private Tuple<IAccessToken, string> GetToken(IAuthenticationFactory authFactory, AzureContext context, AzureEnvironment.Endpoint resourceIdEndpoint)
{
if (context.Account == null)
throw new ArgumentException(KeyVaultProperties.Resources.ArmAccountNotFound);
if (context.Account.Type != AzureAccount.AccountType.User &&
context.Account.Type != AzureAccount.AccountType.ServicePrincipal)
throw new ArgumentException(string.Format(KeyVaultProperties.Resources.UnsupportedAccountType, context.Account.Type));
if (context.Subscription != null && context.Account != null)
TenantId = context.Subscription.GetPropertyAsArray(AzureSubscription.Property.Tenants)
.Intersect(context.Account.GetPropertyAsArray(AzureAccount.Property.Tenants))
.FirstOrDefault();
if (string.IsNullOrWhiteSpace(TenantId) && context.Tenant != null && context.Tenant.Id != Guid.Empty)
TenantId = context.Tenant.Id.ToString();
if (string.IsNullOrWhiteSpace(TenantId))
throw new ArgumentException(KeyVaultProperties.Resources.NoTenantInContext);
try
{
var accesstoken = authFactory.Authenticate(context.Account, context.Environment, TenantId, null, ShowDialog.Auto,
resourceIdEndpoint);
return Tuple.Create(accesstoken, context.Environment.Endpoints[resourceIdEndpoint]);
}
catch (Exception ex)
{
throw new ArgumentException(KeyVaultProperties.Resources.InvalidSubscriptionState, ex);
}
}
public IAccessToken Authenticate(
AzureAccount account,
AzureEnvironment environment,
string tenant,
SecureString password,
ShowDialog promptBehavior,
TokenCache tokenCache,
AzureEnvironment.Endpoint resourceId = AzureEnvironment.Endpoint.ActiveDirectoryServiceEndpointResourceId)
{
var configuration = GetAdalConfiguration(environment, tenant, resourceId, tokenCache);
TracingAdapter.Information(Resources.AdalAuthConfigurationTrace, configuration.AdDomain, configuration.AdEndpoint,
configuration.ClientId, configuration.ClientRedirectUri, configuration.ResourceClientUri, configuration.ValidateAuthority);
IAccessToken token;
if (account.IsPropertySet(AzureAccount.Property.CertificateThumbprint))
{
var thumbprint = account.GetProperty(AzureAccount.Property.CertificateThumbprint);
token = TokenProvider.GetAccessTokenWithCertificate(configuration, account.Id, thumbprint, account.Type);
}
else
{
token = TokenProvider.GetAccessToken(configuration, promptBehavior, account.Id, password, account.Type);
}
account.Id = token.UserId;
return token;
}
public AzureContext(AzureSubscription subscription, AzureAccount account, AzureEnvironment environment, AzureTenant tenant)
{
Subscription = subscription;
Account = account;
Environment = environment;
Tenant = tenant;
}
public IAccessToken Authenticate(
AzureAccount account,
AzureEnvironment environment,
string tenant,
SecureString password,
ShowDialog promptBehavior,
IdentityModel.Clients.ActiveDirectory.TokenCache tokenCache,
AzureEnvironment.Endpoint resourceId = AzureEnvironment.Endpoint.ActiveDirectoryServiceEndpointResourceId)
{
if (account.Id == null)
{
account.Id = "test";
}
if (TokenProvider == null)
{
return new MockAccessToken()
{
AccessToken = account.Id,
LoginType = LoginType.OrgId,
UserId = account.Id
};
}
else
{
return TokenProvider(account, environment, tenant);
}
}
public DataServiceCredential(IAuthenticationFactory authFactory, AzureContext context, AzureEnvironment.Endpoint resourceIdEndpoint)
{
if (authFactory == null)
throw new ArgumentNullException("authFactory");
if (context == null)
throw new ArgumentNullException("context");
var bundle = GetToken(authFactory, context, resourceIdEndpoint);
this.token = bundle.Item1;
}
public static IHDInsightSubscriptionCredentials GetSubscriptionCertificateCredentials(this IAzureHDInsightCommonCommandBase command,
AzureSubscription currentSubscription, AzureAccount azureAccount, AzureEnvironment environment)
{
return new HDInsightCertificateCredential
{
SubscriptionId = currentSubscription.Id,
Certificate = AzureSession.DataStore.GetCertificate(currentSubscription.Account),
Endpoint = environment.GetEndpointAsUri(AzureEnvironment.Endpoint.ServiceManagement),
};
}
public IAccessToken Authenticate(
AzureAccount account,
AzureEnvironment environment,
string tenant,
SecureString password,
ShowDialog promptBehavior,
AzureEnvironment.Endpoint resourceId = AzureEnvironment.Endpoint.ActiveDirectoryServiceEndpointResourceId)
{
return Authenticate(account, environment, tenant, password, promptBehavior, AzureSession.TokenCache, resourceId);
}
public void ProfileSerializeDeserializeWorks()
{
var dataStore = new MockDataStore();
AzureSession.DataStore = dataStore;
var profilePath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, AzureSession.ProfileFile);
var currentProfile = new AzureRMProfile(profilePath);
var tenantId = Guid.NewGuid().ToString();
var environment = new AzureEnvironment
{
Name = "testCloud",
Endpoints = { { AzureEnvironment.Endpoint.ActiveDirectory, "http://contoso.com" } }
};
var account = new AzureAccount
{
Id = "*****@*****.**",
Type = AzureAccount.AccountType.User,
Properties = { { AzureAccount.Property.Tenants, tenantId } }
};
var sub = new AzureSubscription
{
Account = account.Id,
Environment = environment.Name,
Id = new Guid(),
Name = "Contoso Test Subscription",
Properties = { { AzureSubscription.Property.Tenants, tenantId } }
};
var tenant = new AzureTenant
{
Id = new Guid(tenantId),
Domain = "contoso.com"
};
currentProfile.Context = new AzureContext(sub, account, environment, tenant);
