matterbridge/vendor/github.com/yaegashi/msgraph.go/msauth/README.md

2.8 KiB

msauth

Introduction

Very simple package to authorize applications against Microsoft identity platform.

It utilizes v2.0 endpoint so that it can authorize users using both personal (Microsoft) and organizational (Azure AD) account.

Usage

Device authorization grant

const (
	tenantID     = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
	clientID     = "YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY"
	tokenCachePath  = "token_cache.json"
)

var scopes = []string{"openid", "profile", "offline_access", "User.Read", "Files.Read"}

	ctx := context.Background()
	m := msauth.NewManager()
	m.LoadFile(tokenCachePath)
	ts, err := m.DeviceAuthorizationGrant(ctx, tenantID, clientID, scopes, nil)
	if err != nil {
		log.Fatal(err)
	}
	m.SaveFile(tokenCachePath)

	httpClient := oauth2.NewClient(ctx, ts)
	...

Client credentials grant

const (
	tenantID     = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
	clientID     = "YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY"
	clientSecret = "ZZZZZZZZZZZZZZZZZZZZZZZZ"
)

var scopes = []string{msauth.DefaultMSGraphScope}

	ctx := context.Background()
	m := msauth.NewManager()
	ts, err := m.ClientCredentialsGrant(ctx, tenantID, clientID, clientSecret, scopes)
	if err != nil {
		log.Fatal(err)
	}

	httpClient := oauth2.NewClient(ctx, ts)
    ...

Resource owner password credentials grant

const (
	tenantID     = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
	clientID     = "YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY"
	clientSecret = "ZZZZZZZZZZZZZZZZZZZZZZZZ"
	username     = "user.name@your-domain.com"
	password     = "secure-password"
)

var scopes = []string{msauth.DefaultMSGraphScope}

	ctx := context.Background()
	m := msauth.NewManager()
	ts, err := m.ResourceOwnerPasswordGrant(ctx, tenantID, clientID, clientSecret, username, password, scopes)
	if err != nil {
		log.Fatal(err)
	}

	httpClient := oauth2.NewClient(ctx, ts)
    ...

Authorization code grant