Skip to content

Commit 28370b7

Browse files
flavianmissiflavianmissi
committed
pkg/storage/azure: refactor authentication
we'll need to add an identation level, so get rid of an unnecessary one before doing that.
1 parent 15cdaf6 commit 28370b7

File tree

1 file changed

+26
-28
lines changed

1 file changed

+26
-28
lines changed

pkg/storage/azure/azure.go

Lines changed: 26 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -301,38 +301,36 @@ func (d *driver) storageAccountsClient(cfg *Azure, environment autorestazure.Env
301301
storageAccountsClient.RetryAttempts = 1
302302
_ = storageAccountsClient.AddToUserAgent(defaults.UserAgent)
303303

304-
if d.authorizer != nil {
304+
if d.authorizer != nil && d.sender != nil {
305305
storageAccountsClient.Authorizer = d.authorizer
306-
} else {
307-
cloudConfig := cloud.Configuration{
308-
ActiveDirectoryAuthorityHost: environment.ActiveDirectoryEndpoint,
309-
Services: map[cloud.ServiceName]cloud.ServiceConfiguration{
310-
cloud.ResourceManager: {
311-
Audience: environment.TokenAudience,
312-
Endpoint: environment.ResourceManagerEndpoint,
313-
},
314-
},
315-
}
316-
options := azidentity.ClientSecretCredentialOptions{
317-
ClientOptions: azcore.ClientOptions{
318-
Cloud: cloudConfig,
319-
},
320-
}
321-
cred, err := azidentity.NewClientSecretCredential(cfg.TenantID, cfg.ClientID, cfg.ClientSecret, &options)
322-
if err != nil {
323-
return storage.AccountsClient{}, err
324-
}
325-
scope := environment.TokenAudience
326-
if !strings.HasSuffix(scope, "/.default") {
327-
scope += "/.default"
328-
}
329-
330-
storageAccountsClient.Authorizer = azidext.NewTokenCredentialAdapter(cred, []string{scope})
306+
storageAccountsClient.Sender = d.sender
307+
return storageAccountsClient, nil
331308
}
332309

333-
if d.sender != nil {
334-
storageAccountsClient.Sender = d.sender
310+
cloudConfig := cloud.Configuration{
311+
ActiveDirectoryAuthorityHost: environment.ActiveDirectoryEndpoint,
312+
Services: map[cloud.ServiceName]cloud.ServiceConfiguration{
313+
cloud.ResourceManager: {
314+
Audience: environment.TokenAudience,
315+
Endpoint: environment.ResourceManagerEndpoint,
316+
},
317+
},
318+
}
319+
options := azidentity.ClientSecretCredentialOptions{
320+
ClientOptions: azcore.ClientOptions{
321+
Cloud: cloudConfig,
322+
},
335323
}
324+
cred, err := azidentity.NewClientSecretCredential(cfg.TenantID, cfg.ClientID, cfg.ClientSecret, &options)
325+
if err != nil {
326+
return storage.AccountsClient{}, err
327+
}
328+
scope := environment.TokenAudience
329+
if !strings.HasSuffix(scope, "/.default") {
330+
scope += "/.default"
331+
}
332+
333+
storageAccountsClient.Authorizer = azidext.NewTokenCredentialAdapter(cred, []string{scope})
336334

337335
return storageAccountsClient, nil
338336
}

0 commit comments

Comments
 (0)