From d103ed6ca97ca5a2669f6cf5fe4b3d2a9c945f26 Mon Sep 17 00:00:00 2001
From: Christopher Speller <crspeller@gmail.com>
Date: Wed, 17 May 2017 16:51:25 -0400
Subject: Upgrading server dependancies (#6431)

---
 .../xenolf/lego/providers/dns/azure/azure.go        | 21 +++++++++++++++------
 .../xenolf/lego/providers/dns/rfc2136/rfc2136.go    | 12 +++++++-----
 2 files changed, 22 insertions(+), 11 deletions(-)

(limited to 'vendor/github.com/xenolf/lego/providers')

diff --git a/vendor/github.com/xenolf/lego/providers/dns/azure/azure.go b/vendor/github.com/xenolf/lego/providers/dns/azure/azure.go
index d079d5e13..97d692382 100644
--- a/vendor/github.com/xenolf/lego/providers/dns/azure/azure.go
+++ b/vendor/github.com/xenolf/lego/providers/dns/azure/azure.go
@@ -12,6 +12,8 @@ import (
 
 	"strings"
 
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/adal"
 	"github.com/Azure/go-autorest/autorest/azure"
 	"github.com/Azure/go-autorest/autorest/to"
 	"github.com/xenolf/lego/acme"
@@ -69,7 +71,9 @@ func (c *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 
 	rsc := dns.NewRecordSetsClient(c.subscriptionId)
-	rsc.Authorizer, err = c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint)
+	spt, err := c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint)
+	rsc.Authorizer = autorest.NewBearerAuthorizer(spt)
+
 	relative := toRelativeRecord(fqdn, acme.ToFqdn(zone))
 	rec := dns.RecordSet{
 		Name: &relative,
@@ -103,7 +107,8 @@ func (c *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 
 	relative := toRelativeRecord(fqdn, acme.ToFqdn(zone))
 	rsc := dns.NewRecordSetsClient(c.subscriptionId)
-	rsc.Authorizer, err = c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint)
+	spt, err := c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint)
+	rsc.Authorizer = autorest.NewBearerAuthorizer(spt)
 	_, err = rsc.Delete(c.resourceGroup, zone, relative, dns.TXT, "")
 	if err != nil {
 		return err
@@ -121,7 +126,11 @@ func (c *DNSProvider) getHostedZoneID(fqdn string) (string, error) {
 
 	// Now we want to to Azure and get the zone.
 	dc := dns.NewZonesClient(c.subscriptionId)
-	dc.Authorizer, err = c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint)
+
+	rsc := dns.NewRecordSetsClient(c.subscriptionId)
+	spt, err := c.newServicePrincipalTokenFromCredentials(azure.PublicCloud.ResourceManagerEndpoint)
+	rsc.Authorizer = autorest.NewBearerAuthorizer(spt)
+
 	zone, err := dc.Get(c.resourceGroup, acme.UnFqdn(authZone))
 
 	if err != nil {
@@ -134,10 +143,10 @@ func (c *DNSProvider) getHostedZoneID(fqdn string) (string, error) {
 
 // NewServicePrincipalTokenFromCredentials creates a new ServicePrincipalToken using values of the
 // passed credentials map.
-func (c *DNSProvider) newServicePrincipalTokenFromCredentials(scope string) (*azure.ServicePrincipalToken, error) {
-	oauthConfig, err := azure.PublicCloud.OAuthConfigForTenant(c.tenantId)
+func (c *DNSProvider) newServicePrincipalTokenFromCredentials(scope string) (*adal.ServicePrincipalToken, error) {
+	oauthConfig, err := adal.NewOAuthConfig(azure.PublicCloud.ActiveDirectoryEndpoint, c.tenantId)
 	if err != nil {
 		panic(err)
 	}
-	return azure.NewServicePrincipalToken(*oauthConfig, c.clientId, c.clientSecret, scope)
+	return adal.NewServicePrincipalToken(*oauthConfig, c.clientId, c.clientSecret, scope)
 }
diff --git a/vendor/github.com/xenolf/lego/providers/dns/rfc2136/rfc2136.go b/vendor/github.com/xenolf/lego/providers/dns/rfc2136/rfc2136.go
index 43a95f18c..1f1af790f 100644
--- a/vendor/github.com/xenolf/lego/providers/dns/rfc2136/rfc2136.go
+++ b/vendor/github.com/xenolf/lego/providers/dns/rfc2136/rfc2136.go
@@ -23,11 +23,13 @@ type DNSProvider struct {
 }
 
 // NewDNSProvider returns a DNSProvider instance configured for rfc2136
-// dynamic update. Credentials must be passed in the environment variables:
-// RFC2136_NAMESERVER, RFC2136_TSIG_ALGORITHM, RFC2136_TSIG_KEY and
-// RFC2136_TSIG_SECRET. To disable TSIG authentication, leave the TSIG
-// variables unset. RFC2136_NAMESERVER must be a network address in the form
-// "host" or "host:port".
+// dynamic update. Credentials must be passed in environment variables:
+// RFC2136_NAMESERVER: Network address in the form "host" or "host:port".
+// RFC2136_TSIG_ALGORITHM: Defaults to hmac-md5.sig-alg.reg.int. (HMAC-MD5).
+// See https://github.com/miekg/dns/blob/master/tsig.go for supported values. 
+// RFC2136_TSIG_KEY: Name of the secret key as defined in DNS server configuration.
+// RFC2136_TSIG_SECRET: Secret key payload.
+// To disable TSIG authentication, leave the RFC2136_TSIG* variables unset.
 func NewDNSProvider() (*DNSProvider, error) {
 	nameserver := os.Getenv("RFC2136_NAMESERVER")
 	tsigAlgorithm := os.Getenv("RFC2136_TSIG_ALGORITHM")
-- 
cgit v1.2.3-1-g7c22