Skip to content

Instantly share code, notes, and snippets.

@vladbarosan
Last active July 30, 2020 08:50
Show Gist options
  • Save vladbarosan/74019046b8e9c9a49ff67d6634e7736d to your computer and use it in GitHub Desktop.
Save vladbarosan/74019046b8e9c9a49ff67d6634e7736d to your computer and use it in GitHub Desktop.
aadAuthCodeExample.go
package main
import (
"fmt"
"math/rand"
"net/http"
"github.com/Azure/go-autorest/autorest/adal"
"github.com/Azure/go-autorest/autorest/azure"
)
const (
clientID = "<clientId>" //AAD App Client Id
clientSecret = "<clientsecret>" //AAD App Client Secret
tenant = "<tenant>" //Tenant of the AAD App
redirectURI = "http://localhost:3000/getAToken" //Redirect URI to be used by AAD after auth of user. This is user the Auth code is sent
resource = "<AAD resource to auth>" // ex: azure.PublicCloud.ResourceManagerEndpoint
)
var ()
// Auth handler which will redirect to AAD
func authHandler(w http.ResponseWriter, r *http.Request) {
token := randToken(48)
ck := http.Cookie{
Name: "state",
Value: token,
}
http.SetCookie(w, &ck)
authorizationURL := fmt.Sprintf("https://login.microsoftonline.com/%v/oauth2/authorize?response_type=code&client_id=%v&redirect_uri=%v&state=%v&resource=%v", tenant, clientID, redirectURI, token, resource)
http.Redirect(w, r, authorizationURL, 301)
}
// process the redirection from AAD
func aadAuthHandler(w http.ResponseWriter, r *http.Request) {
authorizationCode := r.URL.Query().Get("code")
env := azure.PublicCloud
ck, err := r.Cookie("state")
if err == nil && r.URL.Query().Get("state") != ck.Value {
fmt.Fprintf(w, "Error: State is not the same")
}
oauthConfig, err := adal.NewOAuthConfig(env.ActiveDirectoryEndpoint, tenant)
if err != nil {
fmt.Print(err)
}
spToken, err := adal.NewServicePrincipalTokenFromAuthorizationCode(*oauthConfig, clientID, clientSecret, authorizationCode, redirectURI, resource)
err = spToken.Refresh()
if err == nil {
fmt.Fprintf(w, "Hello with token %v", spToken.Token)
} else {
fmt.Fprintf(w, "Error receiving token %v", err)
}
}
func randToken(n int) string {
letters := []rune("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
b := make([]rune, n)
for i := range b {
b[i] = letters[rand.Intn(len(letters))]
}
return string(b)
}
func main() {
http.HandleFunc("/auth", authHandler)
http.HandleFunc("/getAToken", aadAuthHandler)
http.ListenAndServe(":3000", nil)
}
package main
import (
"context"
"fmt"
"math/rand"
"net/http"
"golang.org/x/oauth2"
"golang.org/x/oauth2/microsoft"
)
const (
clientID = "<clientId>" //AAD App Client Id
clientSecret = "<clientSecret>" //AAD App Client Secret
tenant = "<tenant>" //Tenant of the AAD App
redirectURI = "http://localhost:3011/getAToken" //Redirect URI to be used by AAD after auth of user. This is user the Auth code is sent
scope = "<AAD scope>" // ex: https://graph.microsoft.com/mail.read
)
var (
xOauth2Config = oauth2.Config{
ClientID: clientID,
ClientSecret: clientSecret,
RedirectURL: redirectURI,
Endpoint: microsoft.AzureADEndpoint(tenant),
Scopes: []string{scope},
}
)
// Auth handler which will redirect to AAD
func authHandler(w http.ResponseWriter, r *http.Request) {
state := randToken(48)
authorizationURL := xOauth2Config.AuthCodeURL(state)
http.Redirect(w, r, authorizationURL, 301)
}
// process the redirection from AAD
func aadAuthHandler(w http.ResponseWriter, r *http.Request) {
authorizationCode := r.URL.Query().Get("code")
ck, err := r.Cookie("state")
if err == nil && (r.URL.Query().Get("state") != ck.Value) {
fmt.Fprintf(w, "Error: State is not the same")
}
oAuthToken, err := xOauth2Config.Exchange(context.Background(), authorizationCode)
if err != nil {
fmt.Print(err)
}
fmt.Fprintf(w, "Hello with Oauth token %v", oAuthToken)
}
func homeHandler(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Welcome to testing golang")
}
func randToken(n int) string {
letters := []rune("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
b := make([]rune, n)
for i := range b {
b[i] = letters[rand.Intn(len(letters))]
}
return string(b)
}
func main() {
http.HandleFunc("/auth", authHandler)
http.HandleFunc("/getAToken", aadAuthHandler)
http.HandleFunc("/", homeHandler)
http.ListenAndServe(":3011", nil)
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment