConnectionString(connString string) (map[string]string, error) { // This connection string was for a real storage account which has been deleted // so its safe to include here for reference to understand the format. // DefaultEndpointsProtocol=https;AccountName=azurermtestsa0;AccountKey=2vJrjEyL4re2nxCEg590wJUUC7PiqqrDHjAN5RU304FNUQieiEwS2bfp83O0v28iSfWjvYhkGmjYQAdd9x+6nw==;EndpointSuffix=core.windows.net @@ -82,10 +82,15 @@ func ParseStorageAccountConnectionString(connString string) (map[string]string, for _, atoken := range tokens { // The individual k-v are separated by an equals sign. kv := strings.SplitN(atoken, "=", 2) + if len(kv) != 2 { + return nil, fmt.Errorf("[ERROR] token `%s` is an invalid key=pair (connection string %s)", atoken, connString) + } + key := kv[0] val := kv[1] + if _, present := validKeys[key]; !present { - return nil, fmt.Errorf("[ERROR] Unknown Key: %s", key) + return nil, fmt.Errorf("[ERROR] Unknown Key `%s` in connection string %s", key, connString) } kvp[key] = val } diff --git a/vendor/modules.txt b/vendor/modules.txt index d2f77591f..836b04dca 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -309,7 +309,7 @@ github.com/hashicorp/consul/lib/freeport github.com/hashicorp/consul/testutil/retry # github.com/hashicorp/errwrap v1.0.0 github.com/hashicorp/errwrap -# github.com/hashicorp/go-azure-helpers v0.0.0-20181126135526-ec113df69f49 +# github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2 github.com/hashicorp/go-azure-helpers/authentication github.com/hashicorp/go-azure-helpers/storage # github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de