如何通过https请求从Node调用Azure客户端?

时间:2018-06-27 13:07:56

标签: node.js api azure web

我已在Azure中启动并运行VM。我想从Node调用Azure VM。我完全不知道Azure的get API。那么如何实现呢?

我有tenantID,ClientID,Client Secret和订阅ID。

我还能从运行VM中获得什么独特的东西,如果我在Azure上创建另一个VM,那会一样吗?

1 个答案:

答案 0 :(得分:0)

尝试此操作,考虑到您具有访问环境变量中的保管库中的值以从天蓝色的保管库获取机密的方法:

var _ = require('lodash'),
    msRestAzure = require('ms-rest-azure'),
    KeyVault = require('azure-keyvault'),
    AuthenticationContext = require('adal-node').AuthenticationContext,//Utility function to get key vault client

function getKeyVaultClient() {
    // service principal details to access the vault
    var clientId = process.env['CLIENT_ID']; // service principal
    var domain = process.env['DOMAIN']; // tenant id
    var secret = process.env['APPLICATION_SECRET'];
    return new Promise(function (resolve, reject) {
         msRestAzure.loginWithServicePrincipalSecret(clientId, secret, domain, function (err) {
                if (err) {
                    return reject(err);
                }
                // authenticate with key vault with a service principal
                var kvCredentials = new KeyVault.KeyVaultCredentials(authenticator);
                keyVaultClient = new KeyVault.KeyVaultClient(kvCredentials);
                return resolve(keyVaultClient);
            });
       })
}

function authenticator(challenge, callback) {
    // service principal details to access the vault
    var clientId = process.env['CLIENT_ID']; // service principal
    var secret = process.env['APPLICATION_SECRET'];
    // Create a new authentication context.
    var context = new AuthenticationContext(challenge.authorization);

    // Use the context to acquire an authentication token.
    return context.acquireTokenWithClientCredentials(challenge.resource, clientId, secret, function (err, tokenResponse) {
        if (err) {
            return callback(err);
        }
        // Calculate the value to be set in the request's Authorization header and resume the call.
        var authorizationValue = tokenResponse.tokenType + ' ' + tokenResponse.accessToken;

        return callback(null, authorizationValue);
    });
}

var vaultUri = 'https://' + process.env['VAULT_NAME'] + '.vault.azure.net/secrets/' + key;
getKeyVaultClient().then(function (vaultClient) {
            vaultClient.getSecret(vaultUri,
                function (err, result) {
                    if (err) {
                        return reject(err);
                    } else {
                        return resolve(result.value);
                    }
                });
    }).catch(function (err) {
        reject(err);
    })

您可以查看有关如何使用天蓝色公开的Rest API访问密钥和机密的官方文档和示例。

相关问题
最新问题