currentProfile.Environments[environment.Name] = environment;
currentProfile.Context.TokenCache = new byte[] { 1, 2, 3, 4, 5, 6, 8, 9, 0 };
AzureRMProfile deserializedProfile;
// Round-trip the exception: Serialize and de-serialize with a BinaryFormatter
BinaryFormatter bf = new BinaryFormatter();
using (MemoryStream ms = new MemoryStream())
{
// "Save" object state
bf.Serialize(ms, currentProfile);
// Re-use the same stream for de-serialization
ms.Seek(0, 0);
// Replace the original exception with de-serialized one
deserializedProfile = (AzureRMProfile)bf.Deserialize(ms);
}
Assert.NotNull(deserializedProfile);
var jCurrentProfile = currentProfile.ToString();
var jDeserializedProfile = deserializedProfile.ToString();
Assert.Equal(jCurrentProfile, jDeserializedProfile);
}
public DataServiceCredential(IAuthenticationFactory authFactory, AzureContext context, AzureEnvironment.Endpoint resourceIdEndpoint)
{
if (authFactory == null)
throw new ArgumentNullException("authFactory");
if (context == null)
throw new ArgumentNullException("context");
_authenticationFactory = authFactory;
_context = context;
_endpointName = resourceIdEndpoint;
this.TenantId = GetTenantId(context);
}
public void ProfileSaveDoesNotSerializeContext()
{
var dataStore = new MockDataStore();
var profilePath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, AzureSession.ProfileFile);
var profile = new AzureSMProfile(profilePath);
AzureSession.DataStore = dataStore;
var tenant = Guid.NewGuid().ToString();
var environment = new AzureEnvironment
{
Name = "testCloud",
Endpoints = { { AzureEnvironment.Endpoint.ActiveDirectory, "http://contoso.com" } }
};
var account = new AzureAccount
{
Id = "*****@*****.**",
Type = AzureAccount.AccountType.User,
Properties = { { AzureAccount.Property.Tenants, tenant } }
};
var sub = new AzureSubscription
{
Account = account.Id,
Environment = environment.Name,
Id = new Guid(),
Name = "Contoso Test Subscription",
Properties = { { AzureSubscription.Property.Tenants, tenant } }
};
profile.Environments[environment.Name] = environment;
profile.Accounts[account.Id] = account;
profile.Subscriptions[sub.Id] = sub;
profile.Save();
var profileFile = profile.ProfilePath;
string profileContents = dataStore.ReadFileAsText(profileFile);
var readProfile = JsonConvert.DeserializeObject<Dictionary<string, object>>(profileContents);
Assert.False(readProfile.ContainsKey("DefaultContext"));
AzureSMProfile parsedProfile = new AzureSMProfile();
var serializer = new JsonProfileSerializer();
Assert.True(serializer.Deserialize(profileContents, parsedProfile));
Assert.NotNull(parsedProfile);
Assert.NotNull(parsedProfile.Environments);
Assert.True(parsedProfile.Environments.ContainsKey(environment.Name));
Assert.NotNull(parsedProfile.Accounts);
Assert.True(parsedProfile.Accounts.ContainsKey(account.Id));
Assert.NotNull(parsedProfile.Subscriptions);
Assert.True(parsedProfile.Subscriptions.ContainsKey(sub.Id));
}
public static IHDInsightSubscriptionCredentials GetAccessTokenCredentials(this IAzureHDInsightCommonCommandBase command,
AzureSubscription currentSubscription, AzureAccount azureAccount, AzureEnvironment environment)
{
ProfileClient profileClient = new ProfileClient(new AzureSMProfile(Path.Combine(AzureSession.ProfileDirectory, AzureSession.ProfileFile)));
AzureContext azureContext = new AzureContext(currentSubscription, azureAccount, environment);
var cloudCredentials = AzureSession.AuthenticationFactory.GetSubscriptionCloudCredentials(azureContext) as AccessTokenCredential;
if (cloudCredentials != null)
{
var field= typeof(AccessTokenCredential).GetField("token", BindingFlags.NonPublic | BindingFlags.GetField | BindingFlags.Instance);
var accessToken = field.GetValue(cloudCredentials) as IAccessToken;
if (accessToken != null)
{
return new HDInsightAccessTokenCredential()
{
SubscriptionId = currentSubscription.Id,
AccessToken = accessToken.AccessToken
};
}
}
return null;
}
public IAccessToken Authenticate(
AzureAccount account,
AzureEnvironment environment,
string tenant,
SecureString password,
ShowDialog promptBehavior,
IdentityModel.Clients.ActiveDirectory.TokenCache tokenCache,
AzureEnvironment.Endpoint resourceId = AzureEnvironment.Endpoint.ActiveDirectoryServiceEndpointResourceId)
{
if (account.Id == null)
{
account.Id = "test";
}
var token = new MockAccessToken
{
UserId = account.Id,
LoginType = LoginType.OrgId,
AccessToken = "123"
};
return token;
}
public static IHDInsightSubscriptionCredentials GetSubscriptionCredentials(
this IAzureHDInsightCommonCommandBase command,
AzureSubscription currentSubscription,
AzureEnvironment environment,
AzureSMProfile profile)
{
var accountId = currentSubscription.Account;
Debug.Assert(profile.Accounts.ContainsKey(accountId));
if (profile.Accounts[accountId].Type == AzureAccount.AccountType.Certificate)
{
return GetSubscriptionCertificateCredentials(command, currentSubscription, profile.Accounts[accountId], environment);
}
else if (profile.Accounts[accountId].Type == AzureAccount.AccountType.User)
{
return GetAccessTokenCredentials(command, currentSubscription, profile.Accounts[accountId], environment);
}
else if (profile.Accounts[accountId].Type == AzureAccount.AccountType.ServicePrincipal)
{
return GetAccessTokenCredentials(command, currentSubscription, profile.Accounts[accountId], environment);
}
throw new NotSupportedException();
}
/// <summary>
/// Creates new instance of AzureContext.
