GithubHelp home page GithubHelp logo

Comments (4)

marcosgm avatar marcosgm commented on June 10, 2024

I changed the code on a few places and added some debugs:

$ 
[msi_debugs.go.txt](https://github.com/manicminer/hamilton/files/7367807/msi_debugs.go.txt)
go test --race ./... -v
=== RUN   TestAzureCliAuthorizer
--- PASS: TestAzureCliAuthorizer (1.13s)
=== RUN   TestMsiAuthorizer
url is : http://localhost:50342/oauth2/token?api-version=2018-02-01&format=text&resource=https%3A%2F%2Fmanagement.azure.com%2F

GET /oauth2/token?api-version=2018-02-01&format=text&resource=https%3A%2F%2Fmanagement.azure.com%2F HTTP/1.1
Host: localhost:50342
User-Agent: Go-http-client/1.1
Content-Length: 38
Accept-Encoding: gzip

resource=https://management.azure.com/

HTTP/1.1 200 OK
Content-Length: 2162
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Date: Mon, 18 Oct 2021 18:38:50 GMT
Etag: W/"872-7WpHq6sLbo/bDSyC3PAw3C2IjwA"
X-Powered-By: Express

{"access_token":"(REDACTED) MukeJyc37ggOpV41f3U1TY9CblMOkTavjh3Q9Yz0-_I6c6y8kDCMZJbTs2NMdk0AWMSdsHsB_aDoRo5QfQ","refresh_token":"","expires_in":"1513","expires_on":"1634583843","not_before":"1634579943","resource":"https://management.core.windows.net/","token_type":"Bearer"}

url is : http://localhost:50342/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fgraph.microsoft.com%2F

GET /oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fgraph.microsoft.com%2F HTTP/1.1
Host: localhost:50342
User-Agent: Go-http-client/1.1
Content-Length: 38
Accept-Encoding: gzip

resource=https://management.azure.com/

HTTP/1.1 200 OK
Content-Length: 2481
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Date: Mon, 18 Oct 2021 18:38:50 GMT
Etag: W/"9b1-7RxI3beG6uimCUxaeTgt0r94X5Y"
X-Powered-By: Express

{"access_token":"(REDACTED) 2ZYqIeAo5wQluCzExh8VXIdfsstqCaHfqkNsaXzwahuLp412w","refresh_token":"","expires_in":"1558","expires_on":"1634583888","not_before":"1634579989","resource":"https://graph.microsoft.com/","token_type":"Bearer"}

--- PASS: TestMsiAuthorizer (0.01s)
=== RUN   TestParseClaims_azureCli

from hamilton.

marcosgm avatar marcosgm commented on June 10, 2024 
--- PASS: TestAzureCliAuthorizer (1.23s)
=== RUN   TestMsiAuthorizer
--- PASS: TestMsiAuthorizer (0.01s)
=== RUN   TestParseClaims_azureCli
--- PASS: TestParseClaims_azureCli (1.15s)
=== RUN   TestParseClaims_clientCertificate

system@Azure:~/msitests/hamilton$
system@Azure:~/msitests/hamilton$ git diff
diff --git a/auth/msi.go b/auth/msi.go
index e87f18e..b2c64fd 100644
--- a/auth/msi.go
+++ b/auth/msi.go
@@ -112,10 +112,11 @@ func NewMsiConfig(ctx context.Context, resource, msiEndpoint, clientId string) (
        }

        // determine the generic metadata URL and check if we can reach it
-       e.Path = "/metadata"
+       e.Path = "/oauth2/token"
        e.RawQuery = url.Values{
                "api-version": []string{msiDefaultApiVersion},
                "format":      []string{"text"},
+               "resource": []string{"https://management.azure.com/"},
        }.Encode()

        _, err = azureMetadata(ctx, e.String())

from hamilton.

marcosgm avatar marcosgm commented on June 10, 2024

This is the output using the current code:


--- PASS: TestAzureCliAuthorizer (1.16s)
=== RUN   TestMsiAuthorizer
--- FAIL: TestMsiAuthorizer (0.00s)
    auth_test.go:127: NewMsiAuthorizer(): NewMsiConfig: could not validate MSI endpoint: received HTTP status 404
=== RUN   TestParseClaims_azureCli
--- PASS: TestParseClaims_azureCli (1.16s)

from hamilton.

manicminer avatar manicminer commented on June 10, 2024

@marcogsm Thanks for raising this, the next release of the SDK will remove a configuration check that was hindering managed identity authentication in Cloud Shell.

from hamilton.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.