Azure AD Support

[anweiss]

Would like to see Azure Active Directory support officially added. This requires the client_secret and resource parameters. In my testing, adding "https://login.microsoftonline.com/" to the brokenAuthHeaderProviders slice in addition to using resource in place of scope seems to do the trick.

• Go version: 1.4.2.windows-amd64

[rakyll]

We are not willing to implement workarounds for each broken OAuth 2.0 implementation. If this is a blocker for you, please maintain your own of the oauth2 package with the necessary patches.

[bmorton]

I found this issue via Google and wanted to note for posterity that this is supported now. To get the resource param on the AuthCodeURL call, you can pass an oauth2.AuthCodeOption to oauth2.AuthCodeURL() as such:

config := &oauth2.Config{
	ClientID:     "my-client-id",
	ClientSecret: "my-client-secret",
	RedirectURL:  "https://localhost",
	Endpoint: oauth2.Endpoint{
		AuthURL:  "https://login.microsoftonline.com/common/oauth2/authorize",
		TokenURL: "https://login.microsoftonline.com/common/oauth2/token",
	},
}
config.AuthCodeURL("state", oauth2.SetAuthURLParam("resource", "https://outlook.office.com"))

You can also set brokenAuthHeaderProviders via oauth2.RegisterBrokenAuthHeaderProvider, but I didn't need to do that for AzureAD on Office 365.

Hope this helps anyone else who finds this issue!

[joaquin386]

@bmorton can you add a bit more on the code since I did this in python but in Golang i am struggling .... Thx