diff --git a/pkg/blockstorage/azure/auth.go b/pkg/blockstorage/azure/auth.go index 143d70a9f4..f4db585982 100644 --- a/pkg/blockstorage/azure/auth.go +++ b/pkg/blockstorage/azure/auth.go @@ -20,15 +20,6 @@ const ( var availableCredsType = sets.NewString(CredTypeManagedIdentity, CredTypeClientSecret) -type CredsValidity int - -const ( - CredValidityUnknown CredsValidity = 0 - CredsTypeNotSupported - CredsFailedAuthentication - CredsPassedAuthentication -) - func isCredTypeSupported(credType string) bool { return availableCredsType.Has(credType) } @@ -49,52 +40,52 @@ func IsMSICredsAvailable(config map[string]string) bool { // internal interface to authenticate with different Azure credentials type type authenticator interface { - authenticate(creds map[string]string) (CredsValidity, error) + authenticate(creds map[string]string) error } // authenticate with MSI creds type msiAuthenticator struct{} -func (m *msiAuthenticator) authenticate(creds map[string]string) (CredsValidity, error) { +func (m *msiAuthenticator) authenticate(creds map[string]string) error { // check if MSI endpoint is available if !adal.MSIAvailable(context.Background(), nil) { - return CredsTypeNotSupported, errors.New("MSI endpoint is not supported") + return errors.New("MSI endpoint is not supported") } // create a service principal token msiConfig := auth.NewMSIConfig() - msiConfig.ClientID = creds[blockstorage.AzureTenantID] + msiConfig.ClientID = creds[blockstorage.AzureCientID] spt, err := msiConfig.ServicePrincipalToken() if err != nil { - return CredsFailedAuthentication, errors.Wrap(err, "Failed to create a service principal token") + return errors.Wrap(err, "Failed to create a service principal token") } // network call to check for token err = spt.Refresh() if err != nil { - return CredsFailedAuthentication, errors.Wrap(err, "Failed to refresh token") + return errors.Wrap(err, "Failed to refresh token") } // creds passed authentication - return CredsPassedAuthentication, nil + return nil } type clientSecretAuthenticator struct{} -func (c *clientSecretAuthenticator) authenticate(creds map[string]string) (CredsValidity, error) { +func (c *clientSecretAuthenticator) authenticate(creds map[string]string) error { credConfig, err := getCredConfigForAuth(creds) if err != nil { - return CredsFailedAuthentication, errors.Wrap(err, "Failed to get Client Secret config") + return errors.Wrap(err, "Failed to get Client Secret config") } // create a service principal token spt, err := credConfig.ServicePrincipalToken() if err != nil { - return CredsFailedAuthentication, errors.Wrap(err, "Failed to create a service principal token") + return errors.Wrap(err, "Failed to create a service principal token") } // network call to check for token err = spt.Refresh() if err != nil { - return CredsFailedAuthentication, errors.Wrap(err, "Failed to refresh token") + return errors.Wrap(err, "Failed to refresh token") } // creds passed authentication - return CredsPassedAuthentication, nil + return nil } // return the authenticator based on credentials type diff --git a/pkg/blockstorage/azure/azuredisk.go b/pkg/blockstorage/azure/azuredisk.go index 2aff50120d..f800ad494b 100644 --- a/pkg/blockstorage/azure/azuredisk.go +++ b/pkg/blockstorage/azure/azuredisk.go @@ -45,14 +45,14 @@ func (s *AdStorage) Type() blockstorage.Type { } // Authenticate check Azure creds if the credType is supported -func (s *AdStorage) Authenticate(ctx context.Context, credType string, creds map[string]string) (CredsValidity, error) { +func (s *AdStorage) Authenticate(ctx context.Context, credType string, creds map[string]string) error { // check if credType is supported if !isCredTypeSupported(credType) { - return CredsTypeNotSupported, errors.New("Credential type is not supported") + return errors.New("Credential type is not supported") } auth := getAuthenticator(credType) if auth == nil { - return CredValidityUnknown, errors.New("Fail to get an authenticator") + return errors.New("Fail to get an authenticator") } return auth.authenticate(creds) } diff --git a/pkg/blockstorage/azure/client.go b/pkg/blockstorage/azure/client.go index 5233157f1b..61c5d1b312 100644 --- a/pkg/blockstorage/azure/client.go +++ b/pkg/blockstorage/azure/client.go @@ -98,9 +98,9 @@ func NewClient(ctx context.Context, config map[string]string) (*Client, error) { // nolint:unparam func getAuthorizer(env azure.Environment, config map[string]string) (*autorest.BearerAuthorizer, error) { - if isClientCredsAvailable(config) { + if IsClientCredsAvailable(config) { return getClientCredsAuthorizer(env, config) - } else if isMSICredsAvailable(config) { + } else if IsMSICredsAvailable(config) { return getMSIsAuthorizer(config) } return nil, errors.New("Missing credentials, or credential type not supported")