Skip to main content

Azure + GoLang SDK : Authenticating Part-2


The auth package lives at "github.com/Azure/go-autorest/autorest/azure/auth"
In the above package, at the moment I have explored below two functions (my notes):


This function definition looks like below :





Looks pretty simple, to begin with. The definition tells us that another function called getAuthenticationSettings() is fetching some authentication settings and returns a struct of type settings then at the end return settings.getAuthorizer() is called.

 I use VSCode (with Go extensions) and I can go to each method and press F12 key to go to the function definition for it. It reveals the below definition in the same auth.go file for the first function called.
Now the above function is straight forward as it tries to read the environment variable using  os.Getenv() method and construct the structure and returns it.

 Once we have the struct returned, there is a method attached to it which looks like below:
This one is interesting as it tells the order in which the environment variables are given preference e.g.

  1. Client Credentials - Specify the env vars:
    1.  AZURE_CLIENT_ID
    2. AZURE_CLIENT_SECRET
    3. AZURE_TENANT_ID
  2. Client Certificate - Specify the env vars:
    1. AZURE_CERTIFICATE_PATH
    2. AZURE_CERTIFICATE_PASSWORD
    3. AZURE_TENANT_ID
  3. Username Password - Specify the env vars:
    1. AZURE_USERNAME
    2. AZURE_PASSWORD
    3. AZURE_CLIENT_ID
    4. AZURE_TENANT_ID
  4. MSI - specify the env vars:
    1. AZURE_AD_RESOURCE
    2. AZURE_CLIENT_ID
So, in order to use this method, you can choose any of the above ways of authenticating but you have to populate these env vars beforehand.

Also, auth.go file has a bunch of more functions that can be used for authenticating as well.

Labels:

Popular posts from this blog

Test connectivity via a specific network interface

Recently while working on a Private cloud implementation, I came across a scenario where I needed to test connectivity of a node to the AD/DNS via multiple network adapters.  Many of us would know that having multiple network routes is usually done to take care of redundancy. So that if a network adapter goes down, one can use the other network interface to reach out to the node. In order to make it easy for everyone to follow along, below is an analogy for the above scenario: My laptop has multiple network adapters (say Wi-Fi and Ethernet) connected to the same network. Now how do I test connectivity to a Server on the network only over say Wi-Fi network adapter?
Get-FullPost »

PowerShell + SCCM : Run CM cmdlets remotely

Today I saw a tweet about using implicit remoting to load the Configuration Manager on my machine by Justin Mathews . It caught my eye as I have never really tried it, but theoretically it can be done. Note - The second tweet says "Cannot find a provider with the name CMSite", resolution to which is in the Troubleshooting section at the end.
Get-FullPost »

Azure DevOps Tips & Tricks - Find private REST APIs

Original source -  Azure DevOps Tip - Find private APIs Often working with Azure DevOps, I hit a wall trying to automate some tasks but there are no REST API's made public yet. It was one of those task of automating creation of Environments in multi-stage YAML based pipelines in AzDO. Quick research reveals that this has been requested in uservoice  (please upvote). Let's see one of the very simple ways to discover some of these APIs.
Get-FullPost »