mirror of
https://github.com/42wim/matterbridge.git
synced 2024-12-18 06:52:01 -08:00
2.8 KiB
2.8 KiB
msauth
Introduction
Very simple package to authorize applications against Microsoft identity platform.
It utilizes v2.0 endpoint so that it can authorize users using both personal (Microsoft) and organizational (Azure AD) account.
Usage
Device authorization grant
const (
tenantID = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
clientID = "YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY"
tokenCachePath = "token_cache.json"
)
var scopes = []string{"openid", "profile", "offline_access", "User.Read", "Files.Read"}
ctx := context.Background()
m := msauth.NewManager()
m.LoadFile(tokenCachePath)
ts, err := m.DeviceAuthorizationGrant(ctx, tenantID, clientID, scopes, nil)
if err != nil {
log.Fatal(err)
}
m.SaveFile(tokenCachePath)
httpClient := oauth2.NewClient(ctx, ts)
...
Client credentials grant
const (
tenantID = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
clientID = "YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY"
clientSecret = "ZZZZZZZZZZZZZZZZZZZZZZZZ"
)
var scopes = []string{msauth.DefaultMSGraphScope}
ctx := context.Background()
m := msauth.NewManager()
ts, err := m.ClientCredentialsGrant(ctx, tenantID, clientID, clientSecret, scopes)
if err != nil {
log.Fatal(err)
}
httpClient := oauth2.NewClient(ctx, ts)
...
Resource owner password credentials grant
const (
tenantID = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
clientID = "YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY"
clientSecret = "ZZZZZZZZZZZZZZZZZZZZZZZZ"
username = "user.name@your-domain.com"
password = "secure-password"
)
var scopes = []string{msauth.DefaultMSGraphScope}
ctx := context.Background()
m := msauth.NewManager()
ts, err := m.ResourceOwnerPasswordGrant(ctx, tenantID, clientID, clientSecret, username, password, scopes)
if err != nil {
log.Fatal(err)
}
httpClient := oauth2.NewClient(ctx, ts)
...
Authorization code grant
- OAuth 2.0 authorization code grant flow
- Not yet implemented.