package providers import ( "errors" "fmt" "github.com/bitly/oauth2_proxy/api" "log" "net/http" "net/url" ) type AzureProvider struct { *ProviderData Tenant string } func NewAzureProvider(p *ProviderData) *AzureProvider { p.ProviderName = "Azure" if p.ProfileURL == nil || p.ProfileURL.String() == "" { p.ProfileURL = &url.URL{ Scheme: "https", Host: "graph.windows.net", Path: "/me", RawQuery: "api-version=1.6", } } if p.ProtectedResource == nil || p.ProtectedResource.String() == "" { p.ProtectedResource = &url.URL{ Scheme: "https", Host: "graph.windows.net", } } if p.Scope == "" { p.Scope = "openid" } return &AzureProvider{ProviderData: p} } func (p *AzureProvider) Configure(tenant string) { p.Tenant = tenant if tenant == "" { p.Tenant = "common" } if p.LoginURL == nil || p.LoginURL.String() == "" { p.LoginURL = &url.URL{ Scheme: "https", Host: "login.microsoftonline.com", Path: "/" + p.Tenant + "/oauth2/authorize"} } if p.RedeemURL == nil || p.RedeemURL.String() == "" { p.RedeemURL = &url.URL{ Scheme: "https", Host: "login.microsoftonline.com", Path: "/" + p.Tenant + "/oauth2/token", } } } func getAzureHeader(access_token string) http.Header { header := make(http.Header) header.Set("Authorization", fmt.Sprintf("Bearer %s", access_token)) return header } func (p *AzureProvider) GetEmailAddress(s *SessionState) (string, error) { if s.AccessToken == "" { return "", errors.New("missing access token") } req, err := http.NewRequest("GET", p.ProfileURL.String(), nil) if err != nil { return "", err } req.Header = getAzureHeader(s.AccessToken) json, err := api.Request(req) if err != nil { log.Printf("failed making request %s", err) return "", err } return json.Get("mail").String() }