azure: Azure/go-autorest v8.0.0
This commit is contained in:
parent
74ee9a8eab
commit
054a75de26
|
@ -0,0 +1,253 @@
|
||||||
|
# Azure Active Directory library for Go
|
||||||
|
|
||||||
|
This project provides a stand alone Azure Active Directory library for Go. The code was extracted
|
||||||
|
from [go-autorest](https://github.com/Azure/go-autorest/) project, which is used as a base for
|
||||||
|
[azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go).
|
||||||
|
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
```
|
||||||
|
go get -u github.com/Azure/go-autorest/autorest/adal
|
||||||
|
```
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
An Active Directory application is required in order to use this library. An application can be registered in the [Azure Portal](https://portal.azure.com/) follow these [guidelines](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applications) or using the [Azure CLI](https://github.com/Azure/azure-cli).
|
||||||
|
|
||||||
|
### Register an Azure AD Application with secret
|
||||||
|
|
||||||
|
|
||||||
|
1. Register a new application with a `secret` credential
|
||||||
|
|
||||||
|
```
|
||||||
|
az ad app create \
|
||||||
|
--display-name example-app \
|
||||||
|
--homepage https://example-app/home \
|
||||||
|
--identifier-uris https://example-app/app \
|
||||||
|
--password secret
|
||||||
|
```
|
||||||
|
|
||||||
|
2. Create a service principal using the `Application ID` from previous step
|
||||||
|
|
||||||
|
```
|
||||||
|
az ad sp create --id "Application ID"
|
||||||
|
```
|
||||||
|
|
||||||
|
* Replace `Application ID` with `appId` from step 1.
|
||||||
|
|
||||||
|
### Register an Azure AD Application with certificate
|
||||||
|
|
||||||
|
1. Create a private key
|
||||||
|
|
||||||
|
```
|
||||||
|
openssl genrsa -out "example-app.key" 2048
|
||||||
|
```
|
||||||
|
|
||||||
|
2. Create the certificate
|
||||||
|
|
||||||
|
```
|
||||||
|
openssl req -new -key "example-app.key" -subj "/CN=example-app" -out "example-app.csr"
|
||||||
|
openssl x509 -req -in "example-app.csr" -signkey "example-app.key" -out "example-app.crt" -days 10000
|
||||||
|
```
|
||||||
|
|
||||||
|
3. Create the PKCS12 version of the certificate containing also the private key
|
||||||
|
|
||||||
|
```
|
||||||
|
openssl pkcs12 -export -out "example-app.pfx" -inkey "example-app.key" -in "example-app.crt" -passout pass:
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
4. Register a new application with the certificate content form `example-app.crt`
|
||||||
|
|
||||||
|
```
|
||||||
|
certificateContents="$(tail -n+2 "example-app.crt" | head -n-1)"
|
||||||
|
|
||||||
|
az ad app create \
|
||||||
|
--display-name example-app \
|
||||||
|
--homepage https://example-app/home \
|
||||||
|
--identifier-uris https://example-app/app \
|
||||||
|
--key-usage Verify --end-date 2018-01-01 \
|
||||||
|
--key-value "${certificateContents}"
|
||||||
|
```
|
||||||
|
|
||||||
|
5. Create a service principal using the `Application ID` from previous step
|
||||||
|
|
||||||
|
```
|
||||||
|
az ad sp create --id "APPLICATION_ID"
|
||||||
|
```
|
||||||
|
|
||||||
|
* Replace `APPLICATION_ID` with `appId` from step 4.
|
||||||
|
|
||||||
|
|
||||||
|
### Grant the necessary permissions
|
||||||
|
|
||||||
|
Azure relies on a Role-Based Access Control (RBAC) model to manage the access to resources at a fine-grained
|
||||||
|
level. There is a set of [pre-defined roles](https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-built-in-roles)
|
||||||
|
which can be assigned to a service principal of an Azure AD application depending of your needs.
|
||||||
|
|
||||||
|
```
|
||||||
|
az role assignment create --assigner "SERVICE_PRINCIPAL_ID" --role "ROLE_NAME"
|
||||||
|
```
|
||||||
|
|
||||||
|
* Replace the `SERVICE_PRINCIPAL_ID` with the `appId` from previous step.
|
||||||
|
* Replace the `ROLE_NAME` with a role name of your choice.
|
||||||
|
|
||||||
|
It is also possible to define custom role definitions.
|
||||||
|
|
||||||
|
```
|
||||||
|
az role definition create --role-definition role-definition.json
|
||||||
|
```
|
||||||
|
|
||||||
|
* Check [custom roles](https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-control-custom-roles) for more details regarding the content of `role-definition.json` file.
|
||||||
|
|
||||||
|
|
||||||
|
### Acquire Access Token
|
||||||
|
|
||||||
|
The common configuration used by all flows:
|
||||||
|
|
||||||
|
```Go
|
||||||
|
const activeDirectoryEndpoint = "https://login.microsoftonline.com/"
|
||||||
|
tenantID := "TENANT_ID"
|
||||||
|
oauthConfig, err := adal.NewOAuthConfig(activeDirectoryEndpoint, tenantID)
|
||||||
|
|
||||||
|
applicationID := "APPLICATION_ID"
|
||||||
|
|
||||||
|
callback := func(token adal.Token) error {
|
||||||
|
// This is called after the token is acquired
|
||||||
|
}
|
||||||
|
|
||||||
|
// The resource for which the token is acquired
|
||||||
|
resource := "https://management.core.windows.net/"
|
||||||
|
```
|
||||||
|
|
||||||
|
* Replace the `TENANT_ID` with your tenant ID.
|
||||||
|
* Replace the `APPLICATION_ID` with the value from previous section.
|
||||||
|
|
||||||
|
#### Client Credentials
|
||||||
|
|
||||||
|
```Go
|
||||||
|
applicationSecret := "APPLICATION_SECRET"
|
||||||
|
|
||||||
|
spt, err := adal.NewServicePrincipalToken(
|
||||||
|
oauthConfig,
|
||||||
|
appliationID,
|
||||||
|
applicationSecret,
|
||||||
|
resource,
|
||||||
|
callbacks...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Acquire a new access token
|
||||||
|
err = spt.Refresh()
|
||||||
|
if (err == nil) {
|
||||||
|
token := spt.Token
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
* Replace the `APPLICATION_SECRET` with the `password` value from previous section.
|
||||||
|
|
||||||
|
#### Client Certificate
|
||||||
|
|
||||||
|
```Go
|
||||||
|
certificatePath := "./example-app.pfx"
|
||||||
|
|
||||||
|
certData, err := ioutil.ReadFile(certificatePath)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("failed to read the certificate file (%s): %v", certificatePath, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the certificate and private key from pfx file
|
||||||
|
certificate, rsaPrivateKey, err := decodePkcs12(certData, "")
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("failed to decode pkcs12 certificate while creating spt: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
spt, err := adal.NewServicePrincipalTokenFromCertificate(
|
||||||
|
oauthConfig,
|
||||||
|
applicationID,
|
||||||
|
certificate,
|
||||||
|
rsaPrivateKey,
|
||||||
|
resource,
|
||||||
|
callbacks...)
|
||||||
|
|
||||||
|
// Acquire a new access token
|
||||||
|
err = spt.Refresh()
|
||||||
|
if (err == nil) {
|
||||||
|
token := spt.Token
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
* Update the certificate path to point to the example-app.pfx file which was created in previous section.
|
||||||
|
|
||||||
|
|
||||||
|
#### Device Code
|
||||||
|
|
||||||
|
```Go
|
||||||
|
oauthClient := &http.Client{}
|
||||||
|
|
||||||
|
// Acquire the device code
|
||||||
|
deviceCode, err := adal.InitiateDeviceAuth(
|
||||||
|
oauthClient,
|
||||||
|
oauthConfig,
|
||||||
|
applicationID,
|
||||||
|
resource)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("Failed to start device auth flow: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Display the authentication message
|
||||||
|
fmt.Println(*deviceCode.Message)
|
||||||
|
|
||||||
|
// Wait here until the user is authenticated
|
||||||
|
token, err := adal.WaitForUserCompletion(oauthClient, deviceCode)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("Failed to finish device auth flow: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
spt, err := adal.NewServicePrincipalTokenFromManualToken(
|
||||||
|
oauthConfig,
|
||||||
|
applicationID,
|
||||||
|
resource,
|
||||||
|
*token,
|
||||||
|
callbacks...)
|
||||||
|
|
||||||
|
if (err == nil) {
|
||||||
|
token := spt.Token
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
### Command Line Tool
|
||||||
|
|
||||||
|
A command line tool is available in `cmd/adal.go` that can acquire a token for a given resource. It supports all flows mentioned above.
