in pkg/internal/token/adalclientcertcredential.go [23:47]
func newADALClientCertCredential(opts *Options) (CredentialProvider, error) {
if !opts.IsLegacy {
return nil, fmt.Errorf("ADALClientCertCredential is not supported in non-legacy mode")
}
if opts.ClientID == "" {
return nil, fmt.Errorf("client ID cannot be empty")
}
if opts.TenantID == "" {
return nil, fmt.Errorf("tenant ID cannot be empty")
}
if opts.ClientCert == "" {
return nil, fmt.Errorf("client certificate cannot be empty")
}
cloud := opts.GetCloudConfiguration()
oAuthConfig, err := adal.NewOAuthConfig(cloud.ActiveDirectoryAuthorityHost, opts.TenantID)
if err != nil {
return nil, fmt.Errorf("failed to create OAuth config: %w", err)
}
return &ADALClientCertCredential{
oAuthConfig: *oAuthConfig,
clientID: opts.ClientID,
clientCert: opts.ClientCert,
clientCertPassword: opts.ClientCertPassword,
}, nil
}