diff --git a/api/applications.go b/api/applications.go index 270aa834..dd7cf999 100644 --- a/api/applications.go +++ b/api/applications.go @@ -10,7 +10,6 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore" "github.com/google/uuid" - "github.com/hashicorp/go-multierror" msgraphsdkgo "github.com/microsoftgraph/msgraph-sdk-go" auth "github.com/microsoftgraph/msgraph-sdk-go-core/authentication" "github.com/microsoftgraph/msgraph-sdk-go/applications" @@ -46,11 +45,11 @@ type PasswordCredential struct { SecretText string } -// NewMSGraphApplicationClient returns a new MSGraphClient configured to interact with +// NewMSGraphClient returns a new MSGraphClient configured to interact with // the Microsoft Graph API. It can be configured to target alternative national cloud // deployments via graphURI. For details on the client configuration see // https://learn.microsoft.com/en-us/graph/sdks/national-clouds -func NewMSGraphApplicationClient(graphURI string, creds azcore.TokenCredential) (*MSGraphClient, error) { +func NewMSGraphClient(graphURI string, creds azcore.TokenCredential) (*MSGraphClient, error) { scopes := []string{ fmt.Sprintf("%s/.default", graphURI), } @@ -138,11 +137,15 @@ func (c *MSGraphClient) CreateApplication(ctx context.Context, displayName strin // This will in turn remove the service principal (but not the role assignments). func (c *MSGraphClient) DeleteApplication(ctx context.Context, applicationObjectID string, permanentlyDelete bool) error { err := c.client.Applications().ByApplicationId(applicationObjectID).Delete(ctx, nil) + if err != nil { + return err + } if permanentlyDelete { - e := c.client.Directory().DeletedItems().ByDirectoryObjectId(applicationObjectID).Delete(ctx, nil) - merr := multierror.Append(err, e) - return merr.ErrorOrNil() + err = c.client.Directory().DeletedItems().ByDirectoryObjectId(applicationObjectID).Delete(ctx, nil) + if err != nil { + return err + } } return err diff --git a/path_service_principal_test.go b/path_service_principal_test.go index cfd08f4a..ee43b356 100644 --- a/path_service_principal_test.go +++ b/path_service_principal_test.go @@ -1017,7 +1017,10 @@ func TestCredentialInteg_msgraph(t *testing.T) { Storage: s, } - b.spRevoke(context.Background(), req, nil) + _, err = b.spRevoke(context.Background(), req, nil) + if err != nil { + t.Fatalf("error revoking service principal: %s", err.Error()) + } // Verify that SP get is an error after delete. Expected there // to be a delay and that this step would take some time/retries, diff --git a/provider.go b/provider.go index 51204695..9072bf9c 100644 --- a/provider.go +++ b/provider.go @@ -65,7 +65,7 @@ func newAzureProvider(settings *clientSettings, passwords api.Passwords) (AzureP return nil, err } - msGraphAppClient, err := api.NewMSGraphApplicationClient(settings.GraphURI, cred) + msGraphAppClient, err := api.NewMSGraphClient(settings.GraphURI, cred) if err != nil { return nil, fmt.Errorf("failed to create MS graph client: %w", err) } @@ -83,8 +83,6 @@ func newAzureProvider(settings *clientSettings, passwords api.Passwords) (AzureP } p := &provider{ - settings: settings, - appClient: msGraphAppClient, spClient: msGraphAppClient, groupsClient: msGraphAppClient,