|
||||||
|
|
||||||
|
```
|
||||||
|
adal -h
|
||||||
|
|
||||||
|
Usage of ./adal:
|
||||||
|
-applicationId string
|
||||||
|
application id
|
||||||
|
-certificatePath string
|
||||||
|
path to pk12/PFC application certificate
|
||||||
|
-mode string
|
||||||
|
authentication mode (device, secret, cert, refresh) (default "device")
|
||||||
|
-resource string
|
||||||
|
resource for which the token is requested
|
||||||
|
-secret string
|
||||||
|
application secret
|
||||||
|
-tenantId string
|
||||||
|
tenant id
|
||||||
|
-tokenCachePath string
|
||||||
|
location of oath token cache (default "/home/cgc/.adal/accessToken.json")
|
||||||
|
```
|
||||||
|
|
||||||
|
Example acquire a token for `https://management.core.windows.net/` using device code flow:
|
||||||
|
|
||||||
|
```
|
||||||
|
adal -mode device \
|
||||||
|
-applicationId "APPLICATION_ID" \
|
||||||
|
-tenantId "TENANT_ID" \
|
||||||
|
-resource https://management.core.windows.net/
|
||||||
|
|
||||||
|
```
|
|
@ -0,0 +1,51 @@
|
||||||
|
package adal
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net/url"
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
activeDirectoryAPIVersion = "1.0"
|
||||||
|
)
|
||||||
|
|
||||||
|
// OAuthConfig represents the endpoints needed
|
||||||
|
// in OAuth operations
|
||||||
|
type OAuthConfig struct {
|
||||||
|
AuthorityEndpoint url.URL
|
||||||
|
AuthorizeEndpoint url.URL
|
||||||
|
TokenEndpoint url.URL
|
||||||
|
DeviceCodeEndpoint url.URL
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewOAuthConfig returns an OAuthConfig with tenant specific urls
|
||||||
|
func NewOAuthConfig(activeDirectoryEndpoint, tenantID string) (*OAuthConfig, error) {
|
||||||
|
const activeDirectoryEndpointTemplate = "%s/oauth2/%s?api-version=%s"
|
||||||
|
u, err := url.Parse(activeDirectoryEndpoint)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
authorityURL, err := u.Parse(tenantID)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
authorizeURL, err := u.Parse(fmt.Sprintf(activeDirectoryEndpointTemplate, tenantID, "authorize", activeDirectoryAPIVersion))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
tokenURL, err := u.Parse(fmt.Sprintf(activeDirectoryEndpointTemplate, tenantID, "token", activeDirectoryAPIVersion))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
deviceCodeURL, err := u.Parse(fmt.Sprintf(activeDirectoryEndpointTemplate, tenantID, "devicecode", activeDirectoryAPIVersion))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return &OAuthConfig{
|
||||||
|
AuthorityEndpoint: *authorityURL,
|
||||||
|
AuthorizeEndpoint: *authorizeURL,
|
||||||
|
TokenEndpoint: *tokenURL,
|
||||||
|
DeviceCodeEndpoint: *deviceCodeURL,
|
||||||
|
}, nil
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
package azure
|
package adal
|
||||||
|
|
||||||
/*
|
/*
|
||||||
This file is largely based on rjw57/oauth2device's code, with the follow differences:
|
This file is largely based on rjw57/oauth2device's code, with the follow differences:
|
||||||
|
@ -10,16 +10,17 @@ package azure
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/Azure/go-autorest/autorest"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
logPrefix = "autorest/azure/devicetoken:"
|
logPrefix = "autorest/adal/devicetoken:"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
@ -38,10 +39,17 @@ var (
|
||||||
// ErrDeviceSlowDown represents the service telling us we're polling too often during device flow
|
// ErrDeviceSlowDown represents the service telling us we're polling too often during device flow
|
||||||
ErrDeviceSlowDown = fmt.Errorf("%s Error while retrieving OAuth token: Slow Down", logPrefix)
|
ErrDeviceSlowDown = fmt.Errorf("%s Error while retrieving OAuth token: Slow Down", logPrefix)
|
||||||
|
|
||||||
|
// ErrDeviceCodeEmpty represents an empty device code from the device endpoint while using device flow
|
||||||
|
ErrDeviceCodeEmpty = fmt.Errorf("%s Error while retrieving device code: Device Code Empty", logPrefix)
|
||||||
|
|
||||||
|
// ErrOAuthTokenEmpty represents an empty OAuth token from the token endpoint when using device flow
|
||||||
|
ErrOAuthTokenEmpty = fmt.Errorf("%s Error while retrieving OAuth token: Token Empty", logPrefix)
|
||||||
|
|
||||||
errCodeSendingFails = "Error occurred while sending request for Device Authorization Code"
|
errCodeSendingFails = "Error occurred while sending request for Device Authorization Code"
|
||||||
errCodeHandlingFails = "Error occurred while handling response from the Device Endpoint"
|
errCodeHandlingFails = "Error occurred while handling response from the Device Endpoint"
|
||||||
errTokenSendingFails = "Error occurred while sending request with device code for a token"
|
errTokenSendingFails = "Error occurred while sending request with device code for a token"
|
||||||
errTokenHandlingFails = "Error occurred while handling response from the Token Endpoint (during device flow)"
|
errTokenHandlingFails = "Error occurred while handling response from the Token Endpoint (during device flow)"
|
||||||
|
errStatusNotOK = "Error HTTP status != 200"
|
||||||
)
|
)
|
||||||
|
|
||||||
// DeviceCode is the object returned by the device auth endpoint
|
// DeviceCode is the object returned by the device auth endpoint
|
||||||
|
@ -79,31 +87,45 @@ type deviceToken struct {
|
||||||
|
|
||||||
// InitiateDeviceAuth initiates a device auth flow. It returns a DeviceCode
|
// InitiateDeviceAuth initiates a device auth flow. It returns a DeviceCode
|
||||||
// that can be used with CheckForUserCompletion or WaitForUserCompletion.
|
// that can be used with CheckForUserCompletion or WaitForUserCompletion.
|
||||||
func InitiateDeviceAuth(client *autorest.Client, oauthConfig OAuthConfig, clientID, resource string) (*DeviceCode, error) {
|
func InitiateDeviceAuth(sender Sender, oauthConfig OAuthConfig, clientID, resource string) (*DeviceCode, error) {
|
||||||
req, _ := autorest.Prepare(
|
v := url.Values{
|
||||||
&http.Request{},
|
"client_id": []string{clientID},
|
||||||
autorest.AsPost(),
|
"resource": []string{resource},
|
||||||
autorest.AsFormURLEncoded(),
|
}
|
||||||
autorest.WithBaseURL(oauthConfig.DeviceCodeEndpoint.String()),
|
|
||||||
autorest.WithFormData(url.Values{
|
|
||||||
"client_id": []string{clientID},
|
|
||||||
"resource": []string{resource},
|
|
||||||
}),
|
|
||||||
)
|
|
||||||
|
|
||||||
resp, err := autorest.SendWithSender(client, req)
|
s := v.Encode()
|
||||||
|
body := ioutil.NopCloser(strings.NewReader(s))
|
||||||
|
|
||||||
|
req, err := http.NewRequest(http.MethodPost, oauthConfig.DeviceCodeEndpoint.String(), body)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeSendingFails, err)
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeSendingFails, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
req.ContentLength = int64(len(s))
|
||||||
|
req.Header.Set(contentType, mimeTypeFormPost)
|
||||||
|
resp, err := sender.Do(req)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeSendingFails, err.Error())
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
rb, err := ioutil.ReadAll(resp.Body)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeHandlingFails, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
if resp.StatusCode != http.StatusOK {
|
||||||
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeHandlingFails, errStatusNotOK)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(strings.Trim(string(rb), " ")) == 0 {
|
||||||
|
return nil, ErrDeviceCodeEmpty
|
||||||
}
|
}
|
||||||
|
|
||||||
var code DeviceCode
|
var code DeviceCode
|
||||||
err = autorest.Respond(
|
err = json.Unmarshal(rb, &code)
|
||||||
resp,
|
|
||||||
autorest.WithErrorUnlessStatusCode(http.StatusOK),
|
|
||||||
autorest.ByUnmarshallingJSON(&code),
|
|
||||||
autorest.ByClosing())
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeHandlingFails, err)
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeHandlingFails, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
code.ClientID = clientID
|
code.ClientID = clientID
|
||||||
|
@ -115,33 +137,46 @@ func InitiateDeviceAuth(client *autorest.Client, oauthConfig OAuthConfig, client
|
||||||
|
|
||||||
// CheckForUserCompletion takes a DeviceCode and checks with the Azure AD OAuth endpoint
|
// CheckForUserCompletion takes a DeviceCode and checks with the Azure AD OAuth endpoint
|
||||||
// to see if the device flow has: been completed, timed out, or otherwise failed
|
// to see if the device flow has: been completed, timed out, or otherwise failed
|
||||||
func CheckForUserCompletion(client *autorest.Client, code *DeviceCode) (*Token, error) {
|
func CheckForUserCompletion(sender Sender, code *DeviceCode) (*Token, error) {
|
||||||
req, _ := autorest.Prepare(
|
v := url.Values{
|
||||||
&http.Request{},
|
"client_id": []string{code.ClientID},
|
||||||
autorest.AsPost(),
|
"code": []string{*code.DeviceCode},
|
||||||
autorest.AsFormURLEncoded(),
|
"grant_type": []string{OAuthGrantTypeDeviceCode},
|
||||||
autorest.WithBaseURL(code.OAuthConfig.TokenEndpoint.String()),
|
"resource": []string{code.Resource},
|
||||||
autorest.WithFormData(url.Values{
|
}
|
||||||
"client_id": []string{code.ClientID},
|
|
||||||
"code": []string{*code.DeviceCode},
|
|
||||||
"grant_type": []string{OAuthGrantTypeDeviceCode},
|
|
||||||
"resource": []string{code.Resource},
|
|
||||||
}),
|
|
||||||
)
|
|
||||||
|
|
||||||
resp, err := autorest.SendWithSender(client, req)
|
s := v.Encode()
|
||||||
|
body := ioutil.NopCloser(strings.NewReader(s))
|
||||||
|
|
||||||
|
req, err := http.NewRequest(http.MethodPost, code.OAuthConfig.TokenEndpoint.String(), body)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenSendingFails, err)
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenSendingFails, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
req.ContentLength = int64(len(s))
|
||||||
|
req.Header.Set(contentType, mimeTypeFormPost)
|
||||||
|
resp, err := sender.Do(req)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenSendingFails, err.Error())
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
rb, err := ioutil.ReadAll(resp.Body)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenHandlingFails, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
if resp.StatusCode != http.StatusOK && len(strings.Trim(string(rb), " ")) == 0 {
|
||||||
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenHandlingFails, errStatusNotOK)
|
||||||
|
}
|
||||||
|
if len(strings.Trim(string(rb), " ")) == 0 {
|
||||||
|
return nil, ErrOAuthTokenEmpty
|
||||||
}
|
}
|
||||||
|
|
||||||
var token deviceToken
|
var token deviceToken
|
||||||
err = autorest.Respond(
|
err = json.Unmarshal(rb, &token)
|
||||||
resp,
|
|
||||||
autorest.WithErrorUnlessStatusCode(http.StatusOK, http.StatusBadRequest),
|
|
||||||
autorest.ByUnmarshallingJSON(&token),
|
|
||||||
autorest.ByClosing())
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenHandlingFails, err)
|
return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenHandlingFails, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
if token.Error == nil {
|
if token.Error == nil {
|
||||||
|
@ -164,12 +199,12 @@ func CheckForUserCompletion(client *autorest.Client, code *DeviceCode) (*Token,
|
||||||
|
|
||||||
// WaitForUserCompletion calls CheckForUserCompletion repeatedly until a token is granted or an error state occurs.
|
// WaitForUserCompletion calls CheckForUserCompletion repeatedly until a token is granted or an error state occurs.
|
||||||
// This prevents the user from looping and checking against 'ErrDeviceAuthorizationPending'.
|
// This prevents the user from looping and checking against 'ErrDeviceAuthorizationPending'.
|
||||||
func WaitForUserCompletion(client *autorest.Client, code *DeviceCode) (*Token, error) {
|
func WaitForUserCompletion(sender Sender, code *DeviceCode) (*Token, error) {
|
||||||
intervalDuration := time.Duration(*code.Interval) * time.Second
|
intervalDuration := time.Duration(*code.Interval) * time.Second
|
||||||
waitDuration := intervalDuration
|
waitDuration := intervalDuration
|
||||||
|
|
||||||
for {
|
for {
|
||||||
token, err := CheckForUserCompletion(client, code)
|
token, err := CheckForUserCompletion(sender, code)
|
||||||
|
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return token, nil
|
return token, nil
|
|
@ -1,4 +1,4 @@
|
||||||
package azure
|
package adal
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
|
@ -0,0 +1,46 @@
|
||||||
|
package adal
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
contentType = "Content-Type"
|
||||||
|
mimeTypeFormPost = "application/x-www-form-urlencoded"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Sender is the interface that wraps the Do method to send HTTP requests.
|
||||||
|
//
|
||||||
|
// The standard http.Client conforms to this interface.
|
||||||
|
type Sender interface {
|
||||||
|
Do(*http.Request) (*http.Response, error)
|
||||||
|
}
|
||||||
|
|
||||||
|
// SenderFunc is a method that implements the Sender interface.
|
||||||
|
type SenderFunc func(*http.Request) (*http.Response, error)
|
||||||
|
|
||||||
|
// Do implements the Sender interface on SenderFunc.
|
||||||
|
func (sf SenderFunc) Do(r *http.Request) (*http.Response, error) {
|
||||||
|
return sf(r)
|
||||||
|
}
|
||||||
|
|
||||||
|
// SendDecorator takes and possibily decorates, by wrapping, a Sender. Decorators may affect the
|
||||||
|
// http.Request and pass it along or, first, pass the http.Request along then react to the
|
||||||
|
// http.Response result.
|
||||||
|
type SendDecorator func(Sender) Sender
|
||||||
|
|
||||||
|
// CreateSender creates, decorates, and returns, as a Sender, the default http.Client.
|
||||||
|
func CreateSender(decorators ...SendDecorator) Sender {
|
||||||
|
return DecorateSender(&http.Client{}, decorators...)
