Skip to content

Instantly share code, notes, and snippets.

@stesie

stesie/serverless-azure-functions-auth.patch

Created October 9, 2018 11:31
Show Gist options
  • Save stesie/5ae160647d6ff29a69a4ad7372d706f7 to your computer and use it in GitHub Desktop.
Save stesie/5ae160647d6ff29a69a4ad7372d706f7 to your computer and use it in GitHub Desktop.
Download ZIP
Patch against serverless-azure-functions to use credentials from ~/.azure/accessTokens.json
Raw
serverless-azure-functions-auth.patch
diff -ur a/node_modules/serverless-azure-functions/provider/azureProvider.js b/node_modules/serverless-azure-functions/provider/azureProvider.js
--- a/node_modules/serverless-azure-functions/provider/azureProvider.js 2018-10-09 11:53:42.151689784 +0200
+++ b/node_modules/serverless-azure-functions/provider/azureProvider.js 2018-10-09 13:18:20.771792944 +0200
@@ -5,6 +5,8 @@
const resourceManagement = require('azure-arm-resource');
const path = require('path');
const fs = require('fs');
+const os = require('os');
+const msRestAzure = require('ms-rest-azure');
const request = require('request');
const dns = require('dns');
const jsonpath = require('jsonpath');
@@ -21,6 +23,7 @@
let functionsAdminKey;
let invocationId;
let principalCredentials;
+let accessToken;
let existingFunctionApp = false;
const deployedFunctionNames = [];
@@ -58,19 +61,64 @@
}
Login() {
- return login({ interactiveLoginHandler: (code, message) => {
- // Override the interactive login handler, in order to be
- // able to append the Serverless prefix to the displayed message.
- this.serverless.cli.log(message);
- }}).then((result) => {
- principalCredentials = result.credentials;
- subscriptionId = result.subscriptionId;
-
- return principalCredentials;
- }).catch((error) => {
- error.message = error.message || (error.body ? error.body.message : 'Failed logging in to Azure');
- throw error;
+ const tokens = new Promise((resolve, reject) => {
+ fs.readFile(path.join(os.homedir(), '.azure/accessTokens.json'), { encoding: 'utf8' }, (err, data) => {
+ if (err) {
+ return reject(err);
+ }
+
+ const tokens = JSON.parse(data.replace(/^\uFEFF/, ''));
+ if (typeof tokens !== 'object') {
+ return reject('Unable to parse JSON payload of accessTokens.json');
+ }
+
+ resolve(_.map(tokens, x => { x.expiresOn = new Date(x.expiresOn); return x; }));
+ });
});
+
+ const profile = new Promise((resolve, reject) => {
+ fs.readFile(path.join(os.homedir(), '.azure/azureProfile.json'), { encoding: 'utf8' }, (err, data) => {
+ if (err) {
+ return reject(err);
+ }
+
+ const profile = JSON.parse(data.replace(/^\uFEFF/, ''));
+ if (typeof profile !== 'object') {
+ return reject('Unable to parse JSON payload of azureProfile.json');
+ }
+
+ resolve(profile);
+ });
+ });
+
+ return Promise.all([ tokens, profile ])
+ .then(([tokens, profile]) => {
+ const defaultSubscriptions = _.filter(profile.subscriptions, x => x.isDefault);
+
+ if (defaultSubscriptions.length === 0) {
+ return Promise.reject('No default subscription');
+ }
+
+ if (tokens.length === 0) {
+ return Promise.reject('No tokens found');
+ }
+
+ const username = tokens[0].userId;
+
+ subscriptionId = defaultSubscriptions[0].id;
+ principalCredentials = new msRestAzure.DeviceTokenCredentials({ username });
+ principalCredentials.tokenCache.add(tokens, () => true);
+
+ return new Promise((resolve, reject) => {
+ principalCredentials.getToken((err, result) => {
+ if (err) {
+ return reject(err);
+ }
+ accessToken = result.accessToken;
+ resolve();
+ });
+ });
+ });
}
CreateResourceGroup () {
@@ -203,7 +251,7 @@
url: `https://${functionAppName}${config.scmDomain}${config.masterKeyApiPath}`,
json: true,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken
+ Authorization: config.bearer + accessToken
}
};
@@ -274,7 +322,7 @@
url: requestUrl,
json: true,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken,
+ Authorization: config.bearer + accessToken,
Accept: 'application/json,*/*'
}
};
@@ -309,7 +357,7 @@
const logOptions = {
url: `https://${functionAppName}${config.scmDomain}${config.logStreamApiPath}${functionName}`,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken,
+ Authorization: config.bearer + accessToken,
Accept: '*/*'
}
};
@@ -329,7 +377,7 @@
method: 'GET',
json: true,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken
+ Authorization: config.bearer + accessToken
}
};
@@ -352,7 +400,7 @@
method: 'GET',
json: true,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken
+ Authorization: config.bearer + accessToken
}
};
@@ -446,7 +494,7 @@
url: requestUrl,
json: true,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken,
+ Authorization: config.bearer + accessToken,
'Accept': 'application/json,*/*'
}
};
@@ -477,7 +525,7 @@
url: requestUrl,
json: true,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken,
+ Authorization: config.bearer + accessToken,
Accept: 'application/json'
}
};
@@ -521,7 +569,7 @@
url: requestUrl,
json: true,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken,
+ Authorization: config.bearer + accessToken,
Accept: '*/*'
}
};
@@ -548,7 +596,7 @@
url: requestUrl,
json: true,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken,
+ Authorization: config.bearer + accessToken,
Accept: '*/*'
}
};
@@ -598,7 +646,7 @@
const options = {
url: requestUrl,
headers: {
- Authorization: config.bearer + principalCredentials.tokenCache._entries[0].accessToken,
+ Authorization: config.bearer + accessToken,
Accept: '*/*'
}
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment