in flag.go [298:356]
func (f FlagSet) buildAuthConfig() (*config.AuthConfig, error) {
clientId := f.flagClientId
if path := f.flagClientIdFilePath; path != "" {
// #nosec G304
b, err := os.ReadFile(path)
if err != nil {
return nil, fmt.Errorf("reading Client ID from file %q: %v", path, err)
}
clientId = string(b)
}
clientSecret := f.flagClientSecret
if path := f.flagClientSecretFilePath; path != "" {
// #nosec G304
b, err := os.ReadFile(path)
if err != nil {
return nil, fmt.Errorf("reading Client secret from file %q: %v", path, err)
}
clientSecret = string(b)
}
clientCertEncoded := f.flagClientCertificate
if path := f.flagClientCertificatePath; path != "" {
// #nosec G304
b, err := os.ReadFile(path)
if err != nil {
return nil, fmt.Errorf("reading Client certificate from file %q: %v", path, err)
}
clientCertEncoded = base64.StdEncoding.EncodeToString(b)
}
oidcToken := f.flagOIDCToken
if path := f.flagOIDCTokenFilePath; path != "" {
// #nosec G304
b, err := os.ReadFile(path)
if err != nil {
return nil, fmt.Errorf("reading OIDC token from file %q: %v", path, err)
}
oidcToken = strings.TrimSpace(string(b))
}
c := config.AuthConfig{
Environment: f.flagEnv,
TenantID: f.flagTenantId,
AuxiliaryTenantIDs: f.flagAuxiliaryTenantIds.Value(),
ClientID: clientId,
ClientSecret: clientSecret,
ClientCertificateEncoded: clientCertEncoded,
ClientCertificatePassword: f.flagClientCertificatePassword,
OIDCTokenRequestToken: f.flagOIDCRequestToken,
OIDCTokenRequestURL: f.flagOIDCRequestURL,
OIDCAssertionToken: oidcToken,
UseAzureCLI: f.flagUseAzureCLICred,
UseManagedIdentity: f.flagUseManagedIdentityCred,
UseOIDC: f.flagUseOIDCCred,
}
return &c, nil
}