|
||||||
|
}
|
||||||
|
|
||||||
|
// DecorateSender accepts a Sender and a, possibly empty, set of SendDecorators, which is applies to
|
||||||
|
// the Sender. Decorators are applied in the order received, but their affect upon the request
|
||||||
|
// depends on whether they are a pre-decorator (change the http.Request and then pass it along) or a
|
||||||
|
// post-decorator (pass the http.Request along and react to the results in http.Response).
|
||||||
|
func DecorateSender(s Sender, decorators ...SendDecorator) Sender {
|
||||||
|
for _, decorate := range decorators {
|
||||||
|
s = decorate(s)
|
||||||
|
}
|
||||||
|
return s
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
package azure
|
package adal
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
|
@ -6,13 +6,15 @@ import (
|
||||||
"crypto/sha1"
|
"crypto/sha1"
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/Azure/go-autorest/autorest"
|
|
||||||
"github.com/dgrijalva/jwt-go"
|
"github.com/dgrijalva/jwt-go"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -28,6 +30,9 @@ const (
|
||||||
|
|
||||||
// OAuthGrantTypeRefreshToken is the "grant_type" identifier used in refresh token flows
|
// OAuthGrantTypeRefreshToken is the "grant_type" identifier used in refresh token flows
|
||||||
OAuthGrantTypeRefreshToken = "refresh_token"
|
OAuthGrantTypeRefreshToken = "refresh_token"
|
||||||
|
|
||||||
|
// managedIdentitySettingsPath is the path to the MSI Extension settings file (to discover the endpoint)
|
||||||
|
managedIdentitySettingsPath = "/var/lib/waagent/ManagedIdentity-Settings"
|
||||||
)
|
)
|
||||||
|
|
||||||
var expirationBase time.Time
|
var expirationBase time.Time
|
||||||
|
@ -36,6 +41,18 @@ func init() {
|
||||||
expirationBase, _ = time.Parse(time.RFC3339, tokenBaseDate)
|
expirationBase, _ = time.Parse(time.RFC3339, tokenBaseDate)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// OAuthTokenProvider is an interface which should be implemented by an access token retriever
|
||||||
|
type OAuthTokenProvider interface {
|
||||||
|
OAuthToken() string
|
||||||
|
}
|
||||||
|
|
||||||
|
// Refresher is an interface for token refresh functionality
|
||||||
|
type Refresher interface {
|
||||||
|
Refresh() error
|
||||||
|
RefreshExchange(resource string) error
|
||||||
|
EnsureFresh() error
|
||||||
|
}
|
||||||
|
|
||||||
// TokenRefreshCallback is the type representing callbacks that will be called after
|
// TokenRefreshCallback is the type representing callbacks that will be called after
|
||||||
// a successful token refresh
|
// a successful token refresh
|
||||||
type TokenRefreshCallback func(Token) error
|
type TokenRefreshCallback func(Token) error
|
||||||
|
@ -73,14 +90,9 @@ func (t Token) WillExpireIn(d time.Duration) bool {
|
||||||
return !t.Expires().After(time.Now().Add(d))
|
return !t.Expires().After(time.Now().Add(d))
|
||||||
}
|
}
|
||||||
|
|
||||||
// WithAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose
|
//OAuthToken return the current access token
|
||||||
// value is "Bearer " followed by the AccessToken of the Token.
|
func (t *Token) OAuthToken() string {
|
||||||
func (t *Token) WithAuthorization() autorest.PrepareDecorator {
|
return t.AccessToken
|
||||||
return func(p autorest.Preparer) autorest.Preparer {
|
|
||||||
return autorest.PreparerFunc(func(r *http.Request) (*http.Request, error) {
|
|
||||||
return (autorest.WithBearerAuthorization(t.AccessToken)(p)).Prepare(r)
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// ServicePrincipalNoSecret represents a secret type that contains no secret
|
// ServicePrincipalNoSecret represents a secret type that contains no secret
|
||||||
|
@ -91,7 +103,7 @@ type ServicePrincipalNoSecret struct {
|
||||||
// SetAuthenticationValues is a method of the interface ServicePrincipalSecret
|
// SetAuthenticationValues is a method of the interface ServicePrincipalSecret
|
||||||
// It only returns an error for the ServicePrincipalNoSecret type
|
// It only returns an error for the ServicePrincipalNoSecret type
|
||||||
func (noSecret *ServicePrincipalNoSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error {
|
func (noSecret *ServicePrincipalNoSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error {
|
||||||
return fmt.Errorf("Manually created ServicePrincipalToken does not contain secret material to retrieve a new access token.")
|
return fmt.Errorf("Manually created ServicePrincipalToken does not contain secret material to retrieve a new access token")
|
||||||
}
|
}
|
||||||
|
|
||||||
// ServicePrincipalSecret is an interface that allows various secret mechanism to fill the form
|
// ServicePrincipalSecret is an interface that allows various secret mechanism to fill the form
|
||||||
|
@ -118,6 +130,17 @@ type ServicePrincipalCertificateSecret struct {
|
||||||
PrivateKey *rsa.PrivateKey
|
PrivateKey *rsa.PrivateKey
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ServicePrincipalMSISecret implements ServicePrincipalSecret for machines running the MSI Extension.
|
||||||
|
type ServicePrincipalMSISecret struct {
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetAuthenticationValues is a method of the interface ServicePrincipalSecret.
|
||||||
|
// MSI extension requires the authority field to be set to the real tenant authority endpoint
|
||||||
|
func (msiSecret *ServicePrincipalMSISecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error {
|
||||||
|
v.Set("authority", spt.oauthConfig.AuthorityEndpoint.String())
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
// SignJwt returns the JWT signed with the certificate's private key.
|
// SignJwt returns the JWT signed with the certificate's private key.
|
||||||
func (secret *ServicePrincipalCertificateSecret) SignJwt(spt *ServicePrincipalToken) (string, error) {
|
func (secret *ServicePrincipalCertificateSecret) SignJwt(spt *ServicePrincipalToken) (string, error) {
|
||||||
hasher := sha1.New()
|
hasher := sha1.New()
|
||||||
|
@ -138,7 +161,7 @@ func (secret *ServicePrincipalCertificateSecret) SignJwt(spt *ServicePrincipalTo
|
||||||
token := jwt.New(jwt.SigningMethodRS256)
|
token := jwt.New(jwt.SigningMethodRS256)
|
||||||
token.Header["x5t"] = thumbprint
|
token.Header["x5t"] = thumbprint
|
||||||
token.Claims = jwt.MapClaims{
|
token.Claims = jwt.MapClaims{
|
||||||
"aud": spt.oauthConfig.TokenEndpoint,
|
"aud": spt.oauthConfig.TokenEndpoint.String(),
|
||||||
"iss": spt.clientID,
|
"iss": spt.clientID,
|
||||||
"sub": spt.clientID,
|
"sub": spt.clientID,
|
||||||
"jti": base64.URLEncoding.EncodeToString(jti),
|
"jti": base64.URLEncoding.EncodeToString(jti),
|
||||||
|
@ -173,7 +196,7 @@ type ServicePrincipalToken struct {
|
||||||
resource string
|
resource string
|
||||||
autoRefresh bool
|
autoRefresh bool
|
||||||
refreshWithin time.Duration
|
refreshWithin time.Duration
|
||||||
sender autorest.Sender
|
sender Sender
|
||||||
|
|
||||||
refreshCallbacks []TokenRefreshCallback
|
refreshCallbacks []TokenRefreshCallback
|
||||||
}
|
}
|
||||||
|
@ -238,10 +261,56 @@ func NewServicePrincipalTokenFromCertificate(oauthConfig OAuthConfig, clientID s
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NewServicePrincipalTokenFromMSI creates a ServicePrincipalToken via the MSI VM Extension.
|
||||||
|
func NewServicePrincipalTokenFromMSI(oauthConfig OAuthConfig, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
|
||||||
|
return newServicePrincipalTokenFromMSI(oauthConfig, resource, managedIdentitySettingsPath, callbacks...)
|
||||||
|
}
|
||||||
|
|
||||||
|
func newServicePrincipalTokenFromMSI(oauthConfig OAuthConfig, resource, settingsPath string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) {
|
||||||
|
// Read MSI settings
|
||||||
|
bytes, err := ioutil.ReadFile(settingsPath)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
msiSettings := struct {
|
||||||
|
URL string `json:"url"`
|
||||||
|
}{}
|
||||||
|
err = json.Unmarshal(bytes, &msiSettings)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// We set the oauth config token endpoint to be MSI's endpoint
|
||||||
|
// We leave the authority as-is so MSI can POST it with the token request
|
||||||
|
msiEndpointURL, err := url.Parse(msiSettings.URL)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
msiTokenEndpointURL, err := msiEndpointURL.Parse("/oauth2/token")
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
oauthConfig.TokenEndpoint = *msiTokenEndpointURL
|
||||||
|
|
||||||
|
spt := &ServicePrincipalToken{
|
||||||
|
oauthConfig: oauthConfig,
|
||||||
|
secret: &ServicePrincipalMSISecret{},
|
||||||
|
resource: resource,
|
||||||
|
autoRefresh: true,
|
||||||
|
refreshWithin: defaultRefresh,
|
||||||
|
sender: &http.Client{},
|
||||||
|
refreshCallbacks: callbacks,
|
||||||
|
}
|
||||||
|
|
||||||
|
return spt, nil
|
||||||
|
}
|
||||||
|
|
||||||
// EnsureFresh will refresh the token if it will expire within the refresh window (as set by
|
// EnsureFresh will refresh the token if it will expire within the refresh window (as set by
|
||||||
// RefreshWithin).
|
// RefreshWithin) and autoRefresh flag is on.
|
||||||
func (spt *ServicePrincipalToken) EnsureFresh() error {
|
func (spt *ServicePrincipalToken) EnsureFresh() error {
|
||||||
if spt.WillExpireIn(spt.refreshWithin) {
|
if spt.autoRefresh && spt.WillExpireIn(spt.refreshWithin) {
|
||||||
return spt.Refresh()
|
return spt.Refresh()
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
|
@ -253,8 +322,7 @@ func (spt *ServicePrincipalToken) InvokeRefreshCallbacks(token Token) error {
|
||||||
for _, callback := range spt.refreshCallbacks {
|
for _, callback := range spt.refreshCallbacks {
|
||||||
err := callback(spt.Token)
|
err := callback(spt.Token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return autorest.NewErrorWithError(err,
|
return fmt.Errorf("adal: TokenRefreshCallback handler failed. Error = '%v'", err)
|
||||||
"azure.ServicePrincipalToken", "InvokeRefreshCallbacks", nil, "A TokenRefreshCallback handler returned an error")
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -287,39 +355,40 @@ func (spt *ServicePrincipalToken) refreshInternal(resource string) error {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
req, _ := autorest.Prepare(&http.Request{},
|
s := v.Encode()
|
||||||
autorest.AsPost(),
|
body := ioutil.NopCloser(strings.NewReader(s))
|
||||||
autorest.AsFormURLEncoded(),
|
req, err := http.NewRequest(http.MethodPost, spt.oauthConfig.TokenEndpoint.String(), body)
|
||||||
autorest.WithBaseURL(spt.oauthConfig.TokenEndpoint.String()),
|
|
||||||
autorest.WithFormData(v))
|
|
||||||
|
|
||||||
resp, err := autorest.SendWithSender(spt.sender, req)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return autorest.NewErrorWithError(err,
|
return fmt.Errorf("adal: Failed to build the refresh request. Error = '%v'", err)
|
||||||
"azure.ServicePrincipalToken", "Refresh", resp, "Failure sending request for Service Principal %s",
|
|
||||||
spt.clientID)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var newToken Token
|
req.ContentLength = int64(len(s))
|
||||||
err = autorest.Respond(resp,
|
req.Header.Set(contentType, mimeTypeFormPost)
|
||||||
autorest.WithErrorUnlessOK(),
|
resp, err := spt.sender.Do(req)
|
||||||
autorest.ByUnmarshallingJSON(&newToken),
|
|
||||||
autorest.ByClosing())
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return autorest.NewErrorWithError(err,
|
return fmt.Errorf("adal: Failed to execute the refresh request. Error = '%v'", err)
|
||||||
"azure.ServicePrincipalToken", "Refresh", resp, "Failure handling response to Service Principal %s request",
|
}
|
||||||
spt.clientID)
|
defer resp.Body.Close()
|
||||||
|
if resp.StatusCode != http.StatusOK {
|
||||||
|
return fmt.Errorf("adal: Refresh request failed. Status Code = '%d'", resp.StatusCode)
|
||||||
}
|
}
|
||||||
|
|
||||||
spt.Token = newToken
|
rb, err := ioutil.ReadAll(resp.Body)
|
||||||
|
|
||||||
err = spt.InvokeRefreshCallbacks(newToken)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
// its already wrapped inside InvokeRefreshCallbacks
|
return fmt.Errorf("adal: Failed to read a new service principal token during refresh. Error = '%v'", err)
|
||||||
return err
|
}
|
||||||
|
if len(strings.Trim(string(rb), " ")) == 0 {
|
||||||
|
return fmt.Errorf("adal: Empty service principal token received during refresh")
|
||||||
|
}
|
||||||
|
var token Token
|
||||||
|
err = json.Unmarshal(rb, &token)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("adal: Failed to unmarshal the service principal token during refresh. Error = '%v' JSON = '%s'", err, string(rb))
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
spt.Token = token
|
||||||
|
|
||||||
|
return spt.InvokeRefreshCallbacks(token)
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetAutoRefresh enables or disables automatic refreshing of stale tokens.
