View Source
const (

	// JujuApplicationObjectId is the ObjectId of the Azure application.
	JujuApplicationObjectId = "8b744cea-179d-4a73-9dff-20d52126030a"


This section is empty.


func AuthorizationURITenantID

func AuthorizationURITenantID(url *url.URL) (string, error)

AuthorizationURITenantID returns the tenant ID portion of the given URL, which is expected to have come from DiscoverAuthorizationURI.

func DiscoverAuthorizationURI

func DiscoverAuthorizationURI(sdkCtx context.Context, client subscriptions.Client, subscriptionID string) (*url.URL, error)

DiscoverAuthorizationID returns the OAuth authorization URI for the given subscription ID. This can be used to determine the AD tenant ID.

func OAuthConfig

func OAuthConfig(
	sdkCtx context.Context,
	client subscriptions.Client,
	subscriptionId string,
) (*adal.OAuthConfig, string, error)

OAuthConfig returns an azure.OAuthConfig based on the given resource manager endpoint and subscription ID. This will make a request to the resource manager API to discover the Active Directory tenant ID.

func ResourceManagerResourceId

func ResourceManagerResourceId(coreEndpointURI string) (string, error)

ResourceManagerResourceId returns the resource ID for the Azure Resource Manager application to use in auth requests, based on the given core endpoint URI (e.g.

The core endpoint URI is the same as given in "storage-endpoint" in Azure cloud definitions, which serves as the suffix for blob storage URLs.

func TokenResource

func TokenResource(uri string) string

TokenResource returns a resource value suitable for auth tokens, based on an endpoint URI.


type ServicePrincipalCreator

type ServicePrincipalCreator struct {
	Sender           autorest.Sender
	RequestInspector autorest.PrepareDecorator
	Clock            clock.Clock
	NewUUID          func() (utils.UUID, error)

func (*ServicePrincipalCreator) Create

func (c *ServicePrincipalCreator) Create(sdkCtx context.Context, params ServicePrincipalParams) (appid, password string, _ error)

Create creates a new service principal using the values specified in params.

func (*ServicePrincipalCreator) InteractiveCreate

func (c *ServicePrincipalCreator) InteractiveCreate(sdkCtx context.Context, stderr io.Writer, params ServicePrincipalParams) (appid, password string, _ error)

InteractiveCreate creates a new ServicePrincipal by performing device code authentication with Azure AD and creating the service principal using the credentials that are obtained. Only GraphEndpoint, GraphResourceId, ResourceManagerEndpoint, ResourceManagerResourceId and SubscriptionId need to be specified in params, the other values will be derived.

type ServicePrincipalParams

type ServicePrincipalParams struct {
	// GraphEndpoint of the Azure graph API.
	GraphEndpoint string

	// GraphResourceId is the resource ID of the graph API that is
	// used when acquiring access tokens.
	GraphResourceId string

	// GraphAuthorizer is the authorization needed to contact the
	// Azure graph API.
	GraphAuthorizer autorest.Authorizer

	// ResourceManagerEndpoint is the endpoint of the azure resource
	// manager API.
	ResourceManagerEndpoint string

	// ResourceManagerResourceId is the resource ID of the resource manager  API that is
	// used when acquiring access tokens.
	ResourceManagerResourceId string

	// ResourceManagerAuthorizer is the authorization needed to
	// contact the Azure resource manager API.
	ResourceManagerAuthorizer autorest.Authorizer

	// SubscriptionId is the subscription ID of the account creating
	// the service principal.
	SubscriptionId string

	// TenantId is the tenant that the account creating the service
	// principal belongs to.
	TenantId string