/// </summary>
/// <param name="subscription">The azure subscription object</param>
/// <param name="account">The azure account object</param>
/// <param name="environment">The azure environment object</param>
public AzureContext(AzureSubscription subscription, AzureAccount account, AzureEnvironment environment)
: this(subscription, account, environment, null)
{
}
public SubscriptionCloudCredentials GetSubscriptionCloudCredentials(AzureContext context, AzureEnvironment.Endpoint targetEndpoint)
{
throw new System.NotImplementedException();
}
public ServiceClientCredentials GetServiceClientCredentials(AzureContext context, AzureEnvironment.Endpoint targetEndpoint)
{
throw new NotImplementedException();
}
public override void ExecuteCmdlet()
{
if ((Name == "AzureCloud") ||
(Name == "AzureChinaCloud") ||
(Name == "AzureUSGovernment"))
{
throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture,
Resources.CannotChangeBuiltinEnvironment, Name));
}
var newEnvironment = new AzureEnvironment { Name = Name, OnPremise = EnableAdfsAuthentication };
if (ProfileClient.Profile.Environments.ContainsKey(Name))
{
newEnvironment = ProfileClient.Profile.Environments[Name];
}
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.PublishSettingsFileUrl, PublishSettingsFileUrl);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.ServiceManagement, ServiceEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.ResourceManager, ResourceManagerEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.ManagementPortalUrl, ManagementPortalUrl);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.StorageEndpointSuffix, StorageEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.ActiveDirectory, ActiveDirectoryEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.ActiveDirectoryServiceEndpointResourceId, ActiveDirectoryServiceEndpointResourceId);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.Gallery, GalleryEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.Graph, GraphEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.AzureKeyVaultDnsSuffix, AzureKeyVaultDnsSuffix);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.AzureKeyVaultServiceEndpointResourceId, AzureKeyVaultServiceEndpointResourceId);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.TrafficManagerDnsSuffix, TrafficManagerDnsSuffix);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.SqlDatabaseDnsSuffix, SqlDatabaseDnsSuffix);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.AdTenant, AdTenant);
ProfileClient.AddOrSetEnvironment(newEnvironment);
WriteObject((PSAzureEnvironment)newEnvironment);
}
/// <summary>
/// Creates new instance of AzureContext.
/// </summary>
/// <param name="subscription">The azure subscription object</param>
/// <param name="account">The azure account object</param>
/// <param name="environment">The azure environment object</param>
public AzureContext(AzureSubscription subscription, AzureAccount account, AzureEnvironment environment)
: this(subscription, account, environment, null)
{
}
public override void ExecuteCmdlet()
{
ConfirmAction("updating environment", Name,
() =>
{
var profileClient = new RMProfileClient(AzureRmProfileProvider.Instance.Profile);
foreach (var key in AzureEnvironment.PublicEnvironments.Keys)
{
if (string.Equals(Name, key, StringComparison.OrdinalIgnoreCase))
{
throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture,
"Cannot change built-in environment {0}.", key));
}
}
var newEnvironment = new AzureEnvironment { Name = Name, OnPremise = EnableAdfsAuthentication };
if (AzureRmProfileProvider.Instance.Profile.Environments.ContainsKey(Name))
{
newEnvironment = AzureRmProfileProvider.Instance.Profile.Environments[Name];
}
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.PublishSettingsFileUrl,
PublishSettingsFileUrl);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.ServiceManagement, ServiceEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.ResourceManager,
ResourceManagerEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.ManagementPortalUrl,
ManagementPortalUrl);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.StorageEndpointSuffix,
StorageEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.ActiveDirectory,
ActiveDirectoryEndpoint);
SetEndpointIfProvided(newEnvironment,
AzureEnvironment.Endpoint.ActiveDirectoryServiceEndpointResourceId,
ActiveDirectoryServiceEndpointResourceId);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.Gallery, GalleryEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.Graph, GraphEndpoint);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.AzureKeyVaultDnsSuffix,
AzureKeyVaultDnsSuffix);
SetEndpointIfProvided(newEnvironment,
AzureEnvironment.Endpoint.AzureKeyVaultServiceEndpointResourceId,
AzureKeyVaultServiceEndpointResourceId);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.TrafficManagerDnsSuffix,