|
// SetAutoRefresh enables or disables automatic refreshing of stale tokens.
|
||||||
|
@ -334,30 +403,6 @@ func (spt *ServicePrincipalToken) SetRefreshWithin(d time.Duration) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetSender sets the autorest.Sender used when obtaining the Service Principal token. An
|
// SetSender sets the http.Client used when obtaining the Service Principal token. An
|
||||||
// undecorated http.Client is used by default.
|
// undecorated http.Client is used by default.
|
||||||
func (spt *ServicePrincipalToken) SetSender(s autorest.Sender) {
|
func (spt *ServicePrincipalToken) SetSender(s Sender) { spt.sender = s }
|
||||||
spt.sender = s
|
|
||||||
}
|
|
||||||
|
|
||||||
// WithAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose
|
|
||||||
// value is "Bearer " followed by the AccessToken of the ServicePrincipalToken.
|
|
||||||
//
|
|
||||||
// By default, the token will automatically refresh if nearly expired (as determined by the
|
|
||||||
// RefreshWithin interval). Use the AutoRefresh method to enable or disable automatically refreshing
|
|
||||||
// tokens.
|
|
||||||
func (spt *ServicePrincipalToken) WithAuthorization() autorest.PrepareDecorator {
|
|
||||||
return func(p autorest.Preparer) autorest.Preparer {
|
|
||||||
return autorest.PreparerFunc(func(r *http.Request) (*http.Request, error) {
|
|
||||||
if spt.autoRefresh {
|
|
||||||
err := spt.EnsureFresh()
|
|
||||||
if err != nil {
|
|
||||||
return r, autorest.NewErrorWithError(err,
|
|
||||||
"azure.ServicePrincipalToken", "WithAuthorization", nil, "Failed to refresh Service Principal Token for request to %s",
|
|
||||||
r.URL)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return (autorest.WithBearerAuthorization(spt.AccessToken)(p)).Prepare(r)
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -0,0 +1,57 @@
|
||||||
|
package autorest
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/Azure/go-autorest/autorest/adal"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Authorizer is the interface that provides a PrepareDecorator used to supply request
|
||||||
|
// authorization. Most often, the Authorizer decorator runs last so it has access to the full
|
||||||
|
// state of the formed HTTP request.
|
||||||
|
type Authorizer interface {
|
||||||
|
WithAuthorization() PrepareDecorator
|
||||||
|
}
|
||||||
|
|
||||||
|
// NullAuthorizer implements a default, "do nothing" Authorizer.
|
||||||
|
type NullAuthorizer struct{}
|
||||||
|
|
||||||
|
// WithAuthorization returns a PrepareDecorator that does nothing.
|
||||||
|
func (na NullAuthorizer) WithAuthorization() PrepareDecorator {
|
||||||
|
return WithNothing()
|
||||||
|
}
|
||||||
|
|
||||||
|
// BearerAuthorizer implements the bearer authorization
|
||||||
|
type BearerAuthorizer struct {
|
||||||
|
tokenProvider adal.OAuthTokenProvider
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewBearerAuthorizer crates a BearerAuthorizer using the given token provider
|
||||||
|
func NewBearerAuthorizer(tp adal.OAuthTokenProvider) *BearerAuthorizer {
|
||||||
|
return &BearerAuthorizer{tokenProvider: tp}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (ba *BearerAuthorizer) withBearerAuthorization() PrepareDecorator {
|
||||||
|
return WithHeader(headerAuthorization, fmt.Sprintf("Bearer %s", ba.tokenProvider.OAuthToken()))
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose
|
||||||
|
// value is "Bearer " followed by the token.
|
||||||
|
//
|
||||||
|
// By default, the token will be automatically refreshed through the Refresher interface.
|
||||||
|
func (ba *BearerAuthorizer) WithAuthorization() PrepareDecorator {
|
||||||
|
return func(p Preparer) Preparer {
|
||||||
|
return PreparerFunc(func(r *http.Request) (*http.Request, error) {
|
||||||
|
refresher, ok := ba.tokenProvider.(adal.Refresher)
|
||||||
|
if ok {
|
||||||
|
err := refresher.EnsureFresh()
|
||||||
|
if err != nil {
|
||||||
|
return r, NewErrorWithError(err, "azure.BearerAuthorizer", "WithAuthorization", nil,
|
||||||
|
"Failed to refresh the Token for request to %s", r.URL)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return (ba.withBearerAuthorization()(p)).Prepare(r)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
|
@ -16,6 +16,7 @@ and Responding. A typical pattern is:
|
||||||
DoRetryForAttempts(5, time.Second))
|
DoRetryForAttempts(5, time.Second))
|
||||||
|
|
||||||
err = Respond(resp,
|
err = Respond(resp,
|
||||||
|
ByDiscardingBody(),
|
||||||
ByClosing())
|
ByClosing())
|
||||||
|
|
||||||
Each phase relies on decorators to modify and / or manage processing. Decorators may first modify
|
Each phase relies on decorators to modify and / or manage processing. Decorators may first modify
|
||||||
|
|
|
@ -3,12 +3,13 @@ package azure
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"fmt"
|
"fmt"
|
||||||
"github.com/Azure/go-autorest/autorest"
|
|
||||||
"github.com/Azure/go-autorest/autorest/date"
|
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/Azure/go-autorest/autorest"
|
||||||
|
"github.com/Azure/go-autorest/autorest/date"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -16,12 +17,6 @@ const (
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
methodDelete = "DELETE"
|
|
||||||
methodPatch = "PATCH"
|
|
||||||
methodPost = "POST"
|
|
||||||
methodPut = "PUT"
|
|
||||||
methodGet = "GET"
|
|
||||||
|
|
||||||
operationInProgress string = "InProgress"
|
operationInProgress string = "InProgress"
|
||||||
operationCanceled string = "Canceled"
|
operationCanceled string = "Canceled"
|
||||||
operationFailed string = "Failed"
|
operationFailed string = "Failed"
|
||||||
|
@ -225,7 +220,7 @@ func updatePollingState(resp *http.Response, ps *pollingState) error {
|
||||||
// Lastly, requests against an existing resource, use the last request URI
|
// Lastly, requests against an existing resource, use the last request URI
|
||||||
if ps.uri == "" {
|
if ps.uri == "" {
|
||||||
m := strings.ToUpper(req.Method)
|
m := strings.ToUpper(req.Method)
|
||||||
if m == methodPatch || m == methodPut || m == methodGet {
|
if m == http.MethodPatch || m == http.MethodPut || m == http.MethodGet {
|
||||||
ps.uri = req.URL.String()
|
ps.uri = req.URL.String()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,13 +0,0 @@
|
||||||
package azure
|
|
||||||
|
|
||||||
import (
|
|
||||||
"net/url"
|
|
||||||
)
|
|
||||||
|
|
||||||
// OAuthConfig represents the endpoints needed
|
|
||||||
// in OAuth operations
|
|
||||||
type OAuthConfig struct {
|
|
||||||
AuthorizeEndpoint url.URL
|
|
||||||
TokenEndpoint url.URL
|
|
||||||
DeviceCodeEndpoint url.URL
|
|
||||||
}
|
|
|
@ -2,14 +2,9 @@ package azure
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/url"
|
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
|
||||||
activeDirectoryAPIVersion = "1.0"
|
|
||||||
)
|
|
||||||
|
|
||||||
var environments = map[string]Environment{
|
var environments = map[string]Environment{
|
||||||
"AZURECHINACLOUD": ChinaCloud,
|
"AZURECHINACLOUD": ChinaCloud,
|
||||||
"AZUREGERMANCLOUD": GermanCloud,
|
"AZUREGERMANCLOUD": GermanCloud,
|
||||||
|
@ -19,93 +14,108 @@ var environments = map[string]Environment{
|
||||||
|
|
||||||
// Environment represents a set of endpoints for each of Azure's Clouds.
|
// Environment represents a set of endpoints for each of Azure's Clouds.
