зеркало из https://github.com/Azure/AzureGraph.git
update login functionality to match AzureRMR
This commit is contained in:
Родитель
5464c52dd3
Коммит
ba703ccd18
|
@ -1,6 +1,6 @@
|
|||
Package: AzureGraph
|
||||
Title: Simple Interface to 'Microsoft Graph'
|
||||
Version: 1.0.1
|
||||
Version: 1.0.1.9000
|
||||
Authors@R: c(
|
||||
person("Hong", "Ooi", , "hongooi@microsoft.com", role = c("aut", "cre")),
|
||||
person("Microsoft", role="cph")
|
||||
|
|
4
NEWS.md
4
NEWS.md
|
@ -1,3 +1,7 @@
|
|||
# AzureGraph 1.0.1.9000
|
||||
|
||||
- Changes to login functionality to better accommodate AzureAuth options. As part of this, the `config_file` argument for `az_graph$new` has been removed; to use a configuration file, call the (recommended) `create_graph_login` function.
|
||||
|
||||
# AzureGraph 1.0.1
|
||||
|
||||
- Fix some bugs in the login functionality.
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
#' @param host Your Microsoft Graph host. Defaults to `https://graph.microsoft.com/`. Change this if you are using a government or private cloud.
|
||||
#' @param aad_host Azure Active Directory host for authentication. Defaults to `https://login.microsoftonline.com/`. Change this if you are using a government or private cloud.
|
||||
#' @param config_file Optionally, a JSON file containing any of the arguments listed above. Arguments supplied in this file take priority over those supplied on the command line. You can also use the output from the Azure CLI `az ad sp create-for-rbac` command.
|
||||
#' @param token Optionally, an OAuth 2.0 token, of class [AzureAuth::AzureToken]. This allows you to reuse the authentication details for an existing session. If supplied, all other arguments to `create_graph_login` will be ignored.
|
||||
#' @param refresh For `get_graph_login`, whether to refresh the authentication token on loading the client.
|
||||
#' @param selection For `get_graph_login`, if you have multiple logins for a given tenant, which one to use. This can be a number, or the input MD5 hash of the token used for the login. If not supplied, `get_graph_login` will print a menu and ask you to choose a login.
|
||||
#' @param confirm For `delete_graph_login`, whether to ask for confirmation before deleting.
|
||||
|
@ -53,43 +54,48 @@
|
|||
#' }
|
||||
#' @rdname graph_login
|
||||
#' @export
|
||||
create_graph_login <- function(tenant="common", app=.az_cli_app_id, password=NULL, username=NULL, auth_type=NULL,
|
||||
create_graph_login <- function(tenant="common", app=.az_cli_app_id,
|
||||
password=NULL, username=NULL, certificate=NULL, auth_type=NULL,
|
||||
host="https://graph.microsoft.com/", aad_host="https://login.microsoftonline.com/",
|
||||
config_file=NULL, ...)
|
||||
config_file=NULL, token=NULL, ...)
|
||||
{
|
||||
if(!is.null(config_file))
|
||||
if(!is_azure_token(token))
|
||||
{
|
||||
conf <- jsonlite::fromJSON(config_file)
|
||||
if(!is.null(conf$tenant)) tenant <- conf$tenant
|
||||
if(!is.null(conf$app)) app <- conf$app
|
||||
if(!is.null(conf$auth_type)) auth_type <- conf$auth_type
|
||||
if(!is.null(conf$password)) password <- conf$password
|
||||
if(!is.null(conf$username)) username <- conf$username
|
||||
if(!is.null(conf$host)) host <- conf$host
|
||||
if(!is.null(conf$aad_host)) aad_host <- conf$aad_host
|
||||
if(!is.null(config_file))
|
||||
{
|
||||
conf <- jsonlite::fromJSON(config_file)
|
||||
call <- as.list(match.call())[-1]
|
||||
call$config_file <- NULL
|
||||
call <- lapply(modifyList(call, conf), function(x) eval.parent(x))
|
||||
return(do.call(create_graph_login, call))
|
||||
}
|
||||
|
||||
tenant <- normalize_tenant(tenant)
|
||||
app <- normalize_guid(app)
|
||||
|
||||
token_args <- list(resource=host,
|
||||
tenant=tenant,
|
||||
app=app,
|
||||
password=password,
|
||||
username=username,
|
||||
certificate=certificate,
|
||||
auth_type=auth_type,
|
||||
aad_host=aad_host,
|
||||
...)