TrafficManagerDnsSuffix);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.SqlDatabaseDnsSuffix,
SqlDatabaseDnsSuffix);
SetEndpointIfProvided(newEnvironment,
AzureEnvironment.Endpoint.AzureDataLakeAnalyticsCatalogAndJobEndpointSuffix,
AzureDataLakeAnalyticsCatalogAndJobEndpointSuffix);
SetEndpointIfProvided(newEnvironment,
AzureEnvironment.Endpoint.AzureDataLakeStoreFileSystemEndpointSuffix,
AzureDataLakeStoreFileSystemEndpointSuffix);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.AdTenant, AdTenant);
SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.GraphEndpointResourceId,
GraphAudience);
profileClient.AddOrSetEnvironment(newEnvironment);
WriteObject((PSAzureEnvironment)newEnvironment);
});
}
private IEnumerable<AzureSubscription> ListSubscriptionsFromServer(AzureAccount account, AzureEnvironment environment, SecureString password, ShowDialog promptBehavior)
{
string[] tenants = null;
try
{
if (!account.IsPropertySet(AzureAccount.Property.Tenants))
{
tenants = LoadAccountTenants(account, environment, password, promptBehavior);
}
else
{
var storedTenants = account.GetPropertyAsArray(AzureAccount.Property.Tenants);
if (account.Type == AzureAccount.AccountType.User && storedTenants.Count() == 1)
{
TracingAdapter.Information(Resources.AuthenticatingForSingleTenant, account.Id, storedTenants[0]);
AzureSession.AuthenticationFactory.Authenticate(account, environment, storedTenants[0], password,
promptBehavior);
}
}
}
catch (AadAuthenticationException aadEx)
{
WriteOrThrowAadExceptionMessage(aadEx);
return new AzureSubscription[0];
}
try
{
tenants = tenants ?? account.GetPropertyAsArray(AzureAccount.Property.Tenants);
List<AzureSubscription> rdfeSubscriptions = ListServiceManagementSubscriptions(account, environment,
password, ShowDialog.Never, tenants).ToList();
// Set user ID
foreach (var subscription in rdfeSubscriptions)
{
account.SetOrAppendProperty(AzureAccount.Property.Subscriptions, subscription.Id.ToString());
}
if (rdfeSubscriptions.Any())
{
return rdfeSubscriptions;
}
else
{
return new AzureSubscription[0];
}
}
catch (AadAuthenticationException aadEx)
{
WriteOrThrowAadExceptionMessage(aadEx);
return new AzureSubscription[0];
}
}
private IEnumerable<AzureSubscription> ListSubscriptionsFromServerForAllAccounts(AzureEnvironment environment)
{
// Get all AD accounts and iterate
var accountNames = Profile.Accounts.Keys;
List<AzureSubscription> subscriptions = new List<AzureSubscription>();
foreach (var accountName in accountNames.ToArray())
{
var account = Profile.Accounts[accountName];
if (account.Type != AzureAccount.AccountType.Certificate)
{
subscriptions.AddRange(ListSubscriptionsFromServer(account, environment, null, ShowDialog.Never));
}
AddOrSetAccount(account);
}
if (subscriptions.Any())
{
return subscriptions;
}
else
{
return new AzureSubscription[0];
}
}
public List<AzureSubscription> RefreshSubscriptions(AzureEnvironment environment)
{
if (environment == null)
{
throw new ArgumentNullException("environment");
}
var subscriptionsFromServer = ListSubscriptionsFromServerForAllAccounts(environment);
// Update back Profile.Subscriptions
foreach (var subscription in subscriptionsFromServer)
{
// Resetting back default account
if (Profile.Subscriptions.ContainsKey(subscription.Id))
{
subscription.Account = Profile.Subscriptions[subscription.Id].Account;
}
AddOrSetSubscription(subscription);
}
return Profile.Subscriptions.Values.ToList();
}
public AzureAccount AddAccountAndLoadSubscriptions(AzureAccount account, AzureEnvironment environment, SecureString password)
{
if (environment == null)
{
throw new ArgumentNullException("environment");
}
if (account == null)
{
throw new ArgumentNullException("account");
}
var subscriptionsFromServer = ListSubscriptionsFromServer(
account,
environment,
password,
password == null ? ShowDialog.Always : ShowDialog.Never).ToList();
// If account id is null the login failed
if (account.Id != null)
{
// Update back Profile.Subscriptions
foreach (var subscription in subscriptionsFromServer)
{
AddOrSetSubscription(subscription);
}
if (Profile.DefaultSubscription == null)
{
var firstSubscription = Profile.Subscriptions.Values.FirstOrDefault();
if (firstSubscription != null)
{
SetSubscriptionAsDefault(firstSubscription.Name, firstSubscription.Account);
}
}
return Profile.Accounts[account.Id];
}
else
{
return null;
}
}
/// <summary>
/// Creates new instance of AzureContext.
/// </summary>
/// <param name="account">The azure account object</param>
/// <param name="environment">The azure environment object</param>
/// <param name="tenant">The azure tenant object</param>
public AzureContext(AzureAccount account, AzureEnvironment environment, AzureTenant tenant)
: this(null, account, environment, tenant)
{
}
/// <summary>
/// Creates new instance of AzureContext.