|
||||||
type Environment struct {
|
type Environment struct {
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
ManagementPortalURL string `json:"managementPortalURL"`
|
ManagementPortalURL string `json:"managementPortalURL"`
|
||||||
PublishSettingsURL string `json:"publishSettingsURL"`
|
PublishSettingsURL string `json:"publishSettingsURL"`
|
||||||
ServiceManagementEndpoint string `json:"serviceManagementEndpoint"`
|
ServiceManagementEndpoint string `json:"serviceManagementEndpoint"`
|
||||||
ResourceManagerEndpoint string `json:"resourceManagerEndpoint"`
|
ResourceManagerEndpoint string `json:"resourceManagerEndpoint"`
|
||||||
ActiveDirectoryEndpoint string `json:"activeDirectoryEndpoint"`
|
ActiveDirectoryEndpoint string `json:"activeDirectoryEndpoint"`
|
||||||
GalleryEndpoint string `json:"galleryEndpoint"`
|
GalleryEndpoint string `json:"galleryEndpoint"`
|
||||||
KeyVaultEndpoint string `json:"keyVaultEndpoint"`
|
KeyVaultEndpoint string `json:"keyVaultEndpoint"`
|
||||||
GraphEndpoint string `json:"graphEndpoint"`
|
GraphEndpoint string `json:"graphEndpoint"`
|
||||||
StorageEndpointSuffix string `json:"storageEndpointSuffix"`
|
StorageEndpointSuffix string `json:"storageEndpointSuffix"`
|
||||||
SQLDatabaseDNSSuffix string `json:"sqlDatabaseDNSSuffix"`
|
SQLDatabaseDNSSuffix string `json:"sqlDatabaseDNSSuffix"`
|
||||||
TrafficManagerDNSSuffix string `json:"trafficManagerDNSSuffix"`
|
TrafficManagerDNSSuffix string `json:"trafficManagerDNSSuffix"`
|
||||||
KeyVaultDNSSuffix string `json:"keyVaultDNSSuffix"`
|
KeyVaultDNSSuffix string `json:"keyVaultDNSSuffix"`
|
||||||
ServiceBusEndpointSuffix string `json:"serviceBusEndpointSuffix"`
|
ServiceBusEndpointSuffix string `json:"serviceBusEndpointSuffix"`
|
||||||
|
ServiceManagementVMDNSSuffix string `json:"serviceManagementVMDNSSuffix"`
|
||||||
|
ResourceManagerVMDNSSuffix string `json:"resourceManagerVMDNSSuffix"`
|
||||||
|
ContainerRegistryDNSSuffix string `json:"containerRegistryDNSSuffix"`
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
// PublicCloud is the default public Azure cloud environment
|
// PublicCloud is the default public Azure cloud environment
|
||||||
PublicCloud = Environment{
|
PublicCloud = Environment{
|
||||||
Name: "AzurePublicCloud",
|
Name: "AzurePublicCloud",
|
||||||
ManagementPortalURL: "https://manage.windowsazure.com/",
|
ManagementPortalURL: "https://manage.windowsazure.com/",
|
||||||
PublishSettingsURL: "https://manage.windowsazure.com/publishsettings/index",
|
PublishSettingsURL: "https://manage.windowsazure.com/publishsettings/index",
|
||||||
ServiceManagementEndpoint: "https://management.core.windows.net/",
|
ServiceManagementEndpoint: "https://management.core.windows.net/",
|
||||||
ResourceManagerEndpoint: "https://management.azure.com/",
|
ResourceManagerEndpoint: "https://management.azure.com/",
|
||||||
ActiveDirectoryEndpoint: "https://login.microsoftonline.com/",
|
ActiveDirectoryEndpoint: "https://login.microsoftonline.com/",
|
||||||
GalleryEndpoint: "https://gallery.azure.com/",
|
GalleryEndpoint: "https://gallery.azure.com/",
|
||||||
KeyVaultEndpoint: "https://vault.azure.net/",
|
KeyVaultEndpoint: "https://vault.azure.net/",
|
||||||
GraphEndpoint: "https://graph.windows.net/",
|
GraphEndpoint: "https://graph.windows.net/",
|
||||||
StorageEndpointSuffix: "core.windows.net",
|
StorageEndpointSuffix: "core.windows.net",
|
||||||
SQLDatabaseDNSSuffix: "database.windows.net",
|
SQLDatabaseDNSSuffix: "database.windows.net",
|
||||||
TrafficManagerDNSSuffix: "trafficmanager.net",
|
TrafficManagerDNSSuffix: "trafficmanager.net",
|
||||||
KeyVaultDNSSuffix: "vault.azure.net",
|
KeyVaultDNSSuffix: "vault.azure.net",
|
||||||
ServiceBusEndpointSuffix: "servicebus.azure.com",
|
ServiceBusEndpointSuffix: "servicebus.azure.com",
|
||||||
|
ServiceManagementVMDNSSuffix: "cloudapp.net",
|
||||||
|
ResourceManagerVMDNSSuffix: "cloudapp.azure.com",
|
||||||
|
ContainerRegistryDNSSuffix: "azurecr.io",
|
||||||
}
|
}
|
||||||
|
|
||||||
// USGovernmentCloud is the cloud environment for the US Government
|
// USGovernmentCloud is the cloud environment for the US Government
|
||||||
USGovernmentCloud = Environment{
|
USGovernmentCloud = Environment{
|
||||||
Name: "AzureUSGovernmentCloud",
|
Name: "AzureUSGovernmentCloud",
|
||||||
ManagementPortalURL: "https://manage.windowsazure.us/",
|
ManagementPortalURL: "https://manage.windowsazure.us/",
|
||||||
PublishSettingsURL: "https://manage.windowsazure.us/publishsettings/index",
|
PublishSettingsURL: "https://manage.windowsazure.us/publishsettings/index",
|
||||||
ServiceManagementEndpoint: "https://management.core.usgovcloudapi.net/",
|
ServiceManagementEndpoint: "https://management.core.usgovcloudapi.net/",
|
||||||
ResourceManagerEndpoint: "https://management.usgovcloudapi.net/",
|
ResourceManagerEndpoint: "https://management.usgovcloudapi.net/",
|
||||||
ActiveDirectoryEndpoint: "https://login.microsoftonline.com/",
|
ActiveDirectoryEndpoint: "https://login.microsoftonline.com/",
|
||||||
GalleryEndpoint: "https://gallery.usgovcloudapi.net/",
|
GalleryEndpoint: "https://gallery.usgovcloudapi.net/",
|
||||||
KeyVaultEndpoint: "https://vault.usgovcloudapi.net/",
|
KeyVaultEndpoint: "https://vault.usgovcloudapi.net/",
|
||||||
GraphEndpoint: "https://graph.usgovcloudapi.net/",
|
GraphEndpoint: "https://graph.usgovcloudapi.net/",
|
||||||
StorageEndpointSuffix: "core.usgovcloudapi.net",
|
StorageEndpointSuffix: "core.usgovcloudapi.net",
|
||||||
SQLDatabaseDNSSuffix: "database.usgovcloudapi.net",
|
SQLDatabaseDNSSuffix: "database.usgovcloudapi.net",
|
||||||
TrafficManagerDNSSuffix: "usgovtrafficmanager.net",
|
TrafficManagerDNSSuffix: "usgovtrafficmanager.net",
|
||||||
KeyVaultDNSSuffix: "vault.usgovcloudapi.net",
|
KeyVaultDNSSuffix: "vault.usgovcloudapi.net",
|
||||||
ServiceBusEndpointSuffix: "servicebus.usgovcloudapi.net",
|
ServiceBusEndpointSuffix: "servicebus.usgovcloudapi.net",
|
||||||
|
ServiceManagementVMDNSSuffix: "usgovcloudapp.net",
|
||||||
|
ResourceManagerVMDNSSuffix: "cloudapp.windowsazure.us",
|
||||||
|
ContainerRegistryDNSSuffix: "azurecr.io",
|
||||||
}
|
}
|
||||||
|
|
||||||
// ChinaCloud is the cloud environment operated in China
|
// ChinaCloud is the cloud environment operated in China
|
||||||
ChinaCloud = Environment{
|
ChinaCloud = Environment{
|
||||||
Name: "AzureChinaCloud",
|
Name: "AzureChinaCloud",
|
||||||
ManagementPortalURL: "https://manage.chinacloudapi.com/",
|
ManagementPortalURL: "https://manage.chinacloudapi.com/",
|
||||||
PublishSettingsURL: "https://manage.chinacloudapi.com/publishsettings/index",
|
PublishSettingsURL: "https://manage.chinacloudapi.com/publishsettings/index",
|
||||||
ServiceManagementEndpoint: "https://management.core.chinacloudapi.cn/",
|
ServiceManagementEndpoint: "https://management.core.chinacloudapi.cn/",
|
||||||
ResourceManagerEndpoint: "https://management.chinacloudapi.cn/",
|
ResourceManagerEndpoint: "https://management.chinacloudapi.cn/",
|
||||||
ActiveDirectoryEndpoint: "https://login.chinacloudapi.cn/?api-version=1.0",
|
ActiveDirectoryEndpoint: "https://login.chinacloudapi.cn/",
|
||||||
GalleryEndpoint: "https://gallery.chinacloudapi.cn/",
|
GalleryEndpoint: "https://gallery.chinacloudapi.cn/",
|
||||||
KeyVaultEndpoint: "https://vault.azure.cn/",
|
KeyVaultEndpoint: "https://vault.azure.cn/",
|
||||||
GraphEndpoint: "https://graph.chinacloudapi.cn/",
|
GraphEndpoint: "https://graph.chinacloudapi.cn/",
|
||||||
StorageEndpointSuffix: "core.chinacloudapi.cn",
|
StorageEndpointSuffix: "core.chinacloudapi.cn",
|
||||||
SQLDatabaseDNSSuffix: "database.chinacloudapi.cn",
|
SQLDatabaseDNSSuffix: "database.chinacloudapi.cn",
|
||||||
TrafficManagerDNSSuffix: "trafficmanager.cn",
|
TrafficManagerDNSSuffix: "trafficmanager.cn",
|
||||||
KeyVaultDNSSuffix: "vault.azure.cn",
|
KeyVaultDNSSuffix: "vault.azure.cn",
|
||||||
ServiceBusEndpointSuffix: "servicebus.chinacloudapi.net",
|
ServiceBusEndpointSuffix: "servicebus.chinacloudapi.net",
|
||||||
|
ServiceManagementVMDNSSuffix: "chinacloudapp.cn",
|
||||||
|
ResourceManagerVMDNSSuffix: "cloudapp.azure.cn",
|
||||||
|
ContainerRegistryDNSSuffix: "azurecr.io",
|
||||||
}
|
}
|
||||||
|
|
||||||
// GermanCloud is the cloud environment operated in Germany
|
// GermanCloud is the cloud environment operated in Germany
|
||||||
GermanCloud = Environment{
|
GermanCloud = Environment{
|
||||||
Name: "AzureGermanCloud",
|
Name: "AzureGermanCloud",
|
||||||
ManagementPortalURL: "http://portal.microsoftazure.de/",
|
ManagementPortalURL: "http://portal.microsoftazure.de/",
|
||||||
PublishSettingsURL: "https://manage.microsoftazure.de/publishsettings/index",
|
PublishSettingsURL: "https://manage.microsoftazure.de/publishsettings/index",
|
||||||
ServiceManagementEndpoint: "https://management.core.cloudapi.de/",
|
ServiceManagementEndpoint: "https://management.core.cloudapi.de/",
|
||||||
ResourceManagerEndpoint: "https://management.microsoftazure.de/",
|
ResourceManagerEndpoint: "https://management.microsoftazure.de/",
|
||||||
ActiveDirectoryEndpoint: "https://login.microsoftonline.de/",
|
ActiveDirectoryEndpoint: "https://login.microsoftonline.de/",
|
||||||
GalleryEndpoint: "https://gallery.cloudapi.de/",
|
GalleryEndpoint: "https://gallery.cloudapi.de/",
|
||||||
KeyVaultEndpoint: "https://vault.microsoftazure.de/",
|
KeyVaultEndpoint: "https://vault.microsoftazure.de/",
|
||||||
GraphEndpoint: "https://graph.cloudapi.de/",
|
GraphEndpoint: "https://graph.cloudapi.de/",
|
||||||
StorageEndpointSuffix: "core.cloudapi.de",
|
StorageEndpointSuffix: "core.cloudapi.de",
|
||||||
SQLDatabaseDNSSuffix: "database.cloudapi.de",
|
SQLDatabaseDNSSuffix: "database.cloudapi.de",
|
||||||
TrafficManagerDNSSuffix: "azuretrafficmanager.de",
|
TrafficManagerDNSSuffix: "azuretrafficmanager.de",
|
||||||
KeyVaultDNSSuffix: "vault.microsoftazure.de",
|
KeyVaultDNSSuffix: "vault.microsoftazure.de",
|
||||||
ServiceBusEndpointSuffix: "servicebus.cloudapi.de",
|
ServiceBusEndpointSuffix: "servicebus.cloudapi.de",
|
||||||
|
ServiceManagementVMDNSSuffix: "azurecloudapp.de",
|
||||||
|
ResourceManagerVMDNSSuffix: "cloudapp.microsoftazure.de",
|
||||||
|
ContainerRegistryDNSSuffix: "azurecr.io",
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -118,30 +128,3 @@ func EnvironmentFromName(name string) (Environment, error) {
|
||||||
}
|
}
|
||||||
return env, nil
|
return env, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// OAuthConfigForTenant returns an OAuthConfig with tenant specific urls
|
|
||||||
func (env Environment) OAuthConfigForTenant(tenantID string) (*OAuthConfig, error) {
|
|
||||||
template := "%s/oauth2/%s?api-version=%s"
|
|
||||||
u, err := url.Parse(env.ActiveDirectoryEndpoint)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
authorizeURL, err := u.Parse(fmt.Sprintf(template, tenantID, "authorize", activeDirectoryAPIVersion))
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
tokenURL, err := u.Parse(fmt.Sprintf(template, tenantID, "token", activeDirectoryAPIVersion))
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
deviceCodeURL, err := u.Parse(fmt.Sprintf(template, tenantID, "devicecode", activeDirectoryAPIVersion))
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
return &OAuthConfig{
|
|
||||||
AuthorizeEndpoint: *authorizeURL,
|
|
||||||
TokenEndpoint: *tokenURL,
|
|
||||||
DeviceCodeEndpoint: *deviceCodeURL,
|
|
||||||
}, nil
|
|
||||||
}
|
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/cookiejar"
|
"net/http/cookiejar"
|
||||||
|
"runtime"
|
||||||
"time"
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -20,18 +21,26 @@ const (
|
||||||
|
|
||||||
// DefaultRetryAttempts is number of attempts for retry status codes (5xx).
