Update

devksingh4 · devksingh4 · commit 410ab92e3cf6 · 2025-10-05T02:03:14.000-05:00
diff --git a/src/dirsync/README.md b/src/dirsync/README.md
@@ -1 +1,11 @@
 # Entra ID to Google Workspace External Contact Sync
+
+
+# Creating certificates
+```bash
+openssl req -x509 -newkey rsa:2048 -keyout private-key.pem -out certificate.pem -days 7350 -nodes -subj "/CN=DirSync"
+cat private-key.pem certificate.pem > combined.pem
+base64 -i combined.pem -o combined-base64.txt
+```
+
+Upload `certificate.pem` to Azure, and the contents of `combined-base64.txt` to Secrets Manager.
diff --git a/src/dirsync/entra.ts b/src/dirsync/entra.ts
@@ -1,6 +1,7 @@
 import { Client } from "@microsoft/microsoft-graph-client";
 import { ClientCertificateCredential } from "@azure/identity";
 import { parseDisplayName } from "../common/utils.js";
+import { logger } from "./logging.js";
 
 export interface EntraUser {
   email: string;
@@ -24,13 +25,14 @@ interface GraphUser {
 export const createEntraClient = (
   tenantId: string,
   clientId: string,
-  clientCertificate: string, // Base64 encoded PFX or PEM certificate
+  clientCertificate: string,
 ): Client => {
-  // Decode the certificate from base64
-  const certificateBuffer = Buffer.from(clientCertificate, "base64");
-
+  logger.info("Creating the Entra ID client");
+  const certificatePem = Buffer.from(clientCertificate, "base64").toString(
+    "utf-8",
+  );
   const credential = new ClientCertificateCredential(tenantId, clientId, {
-    certificate: certificateBuffer.toString("utf-8"), // For PEM format
+    certificate: certificatePem,
   });
 
   return Client.initWithMiddleware({
@@ -51,7 +53,7 @@ export const createEntraClient = (
 export const getAllEntraUsers = async (
   client: Client,
 ): Promise<EntraUser[]> => {
-  console.log("Fetching users from Entra ID...");
+  logger.info("Fetching users from Entra ID...");
   const users: EntraUser[] = [];
 
   try {
@@ -104,7 +106,7 @@ export const getAllEntraUsers = async (
       }
     }
 
-    console.log(`Fetched ${users.length} users from Entra ID`);
+    logger.info(`Fetched ${users.length} users from Entra ID`);
     return users;
   } catch (error) {
     console.error("Error fetching Entra ID users:", error);
diff --git a/src/dirsync/sync.ts b/src/dirsync/sync.ts
@@ -10,14 +10,12 @@ export const handler = async (
   _context: Context,
 ): Promise<any> => {
   logger.info("Started the sync lambda handler!");
-  logger.info("Creating the Entra ID client");
   const entraClient = createEntraClient(
     secretConfig.entraTenantId,
     secretConfig.entraClientId,
     secretConfig.entraClientCertificate,
   );
   const entraUsers = await getAllEntraUsers(entraClient);
-  logger.info(`Retrieved ${entraUsers.length} users from Entra ID.`);
   return {
     statusCode: 200,
     body: JSON.stringify("Done!"),