/// </summary>
/// <param name="account">The azure account object</param>
/// <param name="environment">The azure environment object</param>
/// <param name="tenant">The azure tenant object</param>
public AzureContext(AzureAccount account, AzureEnvironment environment, AzureTenant tenant)
: this(null, account, environment, tenant)
{
}
private IEnumerable<AzureSubscription> ListServiceManagementSubscriptions(AzureAccount account, AzureEnvironment environment, SecureString password, ShowDialog promptBehavior, string[] tenants)
{
List<AzureSubscription> result = new List<AzureSubscription>();
if (!environment.IsEndpointSet(AzureEnvironment.Endpoint.ServiceManagement))
{
return result;
}
foreach (var tenant in tenants)
{
try
{
var tenantAccount = new AzureAccount();
CopyAccount(account, tenantAccount);
var tenantToken = AzureSession.AuthenticationFactory.Authenticate(tenantAccount, environment, tenant, password, ShowDialog.Never);
if (string.Equals(tenantAccount.Id, account.Id, StringComparison.InvariantCultureIgnoreCase))
{
tenantAccount = account;
}
tenantAccount.SetOrAppendProperty(AzureAccount.Property.Tenants, new string[] { tenant });
using (var subscriptionClient = AzureSession.ClientFactory.CreateCustomClient<SubscriptionClient>(
new TokenCloudCredentials(tenantToken.AccessToken),
environment.GetEndpointAsUri(AzureEnvironment.Endpoint.ServiceManagement)))
{
var subscriptionListResult = subscriptionClient.Subscriptions.List();
foreach (var subscription in subscriptionListResult.Subscriptions)
{
// only add the subscription if it's actually in this tenant
if (subscription.ActiveDirectoryTenantId == tenant)
{
AzureSubscription psSubscription = new AzureSubscription
{
Id = new Guid(subscription.SubscriptionId),
Name = subscription.SubscriptionName,
Environment = environment.Name
};
psSubscription.SetProperty(AzureSubscription.Property.Tenants,
subscription.ActiveDirectoryTenantId);
psSubscription.Account = tenantAccount.Id;
tenantAccount.SetOrAppendProperty(AzureAccount.Property.Subscriptions,
new string[] { psSubscription.Id.ToString() });
result.Add(psSubscription);
}
}
}
AddOrSetAccount(tenantAccount);
}
catch (CloudException cEx)
{
WriteOrThrowAadExceptionMessage(cEx);
}
catch (AadAuthenticationException aadEx)
{
WriteOrThrowAadExceptionMessage(aadEx);
}
}
return result;
}
public SubscriptionCloudCredentials GetSubscriptionCloudCredentials(AzureContext context, AzureEnvironment.Endpoint targetEndpoint)
{
return new AccessTokenCredential(context.Subscription.Id, Token);
}
private void SetMockData()
{
commonTenant = new TenantIdDescription
{
Id = "Common",
TenantId = "Common"
};
guestTenant = new TenantIdDescription
{
Id = "Guest",
TenantId = "Guest"
};
rdfeSubscription1 = new RDFESubscription
{
SubscriptionId = "16E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E",
SubscriptionName = "RdfeSub1",
SubscriptionStatus = Microsoft.WindowsAzure.Subscriptions.Models.SubscriptionStatus.Active,
ActiveDirectoryTenantId = "Common"
};
rdfeSubscription2 = new RDFESubscription
{
SubscriptionId = "26E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E",
SubscriptionName = "RdfeSub2",
SubscriptionStatus = Microsoft.WindowsAzure.Subscriptions.Models.SubscriptionStatus.Warned,
ActiveDirectoryTenantId = "Common"
};
guestRdfeSubscription = new RDFESubscription
{
SubscriptionId = "26E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1C",
SubscriptionName = "RdfeSub2",
SubscriptionStatus = Microsoft.WindowsAzure.Subscriptions.Models.SubscriptionStatus.Active,
ActiveDirectoryTenantId = "Guest"
};
csmSubscription1 = new CSMSubscription
{
Id = "Subscriptions/36E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E",
DisplayName = "CsmSub1",
State = "Active",
SubscriptionId = "36E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E"
};
csmSubscription1withDuplicateId = new CSMSubscription
{
Id = "Subscriptions/16E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E",
DisplayName = "RdfeSub1",
State = "Active",
SubscriptionId = "16E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E"
};
csmSubscription2 = new CSMSubscription
{
Id = "Subscriptions/46E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E",
DisplayName = "CsmSub2",
State = "Active",
SubscriptionId = "46E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E"
};
guestCsmSubscription = new CSMSubscription
{
Id = "Subscriptions/76E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1D",
DisplayName = "CsmGuestSub",
State = "Active",
SubscriptionId = "76E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1D"
};
azureSubscription1 = new AzureSubscription
{
Id = new Guid("56E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E"),
Name = "LocalSub1",
Environment = "Test",
Account = "test",
Properties = new Dictionary<AzureSubscription.Property, string>
{
{ AzureSubscription.Property.Default, "True" }
}
};
azureSubscription2 = new AzureSubscription
{
Id = new Guid("66E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E"),
