private void StartConsentFlow(string loginEndPoint, AzureADApp azureApp, string redirectUri, string token, HttpClient httpClient, PSObject record, CmdletMessageWriter messageWriter, List <PermissionScope> scopes) { Host.UI.WriteLine(ConsoleColor.Yellow, Host.UI.RawUI.BackgroundColor, $"Starting consent flow."); var resource = scopes.FirstOrDefault(s => s.resourceAppId == PermissionScopes.ResourceAppId_Graph) != null ? $"https://{AzureAuthHelper.GetGraphEndPoint(AzureEnvironment)}/.default" : "https://microsoft.sharepoint-df.com/.default"; var consentUrl = $"{loginEndPoint}/{Tenant}/v2.0/adminconsent?client_id={azureApp.AppId}&scope={resource}&redirect_uri={redirectUri}"; if (OperatingSystem.IsWindows() && !NoPopup) { var waitTime = 60; // CmdletMessageWriter.WriteFormattedWarning(this, $"Waiting {waitTime} seconds to launch the consent flow in a popup window.\n\nThis wait is required to make sure that Azure AD is able to initialize all required artifacts. You can always navigate to the consent page manually:\n\n{consentUrl}"); var progressRecord = new ProgressRecord(1, "Please wait...", $"Waiting {waitTime} seconds to launch the consent flow in a popup window. This wait is required to make sure that Azure AD is able to initialize all required artifacts."); for (var i = 0; i < waitTime; i++) { progressRecord.PercentComplete = Convert.ToInt32((Convert.ToDouble(i) / Convert.ToDouble(waitTime)) * 100); WriteProgress(progressRecord); // if (Convert.ToDouble(i) % Convert.ToDouble(10) > 0) // { // Host.UI.Write(ConsoleColor.Yellow, Host.UI.RawUI.BackgroundColor, "-"); // } // else // { // Host.UI.Write(ConsoleColor.Yellow, Host.UI.RawUI.BackgroundColor, $"[{i}]"); // } System.Threading.Thread.Sleep(1000); // Check if CTRL+C has been pressed and if so, abort the wait if (Stopping) { Host.UI.WriteLine("Wait cancelled. You can provide consent manually by navigating to"); Host.UI.WriteLine(consentUrl); break; } } progressRecord.RecordType = ProgressRecordType.Completed; WriteProgress(progressRecord); if (!Stopping) { // Host.UI.WriteLine(ConsoleColor.Yellow, Host.UI.RawUI.BackgroundColor, $"[{waitTime}]"); // Host.UI.WriteLine(); if (ParameterSpecified(nameof(Interactive))) { using (var authManager = AuthenticationManager.CreateWithInteractiveLogin(azureApp.AppId, (url, port) => { BrowserHelper.OpenBrowserForInteractiveLogin(url, port, true, cancellationTokenSource); }, Tenant, "You successfully provided consent", "You failed to provide consent.", AzureEnvironment)) { authManager.GetAccessToken(resource, Microsoft.Identity.Client.Prompt.Consent); } } else { BrowserHelper.GetWebBrowserPopup(consentUrl, "Please provide consent", new[] { ("https://pnp.github.io/powershell/consent.html", BrowserHelper.UrlMatchType.StartsWith) }, cancellationTokenSource: cancellationTokenSource, cancelOnClose: false);
private PSObject ConvertToPSObject(AzureADApp app) { var permissionScopes = new PermissionScopes(); var o = new PSObject(); o.Properties.Add(new PSNoteProperty("AppId", app.AppId)); o.Properties.Add(new PSNoteProperty("DisplayName", app.DisplayName)); var graphPermissions = app.RequiredResourceAccess.FirstOrDefault(p => p.Id == PermissionScopes.ResourceAppId_Graph); if (graphPermissions != null) { var p = graphPermissions.ResourceAccess.Select(p1 => permissionScopes.GetIdentifier(PermissionScopes.ResourceAppId_Graph, p1.Id, p1.Type)).ToArray(); o.Properties.Add(new PSNoteProperty("MicrosoftGraph", p)); } var sharePointPermissions = app.RequiredResourceAccess.FirstOrDefault(p => p.Id == PermissionScopes.ResourceAppId_SPO); if (sharePointPermissions != null) { var p = sharePointPermissions.ResourceAccess.Select(p2 => permissionScopes.GetIdentifier(PermissionScopes.ResourceAppId_SPO, p2.Id, p2.Type)).ToArray(); o.Properties.Add(new PSNoteProperty("SharePoint", p)); } return(o); }