|
// DefaultRetryAttempts is number of attempts for retry status codes (5xx).
|
||||||
DefaultRetryAttempts = 3
|
DefaultRetryAttempts = 3
|
||||||
|
|
||||||
// DefaultRetryDuration is a resonable delay for retry.
|
|
||||||
defaultRetryInterval = 30 * time.Second
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var statusCodesForRetry = []int{
|
var (
|
||||||
http.StatusRequestTimeout, // 408
|
// defaultUserAgent builds a string containing the Go version, system archityecture and OS,
|
||||||
http.StatusInternalServerError, // 500
|
// and the go-autorest version.
|
||||||
http.StatusBadGateway, // 502
|
defaultUserAgent = fmt.Sprintf("Go/%s (%s-%s) go-autorest/%s",
|
||||||
http.StatusServiceUnavailable, // 503
|
runtime.Version(),
|
||||||
http.StatusGatewayTimeout, // 504
|
runtime.GOARCH,
|
||||||
}
|
runtime.GOOS,
|
||||||
|
Version(),
|
||||||
|
)
|
||||||
|
|
||||||
|
statusCodesForRetry = []int{
|
||||||
|
http.StatusRequestTimeout, // 408
|
||||||
|
http.StatusInternalServerError, // 500
|
||||||
|
http.StatusBadGateway, // 502
|
||||||
|
http.StatusServiceUnavailable, // 503
|
||||||
|
http.StatusGatewayTimeout, // 504
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
requestFormat = `HTTP Request Begin ===================================================
|
requestFormat = `HTTP Request Begin ===================================================
|
||||||
|
@ -130,6 +139,9 @@ type Client struct {
|
||||||
// RetryAttempts sets the default number of retry attempts for client.
|
// RetryAttempts sets the default number of retry attempts for client.
|
||||||
RetryAttempts int
|
RetryAttempts int
|
||||||
|
|
||||||
|
// RetryDuration sets the delay duration for retries.
|
||||||
|
RetryDuration time.Duration
|
||||||
|
|
||||||
// UserAgent, if not empty, will be set as the HTTP User-Agent header on all requests sent
|
// UserAgent, if not empty, will be set as the HTTP User-Agent header on all requests sent
|
||||||
// through the Do method.
|
// through the Do method.
|
||||||
UserAgent string
|
UserAgent string
|
||||||
|
@ -140,12 +152,24 @@ type Client struct {
|
||||||
// NewClientWithUserAgent returns an instance of a Client with the UserAgent set to the passed
|
// NewClientWithUserAgent returns an instance of a Client with the UserAgent set to the passed
|
||||||
// string.
|
// string.
|
||||||
func NewClientWithUserAgent(ua string) Client {
|
func NewClientWithUserAgent(ua string) Client {
|
||||||
return Client{
|
c := Client{
|
||||||
PollingDelay: DefaultPollingDelay,
|
PollingDelay: DefaultPollingDelay,
|
||||||
PollingDuration: DefaultPollingDuration,
|
PollingDuration: DefaultPollingDuration,
|
||||||
RetryAttempts: DefaultRetryAttempts,
|
RetryAttempts: DefaultRetryAttempts,
|
||||||
UserAgent: ua,
|
RetryDuration: 30 * time.Second,
|
||||||
|
UserAgent: defaultUserAgent,
|
||||||
}
|
}
|
||||||
|
c.AddToUserAgent(ua)
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
|
||||||
|
// AddToUserAgent adds an extension to the current user agent
|
||||||
|
func (c *Client) AddToUserAgent(extension string) error {
|
||||||
|
if extension != "" {
|
||||||
|
c.UserAgent = fmt.Sprintf("%s %s", c.UserAgent, extension)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
return fmt.Errorf("Extension was empty, User Agent stayed as %s", c.UserAgent)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Do implements the Sender interface by invoking the active Sender after applying authorization.
|
// Do implements the Sender interface by invoking the active Sender after applying authorization.
|
||||||
|
@ -163,7 +187,7 @@ func (c Client) Do(r *http.Request) (*http.Response, error) {
|
||||||
return nil, NewErrorWithError(err, "autorest/Client", "Do", nil, "Preparing request failed")
|
return nil, NewErrorWithError(err, "autorest/Client", "Do", nil, "Preparing request failed")
|
||||||
}
|
}
|
||||||
resp, err := SendWithSender(c.sender(), r,
|
resp, err := SendWithSender(c.sender(), r,
|
||||||
DoRetryForStatusCodes(c.RetryAttempts, defaultRetryInterval, statusCodesForRetry...))
|
DoRetryForStatusCodes(c.RetryAttempts, c.RetryDuration, statusCodesForRetry...))
|
||||||
Respond(resp,
|
Respond(resp,
|
||||||
c.ByInspecting())
|
c.ByInspecting())
|
||||||
return resp, err
|
return resp, err
|
||||||
|
|
|
@ -1,12 +1,17 @@
|
||||||
package date
|
package date
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"regexp"
|
||||||
"time"
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// Azure reports time in UTC but it doesn't include the 'Z' time zone suffix in some cases.
|
||||||
const (
|
const (
|
||||||
rfc3339JSON = `"` + time.RFC3339Nano + `"`
|
azureUtcFormatJSON = `"2006-01-02T15:04:05.999999999"`
|
||||||
rfc3339 = time.RFC3339Nano
|
azureUtcFormat = "2006-01-02T15:04:05.999999999"
|
||||||
|
rfc3339JSON = `"` + time.RFC3339Nano + `"`
|
||||||
|
rfc3339 = time.RFC3339Nano
|
||||||
|
tzOffsetRegex = `(Z|z|\+|-)(\d+:\d+)*"*$`
|
||||||
)
|
)
|
||||||
|
|
||||||
// Time defines a type similar to time.Time but assumes a layout of RFC3339 date-time (i.e.,
|
// Time defines a type similar to time.Time but assumes a layout of RFC3339 date-time (i.e.,
|
||||||
|
@ -36,7 +41,14 @@ func (t Time) MarshalJSON() (json []byte, err error) {
|
||||||
// UnmarshalJSON reconstitutes the Time from a JSON string conforming to RFC3339 date-time
|
// UnmarshalJSON reconstitutes the Time from a JSON string conforming to RFC3339 date-time
|
||||||
// (i.e., 2006-01-02T15:04:05Z).
|
// (i.e., 2006-01-02T15:04:05Z).
|
||||||
func (t *Time) UnmarshalJSON(data []byte) (err error) {
|
func (t *Time) UnmarshalJSON(data []byte) (err error) {
|
||||||
t.Time, err = ParseTime(rfc3339JSON, string(data))
|
timeFormat := azureUtcFormatJSON
|
||||||
|
match, err := regexp.Match(tzOffsetRegex, data)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
} else if match {
|
||||||
|
timeFormat = rfc3339JSON
|
||||||
|
}
|
||||||
|
t.Time, err = ParseTime(timeFormat, string(data))
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -49,7 +61,14 @@ func (t Time) MarshalText() (text []byte, err error) {
|
||||||
// UnmarshalText reconstitutes a Time saved as a byte array conforming to RFC3339 date-time
|
// UnmarshalText reconstitutes a Time saved as a byte array conforming to RFC3339 date-time
|
||||||
// (i.e., 2006-01-02T15:04:05Z).
|
// (i.e., 2006-01-02T15:04:05Z).
|
||||||
func (t *Time) UnmarshalText(data []byte) (err error) {
|
func (t *Time) UnmarshalText(data []byte) (err error) {
|
||||||
t.Time, err = ParseTime(rfc3339, string(data))
|
timeFormat := azureUtcFormat
|
||||||
|
match, err := regexp.Match(tzOffsetRegex, data)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
} else if match {
|
||||||
|
timeFormat = rfc3339
|
||||||
|
}
|
||||||
|
t.Time, err = ParseTime(timeFormat, string(data))
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,109 @@
|
||||||
|
package date
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"encoding/binary"
|
||||||
|
"encoding/json"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
|
// unixEpoch is the moment in time that should be treated as timestamp 0.
|
||||||
|
var unixEpoch = time.Date(1970, time.January, 1, 0, 0, 0, 0, time.UTC)
|
||||||
|
|
||||||
|
// UnixTime marshals and unmarshals a time that is represented as the number
|
||||||
|
// of seconds (ignoring skip-seconds) since the Unix Epoch.
|
||||||
|
type UnixTime time.Time
|
||||||
|
|
||||||
|
// Duration returns the time as a Duration since the UnixEpoch.
|
||||||
|
func (t UnixTime) Duration() time.Duration {
|
||||||
|
return time.Time(t).Sub(unixEpoch)
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewUnixTimeFromSeconds creates a UnixTime as a number of seconds from the UnixEpoch.
|
||||||
|
func NewUnixTimeFromSeconds(seconds float64) UnixTime {
|
||||||
|
return NewUnixTimeFromDuration(time.Duration(seconds * float64(time.Second)))
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewUnixTimeFromNanoseconds creates a UnixTime as a number of nanoseconds from the UnixEpoch.
|
||||||
|
func NewUnixTimeFromNanoseconds(nanoseconds int64) UnixTime {
|
||||||
|
return NewUnixTimeFromDuration(time.Duration(nanoseconds))
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewUnixTimeFromDuration creates a UnixTime as a duration of time since the UnixEpoch.
|
||||||
|
func NewUnixTimeFromDuration(dur time.Duration) UnixTime {
|
||||||
|
return UnixTime(unixEpoch.Add(dur))
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnixEpoch retreives the moment considered the Unix Epoch. I.e. The time represented by '0'
|
||||||
|
func UnixEpoch() time.Time {
|
||||||
|
return unixEpoch
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalJSON preserves the UnixTime as a JSON number conforming to Unix Timestamp requirements.
|
||||||
|
// (i.e. the number of seconds since midnight January 1st, 1970 not considering leap seconds.)
