azure/login
1
0
Fork 0
mirror of https://github.com/azure/login.git synced 2026-06-08 03:17:12 +00:00
Code Issues Projects Releases Packages Wiki Activity

enable OIDC for sovereign clouds

Browse source
This commit is contained in:
MoChilia 2023-05-24 14:32:30 +08:00
commit 13cc38b514
1 changed files with 5 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/main.ts
View file

@ -95,7 +95,7 @@ async function main() {
throw new Error("Credentials are not passed for Login action.");
}
}
//generic checks
//generic checks
//servicePrincipalKey is only required in non-oidc scenario.
if (!servicePrincipalId || !tenantId || !(servicePrincipalKey || enableOIDC)) {
throw new Error("Not all values are present in the credentials. Ensure clientId, clientSecret and tenantId are supplied.");
@ -115,14 +115,15 @@ async function main() {
let audience = core.getInput('audience', { required: false });
federatedToken = await core.getIDToken(audience);
if (!!federatedToken) {
if (environment != "azurecloud")
throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`);
let [issuer, subjectClaim] = await jwtParser(federatedToken);
console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim);
}
else{
throw new Error("Failed to fetch federated token.");
}
}
catch (error) {
core.error(`${error.message.split(':')[1]}. Please make sure to give write permissions to id-token in the workflow.`);
core.error(`${error}. Please make sure to give write permissions to id-token in the workflow.`);
}
}