Name = "LocalSub2",
Environment = "Test",
Account = "test"
};
azureSubscription3withoutUser = new AzureSubscription
{
Id = new Guid("76E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E"),
Name = "LocalSub3",
Environment = "Test",
};
azureEnvironment = new AzureEnvironment
{
Name = "Test",
Endpoints = new Dictionary<AzureEnvironment.Endpoint, string>
{
{ AzureEnvironment.Endpoint.ServiceManagement, "https://umapi.rdfetest.dnsdemo4.com:8443/" },
{ AzureEnvironment.Endpoint.ManagementPortalUrl, "https://windows.azure-test.net" },
{ AzureEnvironment.Endpoint.AdTenant, "https://login.windows-ppe.net/" },
{ AzureEnvironment.Endpoint.ActiveDirectory, "https://login.windows-ppe.net/" },
{ AzureEnvironment.Endpoint.Gallery, "https://current.gallery.azure-test.net" },
{ AzureEnvironment.Endpoint.ResourceManager, "https://api-current.resources.windows-int.net/" },
}
};
azureAccount = new AzureAccount
{
Id = "test",
Type = AzureAccount.AccountType.User,
Properties = new Dictionary<AzureAccount.Property, string>
{
{ AzureAccount.Property.Subscriptions, azureSubscription1.Id + "," + azureSubscription2.Id }
}
};
newProfileDataPath = Path.Combine(AzureSession.ProfileDirectory, AzureSession.ProfileFile);
oldProfileDataPath = Path.Combine(AzureSession.ProfileDirectory, AzureSession.OldProfileFile);
oldProfileDataPathError = Path.Combine(AzureSession.ProfileDirectory, AzureSession.OldProfileFileBackup);
oldProfileData = @"<?xml version=""1.0"" encoding=""utf-8""?>
<ProfileData xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns=""http://schemas.datacontract.org/2004/07/Microsoft.Azure.Common.Authentication"">
<DefaultEnvironmentName>AzureCloud</DefaultEnvironmentName>
<Environments>
<AzureEnvironmentData>
<ActiveDirectoryServiceEndpointResourceId>https://management.core.windows.net/</ActiveDirectoryServiceEndpointResourceId>
<AdTenantUrl>https://login.windows-ppe.net/</AdTenantUrl>
<CommonTenantId>Common</CommonTenantId>
<GalleryEndpoint>https://current.gallery.azure-test.net</GalleryEndpoint>
<ManagementPortalUrl>http://go.microsoft.com/fwlink/?LinkId=254433</ManagementPortalUrl>
<Name>Current</Name>
<PublishSettingsFileUrl>d:\Code\azure.publishsettings</PublishSettingsFileUrl>
<ResourceManagerEndpoint>https://api-current.resources.windows-int.net/</ResourceManagerEndpoint>
<ServiceEndpoint>https://umapi.rdfetest.dnsdemo4.com:8443/</ServiceEndpoint>
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<StorageEndpointSuffix i:nil=""true"" />
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureEnvironmentData>
<AzureEnvironmentData>
<ActiveDirectoryServiceEndpointResourceId>https://management.core.windows.net/</ActiveDirectoryServiceEndpointResourceId>
<AdTenantUrl>https://login.windows-ppe.net/</AdTenantUrl>
<CommonTenantId>Common</CommonTenantId>
<GalleryEndpoint>https://df.gallery.azure-test.net</GalleryEndpoint>
<ManagementPortalUrl>https://windows.azure-test.net</ManagementPortalUrl>
<Name>Dogfood</Name>
<PublishSettingsFileUrl>https://auxnext.windows.azure-test.net/publishsettings/index</PublishSettingsFileUrl>
<ResourceManagerEndpoint>https://api-dogfood.resources.windows-int.net</ResourceManagerEndpoint>
<ServiceEndpoint>https://management-preview.core.windows-int.net/</ServiceEndpoint>
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<StorageEndpointSuffix i:nil=""true"" />
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureEnvironmentData>
</Environments>
<Subscriptions>
<AzureSubscriptionData>
<ActiveDirectoryEndpoint i:nil=""true"" />
<ActiveDirectoryServiceEndpointResourceId i:nil=""true"" />
<ActiveDirectoryTenantId i:nil=""true"" />
<ActiveDirectoryUserId i:nil=""true"" />
<CloudStorageAccount i:nil=""true"" />
<GalleryEndpoint i:nil=""true"" />
<IsDefault>true</IsDefault>
<LoginType i:nil=""true"" />
<ManagementCertificate i:nil=""true""/>
<ManagementEndpoint>https://management.core.windows.net/</ManagementEndpoint>
<Name>Test</Name>
<RegisteredResourceProviders xmlns:d4p1=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"" />
<ResourceManagerEndpoint i:nil=""true"" />
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<SubscriptionId>06E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1E</SubscriptionId>
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureSubscriptionData>
<AzureSubscriptionData>
<ActiveDirectoryEndpoint i:nil=""true"" />
<ActiveDirectoryServiceEndpointResourceId i:nil=""true"" />
<ActiveDirectoryTenantId>123</ActiveDirectoryTenantId>
<ActiveDirectoryUserId>[email protected]</ActiveDirectoryUserId>
<CloudStorageAccount i:nil=""true"" />
<GalleryEndpoint i:nil=""true"" />
<IsDefault>true</IsDefault>
<LoginType i:nil=""true"" />
<ManagementCertificate i:nil=""true""/>
<ManagementEndpoint>https://management-preview.core.windows-int.net/</ManagementEndpoint>
<Name>Test 2</Name>
<RegisteredResourceProviders xmlns:d4p1=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"" />
<ResourceManagerEndpoint i:nil=""true"" />