|
||||
|
||||
hash <- do.call(token_hash, token_args)
|
||||
tokenfile <- file.path(AzureR_dir(), hash)
|
||||
if(file.exists(tokenfile))
|
||||
{
|
||||
message("Deleting existing Azure Active Directory token for this set of credentials")
|
||||
file.remove(tokenfile)
|
||||
}
|
||||
|
||||
message("Creating Microsoft Graph login for ", format_tenant(tenant))
|
||||
token <- do.call(get_azure_token, token_args)
|
||||
}
|
||||
|
||||
hash <- token_hash(
|
||||
resource=host,
|
||||
tenant=tenant,
|
||||
app=app,
|
||||
password=password,
|
||||
username=username,
|
||||
auth_type=auth_type,
|
||||
aad_host=aad_host
|
||||
)
|
||||
tokenfile <- file.path(AzureR_dir(), hash)
|
||||
if(file.exists(tokenfile))
|
||||
{
|
||||
message("Deleting existing Azure Active Directory token for this set of credentials")
|
||||
file.remove(tokenfile)
|
||||
}
|
||||
|
||||
tenant <- normalize_tenant(tenant)
|
||||
app <- normalize_guid(app)
|
||||
|
||||
message("Creating Microsoft Graph login for ", format_tenant(tenant))
|
||||
client <- ms_graph$new(tenant, app, password, username, auth_type, host, aad_host, config_file, ...)
|
||||
client <- ms_graph$new(token=token)
|
||||
|
||||
# save login info for future sessions
|
||||
graph_logins <- load_graph_logins()
|
||||
|
|
37
R/ms_graph.R
37
R/ms_graph.R
|
@ -30,7 +30,6 @@
|
|||
#' - `auth_type`: The OAuth authentication method to use, one of "client_credentials", "authorization_code", "device_code" or "resource_owner". See [get_azure_token] for how the default method is chosen, along with some caveats.
|
||||
#' - `host`: your Microsoft Graph host. Defaults to `https://graph.microsoft.com/`.
|
||||
#' - `aad_host`: Azure Active Directory host for authentication. Defaults to `https://login.microsoftonline.com/`. Change this if you are using a government or private cloud.
|
||||
#' - `config_file`: Optionally, a JSON file containing any of the arguments listed above. Arguments supplied in this file take priority over those supplied on the command line. You can also use the output from the Azure CLI `az ad sp create-for-rbac` command.
|
||||
#' - `token`: Optionally, an OAuth 2.0 token, of class [AzureAuth::AzureToken]. This allows you to reuse the authentication details for an existing session. If supplied, all other arguments will be ignored.
|
||||
#'
|
||||
#' @section App creation:
|
||||
|
@ -84,9 +83,10 @@ public=list(
|
|||
token=NULL,
|
||||
|
||||
# authenticate and get subscriptions
|
||||
initialize=function(tenant="common", app=.az_cli_app_id, password=NULL, username=NULL, auth_type=NULL,
|
||||
initialize=function(tenant="common", app=.az_cli_app_id,
|
||||
password=NULL, username=NULL, certificate=NULL, auth_type=NULL,
|
||||
host="https://graph.microsoft.com/", aad_host="https://login.microsoftonline.com/",
|
||||
config_file=NULL, token=NULL)
|
||||
token=NULL, ...)
|
||||
{
|
||||
if(is_azure_token(token))
|
||||
{
|
||||
|
@ -103,31 +103,20 @@ public=list(
|
|||
return(NULL)
|
||||
}
|
||||
|
||||
if(!is.null(config_file))
|
||||
{
|
||||
conf <- jsonlite::fromJSON(config_file)
|
||||
if(!is.null(conf$tenant)) tenant <- conf$tenant
|
||||
if(!is.null(conf$app)) app <- conf$app
|
||||
if(!is.null(conf$auth_type)) auth_type <- conf$auth_type
|
||||
if(!is.null(conf$password)) password <- conf$password
|
||||
if(!is.null(conf$username)) username <- conf$username
|
||||
if(!is.null(conf$graph_host)) host <- conf$graph_host
|
||||
if(!is.null(conf$aad_host)) aad_host <- conf$aad_host
|
||||
}
|
||||
|
||||
tenant <- normalize_tenant(tenant)
|
||||
self$host <- host
|
||||
self$tenant <- normalize_tenant(tenant)
|
||||
app <- normalize_guid(app)
|
||||
|
||||
self$host <- host
|
||||
self$tenant <- tenant
|
||||
|
||||
self$token <- get_azure_token(self$host,
|
||||
tenant=tenant,
|
||||
self$token <- get_azure_token(resource=self$host,
|
||||
tenant=self$tenant,
|
||||
app=app,
|
||||
password=password,
|
||||
username=username,
|
||||
auth_type=auth_type,
|
||||
aad_host=aad_host)
|
||||
username=username,
|
||||
certificate=certificate,
|
||||
auth_type=auth_type,
|
||||
aad_host=aad_host,
|
||||
...)