|
||||||
|
func (t UnixTime) MarshalJSON() ([]byte, error) {
|
||||||
|
buffer := &bytes.Buffer{}
|
||||||
|
enc := json.NewEncoder(buffer)
|
||||||
|
err := enc.Encode(float64(time.Time(t).UnixNano()) / 1e9)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return buffer.Bytes(), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalJSON reconstitures a UnixTime saved as a JSON number of the number of seconds since
|
||||||
|
// midnight January 1st, 1970.
|
||||||
|
func (t *UnixTime) UnmarshalJSON(text []byte) error {
|
||||||
|
dec := json.NewDecoder(bytes.NewReader(text))
|
||||||
|
|
||||||
|
var secondsSinceEpoch float64
|
||||||
|
if err := dec.Decode(&secondsSinceEpoch); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
*t = NewUnixTimeFromSeconds(secondsSinceEpoch)
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalText stores the number of seconds since the Unix Epoch as a textual floating point number.
|
||||||
|
func (t UnixTime) MarshalText() ([]byte, error) {
|
||||||
|
cast := time.Time(t)
|
||||||
|
return cast.MarshalText()
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalText populates a UnixTime with a value stored textually as a floating point number of seconds since the Unix Epoch.
|
||||||
|
func (t *UnixTime) UnmarshalText(raw []byte) error {
|
||||||
|
var unmarshaled time.Time
|
||||||
|
|
||||||
|
if err := unmarshaled.UnmarshalText(raw); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
*t = UnixTime(unmarshaled)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary converts a UnixTime into a binary.LittleEndian float64 of nanoseconds since the epoch.
|
||||||
|
func (t UnixTime) MarshalBinary() ([]byte, error) {
|
||||||
|
buf := &bytes.Buffer{}
|
||||||
|
|
||||||
|
payload := int64(t.Duration())
|
||||||
|
|
||||||
|
if err := binary.Write(buf, binary.LittleEndian, &payload); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return buf.Bytes(), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary converts a from a binary.LittleEndian float64 of nanoseconds since the epoch into a UnixTime.
|
||||||
|
func (t *UnixTime) UnmarshalBinary(raw []byte) error {
|
||||||
|
var nanosecondsSinceEpoch int64
|
||||||
|
|
||||||
|
if err := binary.Read(bytes.NewReader(raw), binary.LittleEndian, &nanosecondsSinceEpoch); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*t = NewUnixTimeFromNanoseconds(nanosecondsSinceEpoch)
|
||||||
|
return nil
|
||||||
|
}
|
|
@ -28,6 +28,9 @@ type DetailedError struct {
|
||||||
|
|
||||||
// Message is the error message.
|
// Message is the error message.
|
||||||
Message string
|
Message string
|
||||||
|
|
||||||
|
// Service Error is the response body of failed API in bytes
|
||||||
|
ServiceError []byte
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewError creates a new Error conforming object from the passed packageType, method, and
|
// NewError creates a new Error conforming object from the passed packageType, method, and
|
||||||
|
|
|
@ -4,7 +4,9 @@ import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
"mime/multipart"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
|
@ -181,6 +183,16 @@ func WithBaseURL(baseURL string) PrepareDecorator {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// WithCustomBaseURL returns a PrepareDecorator that replaces brace-enclosed keys within the
|
||||||
|
// request base URL (i.e., http.Request.URL) with the corresponding values from the passed map.
|
||||||
|
func WithCustomBaseURL(baseURL string, urlParameters map[string]interface{}) PrepareDecorator {
|
||||||
|
parameters := ensureValueStrings(urlParameters)
|
||||||
|
for key, value := range parameters {
|
||||||
|
baseURL = strings.Replace(baseURL, "{"+key+"}", value, -1)
|
||||||
|
}
|
||||||
|
return WithBaseURL(baseURL)
|
||||||
|
}
|
||||||
|
|
||||||
// WithFormData returns a PrepareDecoratore that "URL encodes" (e.g., bar=baz&foo=quux) into the
|
// WithFormData returns a PrepareDecoratore that "URL encodes" (e.g., bar=baz&foo=quux) into the
|
||||||
// http.Request body.
|
// http.Request body.
|
||||||
func WithFormData(v url.Values) PrepareDecorator {
|
func WithFormData(v url.Values) PrepareDecorator {
|
||||||
|
@ -197,6 +209,64 @@ func WithFormData(v url.Values) PrepareDecorator {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// WithMultiPartFormData returns a PrepareDecoratore that "URL encodes" (e.g., bar=baz&foo=quux) form parameters
|
||||||
|
// into the http.Request body.
|
||||||
|
func WithMultiPartFormData(formDataParameters map[string]interface{}) PrepareDecorator {
|
||||||
|
return func(p Preparer) Preparer {
|
||||||
|
return PreparerFunc(func(r *http.Request) (*http.Request, error) {
|
||||||
|
r, err := p.Prepare(r)
|
||||||
|
if err == nil {
|
||||||
|
var body bytes.Buffer
|
||||||
|
writer := multipart.NewWriter(&body)
|
||||||
|
for key, value := range formDataParameters {
|
||||||
|
if rc, ok := value.(io.ReadCloser); ok {
|
||||||
|
var fd io.Writer
|
||||||
|
if fd, err = writer.CreateFormFile(key, key); err != nil {
|
||||||
|
return r, err
|
||||||
|
}
|
||||||
|
if _, err = io.Copy(fd, rc); err != nil {
|
||||||
|
return r, err
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if err = writer.WriteField(key, ensureValueString(value)); err != nil {
|
||||||
|
return r, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if err = writer.Close(); err != nil {
|
||||||
|
return r, err
|
||||||
|
}
|
||||||
|
if r.Header == nil {
|
||||||
|
r.Header = make(http.Header)
|
||||||
|
}
|
||||||
|
r.Header.Set(http.CanonicalHeaderKey(headerContentType), writer.FormDataContentType())
|
||||||
|
r.Body = ioutil.NopCloser(bytes.NewReader(body.Bytes()))
|
||||||
|
r.ContentLength = int64(body.Len())
|
||||||
|
return r, err
|
||||||
|
}
|
||||||
|
return r, err
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithFile returns a PrepareDecorator that sends file in request body.
|
||||||
|
func WithFile(f io.ReadCloser) PrepareDecorator {
|
||||||
|
return func(p Preparer) Preparer {
|
||||||
|
return PreparerFunc(func(r *http.Request) (*http.Request, error) {
|
||||||
|
r, err := p.Prepare(r)
|
||||||
|
if err == nil {
|
||||||
|
b, err := ioutil.ReadAll(f)
|
||||||
|
if err != nil {
|
||||||
|
return r, err
|
||||||
|
}
|
||||||
|
r.Body = ioutil.NopCloser(bytes.NewReader(b))
|
||||||
|
r.ContentLength = int64(len(b))
|
||||||
|
}
|
||||||
|
return r, err
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// WithBool returns a PrepareDecorator that encodes the passed bool into the body of the request
|
// WithBool returns a PrepareDecorator that encodes the passed bool into the body of the request
|
||||||
// and sets the Content-Length header.
|
// and sets the Content-Length header.
|
||||||
func WithBool(v bool) PrepareDecorator {
|
func WithBool(v bool) PrepareDecorator {
|
||||||
|
@ -356,18 +426,3 @@ func WithQueryParameters(queryParameters map[string]interface{}) PrepareDecorato
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Authorizer is the interface that provides a PrepareDecorator used to supply request
|
|
||||||
// authorization. Most often, the Authorizer decorator runs last so it has access to the full
|
|
||||||
// state of the formed HTTP request.
|
|
||||||
type Authorizer interface {
|
|
||||||
WithAuthorization() PrepareDecorator
|
|
||||||
}
|
|
||||||
|
|
||||||
// NullAuthorizer implements a default, "do nothing" Authorizer.
|
|
||||||
type NullAuthorizer struct{}
|
|
||||||
|
|
||||||
// WithAuthorization returns a PrepareDecorator that does nothing.
|
|
||||||
func (na NullAuthorizer) WithAuthorization() PrepareDecorator {
|
|
||||||
return WithNothing()
|
|
||||||
}
|
|
||||||
|
|
|
@ -5,6 +5,7 @@ import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"encoding/xml"
|
"encoding/xml"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
|
@ -87,6 +88,24 @@ func ByCopying(b *bytes.Buffer) RespondDecorator {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ByDiscardingBody returns a RespondDecorator that first invokes the passed Responder after which
|
||||||
|
// it copies the remaining bytes (if any) in the response body to ioutil.Discard. Since the passed
|
||||||
|
// Responder is invoked prior to discarding the response body, the decorator may occur anywhere
|
||||||
|
// within the set.
|
||||||
|
func ByDiscardingBody() RespondDecorator {
|
||||||
|
return func(r Responder) Responder {
|
||||||
|
return ResponderFunc(func(resp *http.Response) error {
|
||||||
|
err := r.Respond(resp)
|
||||||
|
if err == nil && resp != nil && resp.Body != nil {
|
||||||
|
if _, err := io.Copy(ioutil.Discard, resp.Body); err != nil {
|
||||||
|
return fmt.Errorf("Error discarding the response body: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// ByClosing returns a RespondDecorator that first invokes the passed Responder after which it
|
// ByClosing returns a RespondDecorator that first invokes the passed Responder after which it
|
||||||
// closes the response body. Since the passed Responder is invoked prior to closing the response
|
// closes the response body. Since the passed Responder is invoked prior to closing the response
|
||||||
// body, the decorator may occur anywhere within the set.
|
// body, the decorator may occur anywhere within the set.
|
||||||
|
@ -128,6 +147,8 @@ func ByUnmarshallingJSON(v interface{}) RespondDecorator {
|
||||||
err := r.Respond(resp)
|
err := r.Respond(resp)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
b, errInner := ioutil.ReadAll(resp.Body)
|
b, errInner := ioutil.ReadAll(resp.Body)
|
||||||
|
// Some responses might include a BOM, remove for successful unmarshalling
|
||||||
|
b = bytes.TrimPrefix(b, []byte("\xef\xbb\xbf"))
|
||||||
if errInner != nil {
|
if errInner != nil {
|
||||||
err = fmt.Errorf("Error occurred reading http.Response#Body - Error = '%v'", errInner)
|
err = fmt.Errorf("Error occurred reading http.Response#Body - Error = '%v'", errInner)
|
||||||
} else if len(strings.Trim(string(b), " ")) > 0 {
|
} else if len(strings.Trim(string(b), " ")) > 0 {
|
||||||
|
@ -165,17 +186,24 @@ func ByUnmarshallingXML(v interface{}) RespondDecorator {
|
||||||
}
|
}
|
||||||
|
|
||||||
// WithErrorUnlessStatusCode returns a RespondDecorator that emits an error unless the response
|
// WithErrorUnlessStatusCode returns a RespondDecorator that emits an error unless the response
|
||||||
// StatusCode is among the set passed. Since these are artificial errors, the response body
|
// StatusCode is among the set passed. On error, response body is fully read into a buffer and
|
||||||
// may still require closing.
|
// presented in the returned error, as well as in the response body.
