Add keyvault authorizer (#273)

* Add keyvault auth

* Fix description

* Feedback

* Adding new auth with resource

* Fix test

* Change names

* Add to changelog

* Unexport many thing

* Update version

CHANGELOG.md

@@ -1,5 +1,9 @@
 # CHANGELOG
 
+## v10.8.0
+
+- Added NewAuthorizerFromEnvironmentWithResource() helper function.
+
 ## v10.7.0
 
 ### New Features

autorest/azure/auth/auth.go

@@ -41,59 +41,95 @@ import (
 // 3. Username password
 // 4. MSI
 func NewAuthorizerFromEnvironment() (autorest.Authorizer, error) {
-	tenantID := os.Getenv("AZURE_TENANT_ID")
-	clientID := os.Getenv("AZURE_CLIENT_ID")
-	clientSecret := os.Getenv("AZURE_CLIENT_SECRET")
-	certificatePath := os.Getenv("AZURE_CERTIFICATE_PATH")
-	certificatePassword := os.Getenv("AZURE_CERTIFICATE_PASSWORD")
-	username := os.Getenv("AZURE_USERNAME")
-	password := os.Getenv("AZURE_PASSWORD")
-	envName := os.Getenv("AZURE_ENVIRONMENT")
-	resource := os.Getenv("AZURE_AD_RESOURCE")
-
-	var env azure.Environment
-	if envName == "" {
-		env = azure.PublicCloud
-	} else {
-		var err error
-		env, err = azure.EnvironmentFromName(envName)
-		if err != nil {
-			return nil, err
-		}
+	settings, err := getAuthenticationSettings()
+	if err != nil {
+		return nil, err
 	}
 
-	if resource == "" {
-		resource = env.ResourceManagerEndpoint
+	if settings.resource == "" {
+		settings.resource = settings.environment.ResourceManagerEndpoint
 	}
 
+	return settings.getAuthorizer()
+}
+
+// NewAuthorizerFromEnvironmentWithResource creates an Authorizer configured from environment variables in the order:
+// 1. Client credentials
+// 2. Client certificate
+// 3. Username password
+// 4. MSI
+func NewAuthorizerFromEnvironmentWithResource(resource string) (autorest.Authorizer, error) {
+	settings, err := getAuthenticationSettings()
+	if err != nil {
+		return nil, err
+	}
+	settings.resource = resource
+	return settings.getAuthorizer()
+}
+
+type settings struct {
+	tenantID            string
+	clientID            string
+	clientSecret        string
+	certificatePath     string
+	certificatePassword string
+	username            string
+	password            string
+	envName             string
+	resource            string
+	environment         azure.Environment
+}
+
+func getAuthenticationSettings() (s settings, err error) {
+	s = settings{
+		tenantID:            os.Getenv("AZURE_TENANT_ID"),
+		clientID:            os.Getenv("AZURE_CLIENT_ID"),
+		clientSecret:        os.Getenv("AZURE_CLIENT_SECRET"),
+		certificatePath:     os.Getenv("AZURE_CERTIFICATE_PATH"),
+		certificatePassword: os.Getenv("AZURE_CERTIFICATE_PASSWORD"),
+		username:            os.Getenv("AZURE_USERNAME"),
+		password:            os.Getenv("AZURE_PASSWORD"),
+		envName:             os.Getenv("AZURE_ENVIRONMENT"),
+		resource:            os.Getenv("AZURE_AD_RESOURCE"),
+	}
+
+	if s.envName == "" {
+		s.environment = azure.PublicCloud
+	} else {
+		s.environment, err = azure.EnvironmentFromName(s.envName)
+	}
+	return
+}
+
+func (settings settings) getAuthorizer() (autorest.Authorizer, error) {
 	//1.Client Credentials
-	if clientSecret != "" {
-		config := NewClientCredentialsConfig(clientID, clientSecret, tenantID)
-		config.AADEndpoint = env.ActiveDirectoryEndpoint
-		config.Resource = resource
+	if settings.clientSecret != "" {
+		config := NewClientCredentialsConfig(settings.clientID, settings.clientSecret, settings.tenantID)
+		config.AADEndpoint = settings.environment.ActiveDirectoryEndpoint
+		config.Resource = settings.resource
 		return config.Authorizer()
 	}
 
 	//2. Client Certificate
-	if certificatePath != "" {
-		config := NewClientCertificateConfig(certificatePath, certificatePassword, clientID, tenantID)
-		config.AADEndpoint = env.ActiveDirectoryEndpoint
-		config.Resource = resource
+	if settings.certificatePath != "" {
+		config := NewClientCertificateConfig(settings.certificatePath, settings.certificatePassword, settings.clientID, settings.tenantID)
+		config.AADEndpoint = settings.environment.ActiveDirectoryEndpoint
+		config.Resource = settings.resource
 		return config.Authorizer()
 	}
 
 	//3. Username Password
-	if username != "" && password != "" {
-		config := NewUsernamePasswordConfig(username, password, clientID, tenantID)
-		config.AADEndpoint = env.ActiveDirectoryEndpoint
-		config.Resource = resource
+	if settings.username != "" && settings.password != "" {
+		config := NewUsernamePasswordConfig(settings.username, settings.password, settings.clientID, settings.tenantID)
+		config.AADEndpoint = settings.environment.ActiveDirectoryEndpoint
+		config.Resource = settings.resource
 		return config.Authorizer()
 	}
 
 	// 4. MSI
 	config := NewMSIConfig()
-	config.Resource = resource
-	config.ClientID = clientID
+	config.Resource = settings.resource
+	config.ClientID = settings.clientID
 	return config.Authorizer()
 }
 

autorest/version.go

@@ -16,5 +16,5 @@ package autorest
 
 // Version returns the semantic version (see http://semver.org).
 func Version() string {
-	return "v10.7.0"
+	return "v10.8.0"
 }