vendor: github.com/hashicorp/go-azure-helpers@0.3.2

This commit is contained in:
Radek Simko 2019-02-01 08:40:50 +00:00
parent 70eeec8083
commit b4de23bb3d
No known key found for this signature in database
GPG Key ID: 1F1C84FE689A88D7
10 changed files with 17 additions and 160 deletions

2
go.mod
View File

@ -53,7 +53,7 @@ require (
github.com/grpc-ecosystem/grpc-gateway v1.5.1 // indirect github.com/grpc-ecosystem/grpc-gateway v1.5.1 // indirect
github.com/hashicorp/consul v0.0.0-20171026175957-610f3c86a089 github.com/hashicorp/consul v0.0.0-20171026175957-610f3c86a089
github.com/hashicorp/errwrap v1.0.0 github.com/hashicorp/errwrap v1.0.0
github.com/hashicorp/go-azure-helpers v0.0.0-20181126135526-ec113df69f49 github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2
github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de
github.com/hashicorp/go-cleanhttp v0.5.0 github.com/hashicorp/go-cleanhttp v0.5.0
github.com/hashicorp/go-getter v0.0.0-20180327010114-90bb99a48d86 github.com/hashicorp/go-getter v0.0.0-20180327010114-90bb99a48d86

4
go.sum
View File

@ -120,8 +120,8 @@ github.com/hashicorp/consul v0.0.0-20171026175957-610f3c86a089/go.mod h1:mFrjN1m
github.com/hashicorp/errwrap v0.0.0-20180715044906-d6c0cd880357/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v0.0.0-20180715044906-d6c0cd880357/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/go-azure-helpers v0.0.0-20181126135526-ec113df69f49 h1:jkGYE3AQEm95w4n8o/iR59duXnuSjMCf1MCNSwOJxAw= github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2 h1:VBRx+yPYUZaobnn5ANBcOUf4hhWpTHSQgftG4TcDkhI=
github.com/hashicorp/go-azure-helpers v0.0.0-20181126135526-ec113df69f49/go.mod h1:Y5ejHZY3jQby82dOASJzyQ2xZw37zs+D5x6AaOC6O5E= github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2/go.mod h1:lu62V//auUow6k0IykxLK2DCNW8qTmpm8KqhYVWattA=
github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de h1:XDCSythtg8aWSRSO29uwhgh7b127fWr+m5SemqjSUL8= github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de h1:XDCSythtg8aWSRSO29uwhgh7b127fWr+m5SemqjSUL8=
github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de/go.mod h1:xIwEieBHERyEvaeKF/TcHh1Hu+lxPM+n2vT1+g9I4m4= github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de/go.mod h1:xIwEieBHERyEvaeKF/TcHh1Hu+lxPM+n2vT1+g9I4m4=
github.com/hashicorp/go-cleanhttp v0.5.0 h1:wvCrVc9TjDls6+YGAF2hAifE1E5U1+b4tH6KdvN3Gig= github.com/hashicorp/go-cleanhttp v0.5.0 h1:wvCrVc9TjDls6+YGAF2hAifE1E5U1+b4tH6KdvN3Gig=

