Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Managed Identity Support #552

Merged
merged 208 commits into from
Feb 14, 2025
Merged

Add Managed Identity Support #552

merged 208 commits into from
Feb 14, 2025
+2,576 −65

Conversation

AndyOHart
Copy link
Collaborator

PR Summary: Add Managed Identity Support

Branch: andyohart/managed-identity
Merging into: main

Overview

This PR introduces Managed Identity support to the Microsoft Authentication Library for Go through a new client. The new client supports multiple sources for managed identities, including:

  • IMDS
  • Azure Arc
  • Service Fabric
  • App Service
  • Azure Machine Learning
  • Cloud Shell

The client can handle both System Assigned Managed Identities and User Assigned Managed Identities.
For user-assigned identities, you can specify:

  • Client ID
  • Resource ID
  • Object ID

Key Changes

  • New Managed Identity Client: Added a new client to handle managed identity authentication.
  • Multiple Sources Support: The client supports various managed identity sources, enhancing flexibility and usability.
  • Tests: Comprehensive tests have been added to ensure the reliability and correctness of the new functionality.
  • Documentation: Updated documentation to include details on the new managed identity client and usage instructions.

Code Sample

Here's a basic example of how to use the new managed identity client to acquire a token:

package main

import (
    "context"
    "fmt"
    "github.com/AzureAD/microsoft-authentication-library-for-go/msal"
)

func main() {
	miSystemAssigned, err := mi.New(mi.SystemAssigned())
	if err != nil {
		log.Fatal(err)
	}
	result, err := miSystemAssigned.AcquireToken(context.TODO(), "https://management.azure.com")
	if err != nil {
		log.Fatal(err)
	}
	fmt.Println("token expire at : ", result.ExpiresOn)
}

AndyOHart and others added 30 commits August 21, 2024 08:30
@AndyOHart
Changes for running
995fa3c
@AndyOHart
* Adds .md file for managed identitys public api
0993a3f
@AndyOHart @bgavrilMS
Update docs/managedidentity_public_api.md
1053165 
* Readme suggestion update

Co-authored-by: Bogdan Gavril <bogavril@microsoft.com>
@AndyOHart
Makes DefaultToIMDS the default 0 value
aadf13d
@AndyOHart
Merge branch 'andyohart/managed-identity-basic-class-implementation' of
2fe36df 
https://github.com/AzureAD/microsoft-authentication-library-for-go into andyohart/managed-identity-basic-class-implementation
@AndyOHart
Merge pull request #499 from AzureAD/andyohart/managed-identity-basic…
e82f85d 
…-class-implementation

Implement Initial API Classes
@4gust
Initial system assgined for acquire token
1d2f3e8
@4gust
Added a simple version of getting token.
63e6bed 
Added a simple version of getting token and printing it
reformatting code.
@4gust
added IMDB for SAMI
69a039c 
Added tests and implementation for SAMI IMDS
@4gust
Reverted the test app to original state
7c94182 
Reverted changes in the test app
@4gust
Formatting changes
2646418 
Formatting changes
@4gust
Added methods for UAMI
4db1c7e 
Added method for UAMI
@4gust
Updated and cleaned up MI for SAMI
3bf0383 
Updated the some code and cleaned up some comments and print statement
@4gust @chlowell
Update apps/managedidentity/managedidentity.go
8c3fed1 
Updated the key for the resource

Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>
@4gust
Resolved some comments.
5eb2919 
Updated the token from url function to a reaquest based function
@4gust
Merge branch 'acquire-token-for-mise' of https://github.com/AzureAD/m…
29583da 
…icrosoft-authentication-library-for-go into acquire-token-for-mise
@4gust
Updated test
64e4705 
Updated test to fail not only return error
@4gust
Updated the Identity method for feedback
a7e760a 
Added tests for failure and success for SAMI
@4gust
Passed context to http request
df2ad5a 
added context to request
@4gust
Updated service errors handling and tests
287963e 
Updated the tests to check for errors more correctly
@4gust
Updated tests to use mock
df9faf1 
Update some test and used mock.Client
some refactoring for comments
@4gust
small update
5395b9a
@4gust
Added a withStatusCode method in mock
6a72df2
@4gust @chlowell
Update apps/internal/mock/mock.go
b293a60 
Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>
@4gust
Updated the method usage for WithHTTPStatusCode
c2b9127
@4gust @chlowell
Update apps/managedidentity/managedidentity_test.go
e451611 
Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>
@4gust @chlowell
Update apps/managedidentity/managedidentity_test.go
9912ee9 
Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>
@4gust
Removed typed data from test
7f147d4
@4gust
Merge branch 'acquire-token-for-mise' of https://github.com/AzureAD/m…
a2b0a2a 
…icrosoft-authentication-library-for-go into acquire-token-for-mise
@4gust
Updated test to return json error
82b1155
AndyOHart and others added 11 commits January 28, 2025 18:26
@AndyOHart
* adds azure ml support
acba4e4 
* adds tests for azure ml
@AndyOHart
* Address PR comments
ed1b4b2
@AndyOHart
* sets default client id
bdc08c4 
* update tests
@AndyOHart
* test for user assigned
2d31094
@AndyOHart
* test for user assigned
27070b2
@AndyOHart
* Revert changes
3072e45
@AndyOHart
* Update tests
11b2940
@AndyOHart
* Small pr fix
3d24639
@AndyOHart
Merge pull request #546 from AzureAD/azure-ml
57ad23c 
Azure ML Support
@4gust @chlowell
Support for ServiceFabric (#548)
a0bb786 
* Service fabric ssl checker

* adding new test

* Service fabric and its tests

* Updated Test to check for supported sources

* Removed some unused code

* Removed the SSL validation

* Updated the get token method

* Update apps/managedidentity/servicefabric_test.go

Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>

---------

Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>
@chlowell
Remove redundant ClientOptions type
a20f226
@AndyOHart AndyOHart added this to the 1.4.0 milestone Feb 13, 2025
@AndyOHart AndyOHart requested review from chlowell and 4gust February 13, 2025 17:45
chlowell
chlowell reviewed Feb 13, 2025
View reviewed changes
AndyOHart and others added 7 commits February 14, 2025 11:17
@AndyOHart @chlowell
Update .github/workflows/go.yml
ee4aecf 
Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>
@AndyOHart
* Adds missing license headers
b55d783
@AndyOHart
Merge branch 'andyohart/managed-identity' of https://github.com/Azure…
a7d6092 
…AD/microsoft-authentication-library-for-go into andyohart/managed-identity
@AndyOHart @chlowell
Update docs/managedidentity_public_api.md
aa159ca 
Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>
@AndyOHart
* Remove sample app file
30eccc4 
* Update documentation file to link to full suite of sample documentation instead of just showing IMDS documentation
@AndyOHart
Merge branch 'andyohart/managed-identity' of https://github.com/Azure…
4f2685b 
…AD/microsoft-authentication-library-for-go into andyohart/managed-identity
@4gust
Added a new error InvalidJsonErr (#553)
08a6e34 
* Added a new error InvalidJsonErr

* Update confidential_test.go
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
2 Security Hotspots

See analysis details on SonarQube Cloud

@AndyOHart AndyOHart merged commit e6d9244 into main Feb 14, 2025
5 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chlowell chlowell chlowell left review comments

@bgavrilMS bgavrilMS bgavrilMS approved these changes

@4gust 4gust 4gust approved these changes

@rayluo rayluo Awaiting requested review from rayluo rayluo is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.4.0
Development

Successfully merging this pull request may close these issues.
6 participants
@AndyOHart @chlowell @bgavrilMS @4gust @kgeckhart @handsomejack-42