Adding User assigned identity support for the MSIConfig authorizor (#332

)
Azure · Oct 20, 2018 · 2175dcc · 2175dcc
1 parent 4492bbb
commit 2175dcc
Showing 1 changed file with 11 additions and 3 deletions.
diff --git a/autorest/azure/auth/auth.go b/autorest/azure/auth/auth.go
@@ -483,9 +483,17 @@ func (mc MSIConfig) Authorizer() (autorest.Authorizer, error) {
 		return nil, err
 	}
 
-	spToken, err := adal.NewServicePrincipalTokenFromMSI(msiEndpoint, mc.Resource)
-	if err != nil {
-		return nil, fmt.Errorf("failed to get oauth token from MSI: %v", err)
+	var spToken *adal.ServicePrincipalToken
+	if mc.ClientID == "" {
+		spToken, err = adal.NewServicePrincipalTokenFromMSI(msiEndpoint, mc.Resource)
+		if err != nil {
+			return nil, fmt.Errorf("failed to get oauth token from MSI: %v", err)
+		}
+	} else {
+		spToken, err = adal.NewServicePrincipalTokenFromMSIWithUserAssignedID(msiEndpoint, mc.Resource, mc.ClientID)
+		if err != nil {
+			return nil, fmt.Errorf("failed to get oauth token from MSI for user assigned identity: %v", err)
+		}
 	}
 
 	return autorest.NewBearerAuthorizer(spToken), nil