View File

@ -1,107 +0,0 @@
package authentication
import (
"fmt"
"github.com/Azure/go-autorest/autorest"
"github.com/Azure/go-autorest/autorest/adal"
"github.com/Azure/go-autorest/autorest/azure/cli"
"github.com/hashicorp/go-multierror"
)
type azureCliParsingAuth struct {
profile *azureCLIProfile
}
func (a azureCliParsingAuth) build(b Builder) (authMethod, error) {
auth := azureCliParsingAuth{
profile: &azureCLIProfile{
clientId: b.ClientID,
environment: b.Environment,
subscriptionId: b.SubscriptionID,
tenantId: b.TenantID,
},
}
profilePath, err := cli.ProfilePath()
if err != nil {
return nil, fmt.Errorf("Error loading the Profile Path from the Azure CLI: %+v", err)
}
profile, err := cli.LoadProfile(profilePath)
if err != nil {
return nil, fmt.Errorf("Azure CLI Authorization Profile was not found. Please ensure the Azure CLI is installed and then log-in with `az login`.")
}
auth.profile.profile = profile
err = auth.profile.populateFields()
if err != nil {
return nil, err
}
err = auth.profile.populateClientIdAndAccessToken()
if err != nil {
return nil, fmt.Errorf("Error populating Access Tokens from the Azure CLI: %+v", err)
}
return auth, nil
}
func (a azureCliParsingAuth) isApplicable(b Builder) bool {
return b.SupportsAzureCliParsing
}
func (a azureCliParsingAuth) getAuthorizationToken(oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) {
spt, err := adal.NewServicePrincipalTokenFromManualToken(*oauthConfig, a.profile.clientId, endpoint, *a.profile.accessToken)
if err != nil {
return nil, err
}
err = spt.Refresh()
if err != nil {
return nil, fmt.Errorf("Error refreshing Service Principal Token: %+v", err)
}
auth := autorest.NewBearerAuthorizer(spt)
return auth, nil
}
func (a azureCliParsingAuth) name() string {
return "Parsing credentials from the Azure CLI"
}
func (a azureCliParsingAuth) populateConfig(c *Config) error {
c.ClientID = a.profile.clientId
c.Environment = a.profile.environment
c.SubscriptionID = a.profile.subscriptionId
c.TenantID = a.profile.tenantId
return nil
}
func (a azureCliParsingAuth) validate() error {
var err *multierror.Error
errorMessageFmt := "A %s was not found in your Azure CLI Credentials.\n\nPlease login to the Azure CLI again via `az login`"
if a.profile == nil {
return fmt.Errorf("Azure CLI Profile is nil - this is an internal error and should be reported.")
}
if a.profile.accessToken == nil {
err = multierror.Append(err, fmt.Errorf(errorMessageFmt, "Access Token"))
}
if a.profile.clientId == "" {
err = multierror.Append(err, fmt.Errorf(errorMessageFmt, "Client ID"))
}
if a.profile.subscriptionId == "" {
err = multierror.Append(err, fmt.Errorf(errorMessageFmt, "Subscription ID"))
}
if a.profile.tenantId == "" {
err = multierror.Append(err, fmt.Errorf(errorMessageFmt, "Tenant ID"))
}
return err.ErrorOrNil()
}

View File

@ -40,7 +40,7 @@ func (a azureCliTokenAuth) build(b Builder) (authMethod, error) {
err = auth.profile.populateFields() err = auth.profile.populateFields()
if err != nil { if err != nil {
return nil, err return nil, fmt.Errorf("Error retrieving the Profile from the Azure CLI: %s Please re-authenticate using `az login`.", err)
} }
err = auth.profile.populateClientId() err = auth.profile.populateClientId()

View File

@ -4,7 +4,6 @@ import (
"fmt" "fmt"
"log" "log"
"strings" "strings"
"time"
"github.com/Azure/go-autorest/autorest/adal" "github.com/Azure/go-autorest/autorest/adal"
"github.com/Azure/go-autorest/autorest/azure/cli" "github.com/Azure/go-autorest/autorest/azure/cli"
@ -15,23 +14,13 @@ type azureCliAccessToken struct {
AccessToken *adal.Token AccessToken *adal.Token
} }
func findValidAccessTokenForTenant(tokens []cli.Token, tenantId string, allowExpired bool) (*azureCliAccessToken, error) { func findValidAccessTokenForTenant(tokens []cli.Token, tenantId string) (*azureCliAccessToken, error) {
for _, accessToken := range tokens { for _, accessToken := range tokens {
token, err := accessToken.ToADALToken() token, err := accessToken.ToADALToken()
if err != nil { if err != nil {
return nil, fmt.Errorf("[DEBUG] Error converting access token to token: %+v", err) return nil, fmt.Errorf("[DEBUG] Error converting access token to token: %+v", err)
} }
expirationDate, err := cli.ParseExpirationDate(accessToken.ExpiresOn)
if err != nil {
return nil, fmt.Errorf("Error parsing expiration date: %q", accessToken.ExpiresOn)
}
if expirationDate.UTC().Before(time.Now().UTC()) && !allowExpired {
log.Printf("[DEBUG] Token %q has expired", token.AccessToken)
continue
}
if !strings.Contains(accessToken.Resource, "management") { if !strings.Contains(accessToken.Resource, "management") {
log.Printf("[DEBUG] Resource %q isn't a management domain", accessToken.Resource) log.Printf("[DEBUG] Resource %q isn't a management domain", accessToken.Resource)
continue continue

