private void StartConsentFlow(string loginEndPoint, AzureADApp azureApp, string redirectUri, string token, HttpClient httpClient, PSObject record, CmdletMessageWriter messageWriter, List <PermissionScope> scopes)
{
Host.UI.WriteLine(ConsoleColor.Yellow, Host.UI.RawUI.BackgroundColor, $"Starting consent flow.");
var resource = scopes.FirstOrDefault(s => s.resourceAppId == PermissionScopes.ResourceAppId_Graph) != null ? $"https://{AzureAuthHelper.GetGraphEndPoint(AzureEnvironment)}/.default" : "https://microsoft.sharepoint-df.com/.default";
var consentUrl = $"{loginEndPoint}/{Tenant}/v2.0/adminconsent?client_id={azureApp.AppId}&scope={resource}&redirect_uri={redirectUri}";
if (OperatingSystem.IsWindows() && !NoPopup)
{
var waitTime = 60;
// CmdletMessageWriter.WriteFormattedWarning(this, $"Waiting {waitTime} seconds to launch the consent flow in a popup window.\n\nThis wait is required to make sure that Azure AD is able to initialize all required artifacts. You can always navigate to the consent page manually:\n\n{consentUrl}");
var progressRecord = new ProgressRecord(1, "Please wait...", $"Waiting {waitTime} seconds to launch the consent flow in a popup window. This wait is required to make sure that Azure AD is able to initialize all required artifacts.");
for (var i = 0; i < waitTime; i++)
{
progressRecord.PercentComplete = Convert.ToInt32((Convert.ToDouble(i) / Convert.ToDouble(waitTime)) * 100);
WriteProgress(progressRecord);
// if (Convert.ToDouble(i) % Convert.ToDouble(10) > 0)
// {
// Host.UI.Write(ConsoleColor.Yellow, Host.UI.RawUI.BackgroundColor, "-");
// }
// else
// {
// Host.UI.Write(ConsoleColor.Yellow, Host.UI.RawUI.BackgroundColor, $"[{i}]");
// }
System.Threading.Thread.Sleep(1000);
// Check if CTRL+C has been pressed and if so, abort the wait
if (Stopping)
{
Host.UI.WriteLine("Wait cancelled. You can provide consent manually by navigating to");
Host.UI.WriteLine(consentUrl);
break;
}
}
progressRecord.RecordType = ProgressRecordType.Completed;
WriteProgress(progressRecord);
if (!Stopping)
{
// Host.UI.WriteLine(ConsoleColor.Yellow, Host.UI.RawUI.BackgroundColor, $"[{waitTime}]");
// Host.UI.WriteLine();
if (ParameterSpecified(nameof(Interactive)))
{
using (var authManager = AuthenticationManager.CreateWithInteractiveLogin(azureApp.AppId, (url, port) =>
{
BrowserHelper.OpenBrowserForInteractiveLogin(url, port, true, cancellationTokenSource);
}, Tenant, "You successfully provided consent", "You failed to provide consent.", AzureEnvironment))
{
authManager.GetAccessToken(resource, Microsoft.Identity.Client.Prompt.Consent);
}
}
else
{
BrowserHelper.GetWebBrowserPopup(consentUrl, "Please provide consent", new[] { ("https://pnp.github.io/powershell/consent.html", BrowserHelper.UrlMatchType.StartsWith) }, cancellationTokenSource: cancellationTokenSource, cancelOnClose: false);
private PSObject ConvertToPSObject(AzureADApp app)
{
var permissionScopes = new PermissionScopes();
var o = new PSObject();
o.Properties.Add(new PSNoteProperty("AppId", app.AppId));
o.Properties.Add(new PSNoteProperty("DisplayName", app.DisplayName));
var graphPermissions = app.RequiredResourceAccess.FirstOrDefault(p => p.Id == PermissionScopes.ResourceAppId_Graph);
if (graphPermissions != null)
{
var p = graphPermissions.ResourceAccess.Select(p1 => permissionScopes.GetIdentifier(PermissionScopes.ResourceAppId_Graph, p1.Id, p1.Type)).ToArray();
o.Properties.Add(new PSNoteProperty("MicrosoftGraph", p));
}
var sharePointPermissions = app.RequiredResourceAccess.FirstOrDefault(p => p.Id == PermissionScopes.ResourceAppId_SPO);
if (sharePointPermissions != null)
{
var p = sharePointPermissions.ResourceAccess.Select(p2 => permissionScopes.GetIdentifier(PermissionScopes.ResourceAppId_SPO, p2.Id, p2.Type)).ToArray();
o.Properties.Add(new PSNoteProperty("SharePoint", p));
}
return(o);
}