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<SubscriptionId>06E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1F</SubscriptionId>
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureSubscriptionData>
<AzureSubscriptionData>
<ActiveDirectoryEndpoint>https://login.windows.net/</ActiveDirectoryEndpoint>
<ActiveDirectoryServiceEndpointResourceId>https://management.core.windows.net/</ActiveDirectoryServiceEndpointResourceId>
<ActiveDirectoryTenantId>72f988bf-86f1-41af-91ab-2d7cd011db47</ActiveDirectoryTenantId>
<ActiveDirectoryUserId>[email protected]</ActiveDirectoryUserId>
<CloudStorageAccount i:nil=""true"" />
<GalleryEndpoint i:nil=""true"" />
<IsDefault>false</IsDefault>
<LoginType i:nil=""true"" />
<ManagementCertificate>3AF24D48B97730E5C4C9CCB12397B5E046F79E09</ManagementCertificate>
<ManagementEndpoint>https://management.core.windows.net/</ManagementEndpoint>
<Name>Test 3</Name>
<RegisteredResourceProviders xmlns:d4p1=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"" />
<ResourceManagerEndpoint i:nil=""true"" />
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<SubscriptionId>d1e52cbc-b073-42e2-a0a0-c2f547118a6f</SubscriptionId>
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureSubscriptionData>
<AzureSubscriptionData>
<ActiveDirectoryEndpoint i:nil=""true"" />
<ActiveDirectoryServiceEndpointResourceId i:nil=""true"" />
<ActiveDirectoryTenantId i:nil=""true"" />
<ActiveDirectoryUserId i:nil=""true"" />
<CloudStorageAccount i:nil=""true"" />
<GalleryEndpoint i:nil=""true"" />
<IsDefault>false</IsDefault>
<LoginType i:nil=""true"" />
<ManagementCertificate>3AF24D48B97730E5C4C9CCB12397B5E046F79E09</ManagementCertificate>
<ManagementEndpoint>https://management.core.chinacloudapi.cn/</ManagementEndpoint>
<Name>Mooncake Test</Name>
<RegisteredResourceProviders xmlns:d4p1=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"" />
<ResourceManagerEndpoint i:nil=""true"" />
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<SubscriptionId>c14d7dc5-ed4d-4346-a02f-9f1bcf78fb66</SubscriptionId>
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureSubscriptionData>
</Subscriptions>
</ProfileData>";
oldProfileDataBadSubscription = @"<?xml version=""1.0"" encoding=""utf-8""?>
<ProfileData xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns=""http://schemas.datacontract.org/2004/07/Microsoft.Azure.Common.Authentication"">
<DefaultEnvironmentName>AzureCloud</DefaultEnvironmentName>
<Environments>
</Environments>
<Subscriptions>
<AzureSubscriptionData>
<ActiveDirectoryEndpoint i:nil=""true"" />
<ActiveDirectoryServiceEndpointResourceId i:nil=""true"" />
<ActiveDirectoryTenantId i:nil=""true"" />
<ActiveDirectoryUserId i:nil=""true"" />
<CloudStorageAccount i:nil=""true"" />
<GalleryEndpoint i:nil=""true"" />
<IsDefault>true</IsDefault>
<LoginType i:nil=""true"" />
<ManagementCertificate i:nil=""true""/>
<ManagementEndpoint>https://management.core.windows.net/</ManagementEndpoint>
<Name>Test Nill ID</Name>
<RegisteredResourceProviders xmlns:d4p1=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"" />
<ResourceManagerEndpoint i:nil=""true"" />
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<SubscriptionId i:nil=""true"" />
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureSubscriptionData>
<AzureSubscriptionData>
<ActiveDirectoryEndpoint i:nil=""true"" />
<ActiveDirectoryServiceEndpointResourceId i:nil=""true"" />
<ActiveDirectoryTenantId i:nil=""true"" />
<ActiveDirectoryUserId>[email protected]</ActiveDirectoryUserId>
<CloudStorageAccount i:nil=""true"" />
<GalleryEndpoint i:nil=""true"" />
<IsDefault>true</IsDefault>
<LoginType i:nil=""true"" />
<ManagementCertificate i:nil=""true""/>
<ManagementEndpoint>Bad Data</ManagementEndpoint>
<Name>Test Bad Management Endpoint</Name>
<RegisteredResourceProviders xmlns:d4p1=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"" />
<ResourceManagerEndpoint i:nil=""true"" />
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<SubscriptionId>06E3F6FD-A3AA-439A-8FC4-1F5C41D2AD1F</SubscriptionId>
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureSubscriptionData>
<AzureSubscriptionData>
<ActiveDirectoryEndpoint i:nil=""true"" />
<ActiveDirectoryServiceEndpointResourceId i:nil=""true"" />
<ActiveDirectoryTenantId i:nil=""true"" />
<ActiveDirectoryUserId>[email protected]</ActiveDirectoryUserId>
<CloudStorageAccount i:nil=""true"" />
<GalleryEndpoint i:nil=""true"" />
<IsDefault>true</IsDefault>
<LoginType i:nil=""true"" />
<ManagementCertificate i:nil=""true""/>
<ManagementEndpoint i:nil=""true""/>
<Name>Test Null Management Endpoint</Name>
<RegisteredResourceProviders xmlns:d4p1=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"" />
<ResourceManagerEndpoint i:nil=""true"" />
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<SubscriptionId>06E3F6FD-A3AA-439A-8FC4-1F5C41D2ADFF</SubscriptionId>
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureSubscriptionData>
<AzureSubscriptionData>
<ActiveDirectoryEndpoint>https://login.windows.net/</ActiveDirectoryEndpoint>
<ActiveDirectoryServiceEndpointResourceId>https://management.core.windows.net/</ActiveDirectoryServiceEndpointResourceId>
<ActiveDirectoryTenantId>72f988bf-86f1-41af-91ab-2d7cd011db47</ActiveDirectoryTenantId>
<ActiveDirectoryUserId>[email protected]</ActiveDirectoryUserId>
<CloudStorageAccount i:nil=""true"" />
<GalleryEndpoint i:nil=""true"" />
<IsDefault>false</IsDefault>
<LoginType i:nil=""true"" />
<ManagementCertificate>3AF24D48B97730E5C4C9CCB12397B5E046F79E99</ManagementCertificate>
<ManagementEndpoint>https://management.core.windows.net/</ManagementEndpoint>
<Name>Test Bad Cert</Name>
<RegisteredResourceProviders xmlns:d4p1=""http://schemas.microsoft.com/2003/10/Serialization/Arrays"" />
<ResourceManagerEndpoint i:nil=""true"" />
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<SubscriptionId>d1e52cbc-b073-42e2-a0a0-c2f547118a6f</SubscriptionId>
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureSubscriptionData>
</Subscriptions>
</ProfileData>";
oldProfileDataCorruptedFile = @"<?xml version=""1.0"" encoding=""utf-8""?>
<ProfileData xmlns:i=""http://www.w3.org/2001/XMLSchema-instance"" xmlns=""http://schemas.datacontract.org/2004/07/Microsoft.Azure.Common.Authentication"">
<DefaultEnvironmentName>AzureCloud</DefaultEnvironmentName>
<Environments bad>
<AzureEnvironmentData>
<ActiveDirectoryServiceEndpointResourceId>https://management.core.windows.net/</ActiveDirectoryServiceEndpointResourceId>
<AdTenantUrl>https://login.windows-ppe.net/</AdTenantUrl>
<CommonTenantId>Common</CommonTenantId>
<GalleryEndpoint>https://current.gallery.azure-test.net</GalleryEndpoint>
<ManagementPortalUrl>http://go.microsoft.com/fwlink/?LinkId=254433</ManagementPortalUrl>
<Name>Current</Name>
<PublishSettingsFileUrl>d:\Code\azure.publishsettings</PublishSettingsFileUrl>
<ResourceManagerEndpoint>https://api-current.resources.windows-int.net/</ResourceManagerEndpoint>
<ServiceEndpoint>https://umapi.rdfetest.dnsdemo4.com:8443/</ServiceEndpoint>
<SqlDatabaseDnsSuffix>.database.windows.net</SqlDatabaseDnsSuffix>
<StorageEndpointSuffix i:nil=""true"" />
<TrafficManagerDnsSuffix>trafficmanager.net</TrafficManagerDnsSuffix>
</AzureEnvironmentData>
<Subscriptions>
</Subscriptions>
</ProfileData>";
}
private string[] LoadAccountTenants(AzureAccount account, AzureEnvironment environment, SecureString password, ShowDialog promptBehavior)
{
var commonTenantToken = AzureSession.AuthenticationFactory.Authenticate(account, environment,
AuthenticationFactory.CommonAdTenant, password, promptBehavior);
using (SubscriptionClient SubscriptionClient = AzureSession.ClientFactory
.CreateCustomClient<SubscriptionClient>(
new TokenCloudCredentials(commonTenantToken.AccessToken),
environment.GetEndpointAsUri(AzureEnvironment.Endpoint.ServiceManagement)))
{
var subscriptionListResult = SubscriptionClient.Subscriptions.List();
return subscriptionListResult.Subscriptions.Select(s => s.ActiveDirectoryTenantId).Distinct().ToArray();
}
}
public void SetAzureEnvironmentUpdatesEnvironment()
{
MemoryDataStore dataStore = new MemoryDataStore();
AzureSession.DataStore = dataStore;
currentProfile = new AzureSMProfile(Path.Combine(AzureSession.ProfileDirectory, AzureSession.ProfileFile));
ProfileClient client = new ProfileClient(currentProfile);
Assert.Equal(4, client.Profile.Environments.Count);
Assert.Throws<ArgumentNullException>(() => client.AddOrSetEnvironment(null));
var env2 = client.AddOrSetEnvironment(azureEnvironment);
Assert.Equal(env2.Name, azureEnvironment.Name);
Assert.NotNull(env2.Endpoints[AzureEnvironment.Endpoint.ServiceManagement]);
AzureEnvironment newEnv = new AzureEnvironment
{
Name = azureEnvironment.Name
};
newEnv.Endpoints[AzureEnvironment.Endpoint.Graph] = "foo";
env2 = client.AddOrSetEnvironment(newEnv);
Assert.Equal("foo", env2.Endpoints[AzureEnvironment.Endpoint.Graph]);
Assert.NotNull(env2.Endpoints[AzureEnvironment.Endpoint.ServiceManagement]);
}
private void SetEndpointIfProvided(AzureEnvironment newEnvironment, AzureEnvironment.Endpoint endpoint, string property)
{
if (!string.IsNullOrEmpty(property))
{
newEnvironment.Endpoints[endpoint] = property;
}
}
private AzureEnvironment MergeEnvironmentProperties(AzureEnvironment environment1, AzureEnvironment environment2)
{
if (environment1 == null || environment2 == null)
{
throw new ArgumentNullException("environment1");
}
if (!string.Equals(environment1.Name, environment2.Name, StringComparison.InvariantCultureIgnoreCase))
{
throw new ArgumentException("Environment names do not match.");
}
AzureEnvironment mergedEnvironment = new AzureEnvironment
{
Name = environment1.Name
};
// Merge all properties
foreach (AzureEnvironment.Endpoint property in Enum.GetValues(typeof(AzureEnvironment.Endpoint)))
{
string propertyValue = environment1.GetEndpoint(property) ?? environment2.GetEndpoint(property);
if (propertyValue != null)
{
mergedEnvironment.Endpoints[property] = propertyValue;
}
}
return mergedEnvironment;
}