Add Microsoft Graph Client
What does this MR do and why?
Related to #414873 (closed)
Adds a client to call the Microsoft API - the token endpoint to get an OAuth access token, and then the graph endpoint to get a user's groups.
- https://learn.microsoft.com/en-us/graph/api/user-list-transitivememberof?view=graph-rest-1.0
- https://learn.microsoft.com/en-us/graph/auth-v2-service
I considered using the official SDK gem - https://github.com/microsoftgraph/msgraph-sdk-ruby. But it relies on a much newer version of Faraday, which would require us to test and upgrade quite a few gems we already have that rely on Faraday. Since we only need a small subset of the API endpoints, and so we can use Gitlab::HTTP
for security purposes, I think building our own client was a better choice.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
It's current not that feasible to have the review set up and test locally. It would require setting up an Azure dev account with Active Directory, configuring the API permissions, etc. That's why I provided the fixtures, which are copied directly from API test calls to their API (with sensitive info removed).
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.