|
||||
|
||||
NULL
|
||||
},
|
||||
|
||||
|
|
|
@ -8,10 +8,10 @@
|
|||
\title{Login to Azure Active Directory Graph}
|
||||
\usage{
|
||||
create_graph_login(tenant = "common", app = .az_cli_app_id,
|
||||
password = NULL, username = NULL, auth_type = NULL,
|
||||
host = "https://graph.microsoft.com/",
|
||||
password = NULL, username = NULL, certificate = NULL,
|
||||
auth_type = NULL, host = "https://graph.microsoft.com/",
|
||||
aad_host = "https://login.microsoftonline.com/", config_file = NULL,
|
||||
...)
|
||||
token = NULL, ...)
|
||||
|
||||
get_graph_login(tenant = "common", selection = NULL, refresh = TRUE)
|
||||
|
||||
|
@ -36,6 +36,8 @@ list_graph_logins()
|
|||
|
||||
\item{config_file}{Optionally, a JSON file containing any of the arguments listed above. Arguments supplied in this file take priority over those supplied on the command line. You can also use the output from the Azure CLI \code{az ad sp create-for-rbac} command.}
|
||||
|
||||
\item{token}{Optionally, an OAuth 2.0 token, of class \link[AzureAuth:AzureToken]{AzureAuth::AzureToken}. This allows you to reuse the authentication details for an existing session. If supplied, all other arguments to \code{create_graph_login} will be ignored.}
|
||||
|
||||
\item{...}{Other arguments passed to \code{ms_graph$new()}.}
|
||||
|
||||
\item{selection}{For \code{get_graph_login}, if you have multiple logins for a given tenant, which one to use. This can be a number, or the input MD5 hash of the token used for the login. If not supplied, \code{get_graph_login} will print a menu and ask you to choose a login.}
|
||||
|
|
|
@ -44,7 +44,6 @@ To authenticate with the \code{ms_graph} class directly, provide the following a
|
|||
\item \code{auth_type}: The OAuth authentication method to use, one of "client_credentials", "authorization_code", "device_code" or "resource_owner". See \link{get_azure_token} for how the default method is chosen, along with some caveats.
|
||||
\item \code{host}: your Microsoft Graph host. Defaults to \code{https://graph.microsoft.com/}.
|
||||
\item \code{aad_host}: Azure Active Directory host for authentication. Defaults to \code{https://login.microsoftonline.com/}. Change this if you are using a government or private cloud.
|
||||
\item \code{config_file}: Optionally, a JSON file containing any of the arguments listed above. Arguments supplied in this file take priority over those supplied on the command line. You can also use the output from the Azure CLI \code{az ad sp create-for-rbac} command.
|
||||
\item \code{token}: Optionally, an OAuth 2.0 token, of class \link[AzureAuth:AzureToken]{AzureAuth::AzureToken}. This allows you to reuse the authentication details for an existing session. If supplied, all other arguments will be ignored.
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,10 +16,9 @@ test_that("Graph authentication works",
|
|||
expect_is(gr, "ms_graph")
|
||||
expect_true(is_azure_token(gr$token))
|
||||
|
||||
creds <- tempfile(fileext=".json")
|
||||
writeLines(jsonlite::toJSON(list(tenant=tenant, app=app)), creds)
|
||||
token <- get_azure_token("https://graph.microsoft.com/", tenant, app)
|
||||
|
||||
gr2 <- ms_graph$new(config_file=creds)
|
||||
gr2 <- ms_graph$new(token=token)
|
||||
expect_is(gr2, "ms_graph")
|
||||
expect_true(is_azure_token(gr2$token))
|
||||
})
|
||||
|
@ -37,6 +36,7 @@ test_that("Login interface works",
|
|||
|
||||
gr4 <- create_graph_login(config_file=creds)
|
||||
expect_is(gr4, "ms_graph")
|
||||
expect_identical(normalize_tenant(tenant), gr4$tenant)
|
||||
|
||||
gr5 <- get_graph_login(tenant)
|
||||
expect_is(gr5, "ms_graph")
|
||||
|
|
Загрузка…
Ссылка в новой задаче