View File

@ -1,7 +1,6 @@
package authentication package authentication
import ( import (
"github.com/Azure/go-autorest/autorest/adal"
"github.com/Azure/go-autorest/autorest/azure/cli" "github.com/Azure/go-autorest/autorest/azure/cli"
) )
@ -12,7 +11,6 @@ type azureCLIProfile struct {
environment string environment string
subscriptionId string subscriptionId string
tenantId string tenantId string
accessToken *adal.Token
} }
func (a *azureCLIProfile) populateFields() error { func (a *azureCLIProfile) populateFields() error {

View File

@ -39,7 +39,7 @@ func (a *azureCLIProfile) populateClientId() error {
return fmt.Errorf("No Authorization Tokens were found - please ensure the Azure CLI is installed and then log-in with `az login`.") return fmt.Errorf("No Authorization Tokens were found - please ensure the Azure CLI is installed and then log-in with `az login`.")
} }
validToken, err := findValidAccessTokenForTenant(tokens, a.tenantId, true) validToken, err := findValidAccessTokenForTenant(tokens, a.tenantId)
if err != nil { if err != nil {
return fmt.Errorf("No Authorization Tokens were found - please re-authenticate using `az login`.") return fmt.Errorf("No Authorization Tokens were found - please re-authenticate using `az login`.")
} }
@ -50,30 +50,6 @@ func (a *azureCLIProfile) populateClientId() error {
return nil return nil
} }
func (a *azureCLIProfile) populateClientIdAndAccessToken() error {
// we can now pull out the ClientID and the Access Token to use from the Access Token
tokensPath, err := cli.AccessTokensPath()
if err != nil {
return fmt.Errorf("Error loading the Tokens Path from the Azure CLI: %+v", err)
}
tokens, err := cli.LoadTokens(tokensPath)
if err != nil {
return fmt.Errorf("No Authorization Tokens were found - please ensure the Azure CLI is installed and then log-in with `az login`.")
}
validToken, err := findValidAccessTokenForTenant(tokens, a.tenantId, false)
if err != nil {
return fmt.Errorf("No (unexpired) Authorization Tokens were found - please re-authenticate using `az login`.")
}
token := *validToken
a.accessToken = token.AccessToken
a.clientId = token.ClientID
return nil
}
func (a *azureCLIProfile) populateEnvironment() error { func (a *azureCLIProfile) populateEnvironment() error {
subscription, err := a.findSubscription(a.subscriptionId) subscription, err := a.findSubscription(a.subscriptionId)
if err != nil { if err != nil {

View File

@ -18,9 +18,6 @@ type Builder struct {
// only applicable for Azure Stack at this time. // only applicable for Azure Stack at this time.
CustomResourceManagerEndpoint string CustomResourceManagerEndpoint string
// Azure CLI Parsing
SupportsAzureCliParsing bool
// Azure CLI Tokens Auth // Azure CLI Tokens Auth
SupportsAzureCliToken bool SupportsAzureCliToken bool
@ -56,7 +53,6 @@ func (b Builder) Build() (*Config, error) {
servicePrincipalClientSecretAuth{}, servicePrincipalClientSecretAuth{},
managedServiceIdentityAuth{}, managedServiceIdentityAuth{},
azureCliTokenAuth{}, azureCliTokenAuth{},
azureCliParsingAuth{},
} }
for _, method := range supportedAuthenticationMethods { for _, method := range supportedAuthenticationMethods {

View File

@ -14,9 +14,9 @@ const (
connStringAccountNameKey = "AccountName" connStringAccountNameKey = "AccountName"
) )
// ComputeSASToken computes the SAS Token for a Storage Account based on the // ComputeAccountSASToken computes the SAS Token for a Storage Account based on the
// access key & given permissions // access key & given permissions
func ComputeSASToken(accountName string, func ComputeAccountSASToken(accountName string,
accountKey string, accountKey string,
permissions string, permissions string,
services string, services string,
@ -67,8 +67,8 @@ func ComputeSASToken(accountName string,
return sasToken, nil return sasToken, nil
} }
// ParseStorageAccountConnectionString parses the Connection String for a Storage Account // ParseAccountSASConnectionString parses the Connection String for a Storage Account
func ParseStorageAccountConnectionString(connString string) (map[string]string, error) { func ParseAccountSASConnectionString(connString string) (map[string]string, error) {
// This connection string was for a real storage account which has been deleted // This connection string was for a real storage account which has been deleted
// so its safe to include here for reference to understand the format. // so its safe to include here for reference to understand the format.
// DefaultEndpointsProtocol=https;AccountName=azurermtestsa0;AccountKey=2vJrjEyL4re2nxCEg590wJUUC7PiqqrDHjAN5RU304FNUQieiEwS2bfp83O0v28iSfWjvYhkGmjYQAdd9x+6nw==;EndpointSuffix=core.windows.net // DefaultEndpointsProtocol=https;AccountName=azurermtestsa0;AccountKey=2vJrjEyL4re2nxCEg590wJUUC7PiqqrDHjAN5RU304FNUQieiEwS2bfp83O0v28iSfWjvYhkGmjYQAdd9x+6nw==;EndpointSuffix=core.windows.net
@ -82,10 +82,15 @@ func ParseStorageAccountConnectionString(connString string) (map[string]string,
for _, atoken := range tokens { for _, atoken := range tokens {
// The individual k-v are separated by an equals sign. // The individual k-v are separated by an equals sign.
kv := strings.SplitN(atoken, "=", 2) kv := strings.SplitN(atoken, "=", 2)
if len(kv) != 2 {
return nil, fmt.Errorf("[ERROR] token `%s` is an invalid key=pair (connection string %s)", atoken, connString)
}
key := kv[0] key := kv[0]
val := kv[1] val := kv[1]
if _, present := validKeys[key]; !present { if _, present := validKeys[key]; !present {
return nil, fmt.Errorf("[ERROR] Unknown Key: %s", key) return nil, fmt.Errorf("[ERROR] Unknown Key `%s` in connection string %s", key, connString)
} }
kvp[key] = val kvp[key] = val
} }

2
vendor/modules.txt vendored
View File

@ -309,7 +309,7 @@ github.com/hashicorp/consul/lib/freeport
github.com/hashicorp/consul/testutil/retry github.com/hashicorp/consul/testutil/retry
# github.com/hashicorp/errwrap v1.0.0 # github.com/hashicorp/errwrap v1.0.0
github.com/hashicorp/errwrap github.com/hashicorp/errwrap
# github.com/hashicorp/go-azure-helpers v0.0.0-20181126135526-ec113df69f49 # github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2
github.com/hashicorp/go-azure-helpers/authentication github.com/hashicorp/go-azure-helpers/authentication
github.com/hashicorp/go-azure-helpers/storage github.com/hashicorp/go-azure-helpers/storage
# github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de # github.com/hashicorp/go-checkpoint v0.0.0-20171009173528-1545e56e46de