|
||||||
func WithErrorUnlessStatusCode(codes ...int) RespondDecorator {
|
func WithErrorUnlessStatusCode(codes ...int) RespondDecorator {
|
||||||
return func(r Responder) Responder {
|
return func(r Responder) Responder {
|
||||||
return ResponderFunc(func(resp *http.Response) error {
|
return ResponderFunc(func(resp *http.Response) error {
|
||||||
err := r.Respond(resp)
|
err := r.Respond(resp)
|
||||||
if err == nil && !ResponseHasStatusCode(resp, codes...) {
|
if err == nil && !ResponseHasStatusCode(resp, codes...) {
|
||||||
err = NewErrorWithResponse("autorest", "WithErrorUnlessStatusCode", resp, "%v %v failed with %s",
|
derr := NewErrorWithResponse("autorest", "WithErrorUnlessStatusCode", resp, "%v %v failed with %s",
|
||||||
resp.Request.Method,
|
resp.Request.Method,
|
||||||
resp.Request.URL,
|
resp.Request.URL,
|
||||||
resp.Status)
|
resp.Status)
|
||||||
|
if resp.Body != nil {
|
||||||
|
defer resp.Body.Close()
|
||||||
|
b, _ := ioutil.ReadAll(resp.Body)
|
||||||
|
derr.ServiceError = b
|
||||||
|
resp.Body = ioutil.NopCloser(bytes.NewReader(b))
|
||||||
|
}
|
||||||
|
err = derr
|
||||||
}
|
}
|
||||||
return err
|
return err
|
||||||
})
|
})
|
||||||
|
|
|
@ -73,7 +73,7 @@ func SendWithSender(s Sender, r *http.Request, decorators ...SendDecorator) (*ht
|
||||||
func AfterDelay(d time.Duration) SendDecorator {
|
func AfterDelay(d time.Duration) SendDecorator {
|
||||||
return func(s Sender) Sender {
|
return func(s Sender) Sender {
|
||||||
return SenderFunc(func(r *http.Request) (*http.Response, error) {
|
return SenderFunc(func(r *http.Request) (*http.Response, error) {
|
||||||
if !DelayForBackoff(d, 1, r.Cancel) {
|
if !DelayForBackoff(d, 0, r.Cancel) {
|
||||||
return nil, fmt.Errorf("autorest: AfterDelay canceled before full delay")
|
return nil, fmt.Errorf("autorest: AfterDelay canceled before full delay")
|
||||||
}
|
}
|
||||||
return s.Do(r)
|
return s.Do(r)
|
||||||
|
@ -97,7 +97,7 @@ func DoCloseIfError() SendDecorator {
|
||||||
return SenderFunc(func(r *http.Request) (*http.Response, error) {
|
return SenderFunc(func(r *http.Request) (*http.Response, error) {
|
||||||
resp, err := s.Do(r)
|
resp, err := s.Do(r)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
Respond(resp, ByClosing())
|
Respond(resp, ByDiscardingBody(), ByClosing())
|
||||||
}
|
}
|
||||||
return resp, err
|
return resp, err
|
||||||
})
|
})
|
||||||
|
@ -156,6 +156,7 @@ func DoPollForStatusCodes(duration time.Duration, delay time.Duration, codes ...
|
||||||
|
|
||||||
for err == nil && ResponseHasStatusCode(resp, codes...) {
|
for err == nil && ResponseHasStatusCode(resp, codes...) {
|
||||||
Respond(resp,
|
Respond(resp,
|
||||||
|
ByDiscardingBody(),
|
||||||
ByClosing())
|
ByClosing())
|
||||||
resp, err = SendWithSender(s, r,
|
resp, err = SendWithSender(s, r,
|
||||||
AfterDelay(GetRetryAfter(resp, delay)))
|
AfterDelay(GetRetryAfter(resp, delay)))
|
||||||
|
@ -257,6 +258,8 @@ func WithLogging(logger *log.Logger) SendDecorator {
|
||||||
// passed attempt (i.e., an exponential backoff delay). Backoff duration is in seconds and can set
|
// passed attempt (i.e., an exponential backoff delay). Backoff duration is in seconds and can set
|
||||||
// to zero for no delay. The delay may be canceled by closing the passed channel. If terminated early,
|
// to zero for no delay. The delay may be canceled by closing the passed channel. If terminated early,
|
||||||
// returns false.
|
// returns false.
|
||||||
|
// Note: Passing attempt 1 will result in doubling "backoff" duration. Treat this as a zero-based attempt
|
||||||
|
// count.
|
||||||
func DelayForBackoff(backoff time.Duration, attempt int, cancel <-chan struct{}) bool {
|
func DelayForBackoff(backoff time.Duration, attempt int, cancel <-chan struct{}) bool {
|
||||||
select {
|
select {
|
||||||
case <-time.After(time.Duration(backoff.Seconds()*math.Pow(2, float64(attempt))) * time.Second):
|
case <-time.After(time.Duration(backoff.Seconds()*math.Pow(2, float64(attempt))) * time.Second):
|
||||||
|
|
|
@ -7,6 +7,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
"reflect"
|
||||||
"sort"
|
"sort"
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
@ -106,6 +107,22 @@ func ensureValueString(value interface{}) string {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// MapToValues method converts map[string]interface{} to url.Values.
|
||||||
|
func MapToValues(m map[string]interface{}) url.Values {
|
||||||
|
v := url.Values{}
|
||||||
|
for key, value := range m {
|
||||||
|
x := reflect.ValueOf(value)
|
||||||
|
if x.Kind() == reflect.Array || x.Kind() == reflect.Slice {
|
||||||
|
for i := 0; i < x.Len(); i++ {
|
||||||
|
v.Add(key, ensureValueString(x.Index(i)))
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
v.Add(key, ensureValueString(value))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return v
|
||||||
|
}
|
||||||
|
|
||||||
// String method converts interface v to string. If interface is a list, it
|
// String method converts interface v to string. If interface is a list, it
|
||||||
// joins list elements using separator.
|
// joins list elements using separator.
|
||||||
func String(v interface{}, sep ...string) string {
|
func String(v interface{}, sep ...string) string {
|
||||||
|
|
|
@ -1,18 +1,35 @@
|
||||||
package autorest
|
package autorest
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"strings"
|
||||||
|
"sync"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
major = "7"
|
major = 8
|
||||||
minor = "0"
|
minor = 0
|
||||||
patch = "0"
|
patch = 0
|
||||||
tag = ""
|
tag = ""
|
||||||
semVerFormat = "%s.%s.%s%s"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var once sync.Once
|
||||||
|
var version string
|
||||||
|
|
||||||
// Version returns the semantic version (see http://semver.org).
|
// Version returns the semantic version (see http://semver.org).
|
||||||
func Version() string {
|
func Version() string {
|
||||||
return fmt.Sprintf(semVerFormat, major, minor, patch, tag)
|
once.Do(func() {
|
||||||
|
semver := fmt.Sprintf("%d.%d.%d", major, minor, patch)
|
||||||
|
verBuilder := bytes.NewBufferString(semver)
|
||||||
|
if tag != "" && tag != "-" {
|
||||||
|
updated := strings.TrimPrefix(tag, "-")
|
||||||
|
_, err := verBuilder.WriteString("-" + updated)
|
||||||
|
if err == nil {
|
||||||
|
verBuilder = bytes.NewBufferString(semver)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
version = verBuilder.String()
|
||||||
|
})
|
||||||
|
return version
|
||||||
}
|
}
|
||||||
|
|
|
@ -63,34 +63,56 @@
|
||||||
"versionExact": "v10.0.3-beta"
|
"versionExact": "v10.0.3-beta"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "pi00alAztMy9MGxJmvg9qC+tsGk=",
|
"checksumSHA1": "NwbvjCz9Xo4spo0C96Tq6WCLX7U=",
|
||||||
"comment": "v7.0.7",
|
"comment": "v7.0.7",
|
||||||
"path": "github.com/Azure/go-autorest/autorest",
|
"path": "github.com/Azure/go-autorest/autorest",
|
||||||
"revision": "6f40a8acfe03270d792cb8155e2942c09d7cff95"
|
"revision": "58f6f26e200fa5dfb40c9cd1c83f3e2c860d779d",
|
||||||
|
"revisionTime": "2017-04-28T17:52:31Z",
|
||||||
|
"version": "=v8.0.0",
|
||||||
|
"versionExact": "v8.0.0"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "z8FwqeLK0Pluo7FYC5k2MVBoils=",
|
"checksumSHA1": "KOETWLsF6QW+lrPVPsMNHDZP+xA=",
|
||||||
|
"path": "github.com/Azure/go-autorest/autorest/adal",
|
||||||
|
"revision": "58f6f26e200fa5dfb40c9cd1c83f3e2c860d779d",
|
||||||
|
"revisionTime": "2017-04-28T17:52:31Z",
|
||||||
|
"version": "=v8.0.0",
|
||||||
|
"versionExact": "v8.0.0"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"checksumSHA1": "2KdBFgT4qY+fMOkBTa5vA9V0AiM=",
|
||||||
"comment": "v7.0.7",
|
"comment": "v7.0.7",
|
||||||
"path": "github.com/Azure/go-autorest/autorest/azure",
|
"path": "github.com/Azure/go-autorest/autorest/azure",
|
||||||
"revision": "6f40a8acfe03270d792cb8155e2942c09d7cff95"
|
"revision": "58f6f26e200fa5dfb40c9cd1c83f3e2c860d779d",
|
||||||
|
"revisionTime": "2017-04-28T17:52:31Z",
|
||||||
|
"version": "=v8.0.0",
|
||||||
|
"versionExact": "v8.0.0"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "q4bSpJ5t571H3ny1PwIgTn6g75E=",
|
"checksumSHA1": "LSF/pNrjhIxl6jiS6bKooBFCOxI=",
|
||||||
"comment": "v7.0.7",
|
"comment": "v7.0.7",
|
||||||
"path": "github.com/Azure/go-autorest/autorest/date",
|
"path": "github.com/Azure/go-autorest/autorest/date",
|
||||||
"revision": "6f40a8acfe03270d792cb8155e2942c09d7cff95"
|
"revision": "58f6f26e200fa5dfb40c9cd1c83f3e2c860d779d",
|
||||||
|
"revisionTime": "2017-04-28T17:52:31Z",
|
||||||
|
"version": "=v8.0.0",
|
||||||
|
"versionExact": "v8.0.0"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "Ev8qCsbFjDlMlX0N2tYAhYQFpUc=",
|
"checksumSHA1": "Ev8qCsbFjDlMlX0N2tYAhYQFpUc=",
|
||||||
"comment": "v7.0.7",
|
"comment": "v7.0.7",
|
||||||
"path": "github.com/Azure/go-autorest/autorest/to",
|
"path": "github.com/Azure/go-autorest/autorest/to",
|
||||||
"revision": "6f40a8acfe03270d792cb8155e2942c09d7cff95"
|
"revision": "58f6f26e200fa5dfb40c9cd1c83f3e2c860d779d",
|
||||||
|
"revisionTime": "2017-04-28T17:52:31Z",
|
||||||
|
"version": "=v8.0.0",
|
||||||
|
"versionExact": "v8.0.0"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "oBixceM+55gdk47iff8DSEIh3po=",
|
"checksumSHA1": "oBixceM+55gdk47iff8DSEIh3po=",
|
||||||
"path": "github.com/Azure/go-autorest/autorest/validation",
|
"path": "github.com/Azure/go-autorest/autorest/validation",
|
||||||
"revision": "58f6f26e200fa5dfb40c9cd1c83f3e2c860d779d",
|
"revision": "58f6f26e200fa5dfb40c9cd1c83f3e2c860d779d",
|
||||||
"revisionTime": "2017-04-28T17:52:31Z"
|
"revisionTime": "2017-04-28T17:52:31Z",
|
||||||
|
"version": "=v8.0.0",
|
||||||
|
"versionExact": "v8.0.0"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"checksumSHA1": "TgrN0l/E16deTlLYNt8wf66urSU=",
|
"checksumSHA1": "TgrN0l/E16deTlLYNt8wf66urSU=",
|
||||||
|
|
Loading…
Reference in New Issue