static void EnsureTokenCache(PersistentAuthHelper persistentAuthHelper) { if (!persistentAuthHelper.IsCacheValid()) { throw new CommandLineException("There is no login token. Please login to acquire token."); } }
static AzureEnvironments GetAzureEnvironments(Uri uri, PersistentAuthHelper persistentAuthHelper) { var host = uri.Host; var graphs = Constants.AADGraphUrls.Where(url => url.IndexOf(host, StringComparison.OrdinalIgnoreCase) > 0); if (graphs.Count() > 1) { var env = persistentAuthHelper.AzureEnvironments; if (Constants.AADGraphUrls[(int)env].IndexOf(host, StringComparison.OrdinalIgnoreCase) > 0) { return env; } env = Utils.GetDefaultEnv(); if (Constants.AADGraphUrls[(int)env].IndexOf(host, StringComparison.OrdinalIgnoreCase) > 0) { return env; } } for (int i = 0; i < Constants.AADGraphUrls.Length; ++i) { var url = Constants.AADGraphUrls[i]; if (url.IndexOf(host, StringComparison.OrdinalIgnoreCase) > 0) { return (AzureEnvironments)i; } } for (int i = 0; i < Constants.CSMUrls.Length; ++i) { var url = Constants.CSMUrls[i]; if (url.IndexOf(host, StringComparison.OrdinalIgnoreCase) > 0) { return (AzureEnvironments)i; } } for (int i = 0; i < Constants.RdfeUrls.Length; ++i) { var url = Constants.RdfeUrls[i]; if (url.IndexOf(host, StringComparison.OrdinalIgnoreCase) > 0) { return (AzureEnvironments)i; } } for (int i = 0; i < Constants.SCMSuffixes.Length; ++i) { var suffix = Constants.SCMSuffixes[i]; if (host.IndexOf(suffix, StringComparison.OrdinalIgnoreCase) > 0) { return (AzureEnvironments)i; } } for (int i = 0; i < Constants.VsoSuffixes.Length; ++i) { var suffix = Constants.VsoSuffixes[i]; if (host.IndexOf(suffix, StringComparison.OrdinalIgnoreCase) > 0) { return (AzureEnvironments)i; } } return AzureEnvironments.Prod; }
static Uri EnsureAbsoluteUri(string path, PersistentAuthHelper persistentAuthHelper) { Uri ret; if (Uri.TryCreate(path, UriKind.Absolute, out ret)) { return ret; } var env = persistentAuthHelper.IsCacheValid() ? persistentAuthHelper.AzureEnvironments : Utils.GetDefaultEnv(); var parts = path.Split(new[] { '/', '?' }, StringSplitOptions.RemoveEmptyEntries); if (parts.Length <= 0 || String.Equals(parts[0], "tenants", StringComparison.OrdinalIgnoreCase) || String.Equals(parts[0], "subscriptions", StringComparison.OrdinalIgnoreCase) || String.Equals(parts[0], "providers", StringComparison.OrdinalIgnoreCase)) { return new Uri(new Uri(ARMClient.Authentication.Constants.CSMUrls[(int)env]), path); } Guid guid; if (Guid.TryParse(parts[0], out guid)) { if (path.Length > 1 && String.Equals(parts[1], "services", StringComparison.OrdinalIgnoreCase)) { return new Uri(new Uri(ARMClient.Authentication.Constants.RdfeUrls[(int)env]), path); } } return new Uri(new Uri(ARMClient.Authentication.Constants.AADGraphUrls[(int)env]), path); }
static async Task<JObject> GetAppObject(PersistentAuthHelper persistentAuthHelper, string tenant, string app) { Guid unused; var isGuid = Guid.TryParse(app, out unused); var path = isGuid ? String.Format("/{0}/applications?$filter=appId eq '{1}'&api-version=1.6", tenant, app) : String.Format("/{0}/applications?$filter=displayName eq '{1}'&api-version=1.6", tenant, app); var uri = EnsureAbsoluteUri(path, persistentAuthHelper); var subscriptionId = GetTenantOrSubscription(uri); TokenCacheInfo cacheInfo = persistentAuthHelper.GetToken(subscriptionId).Result; var json = await Utils.HttpGet(uri, cacheInfo); var apps = json.Value<JArray>("value"); if (apps.Count != 1) { throw new Exception("Invalid application!"); } return (JObject)apps[0]; }
static int Main(string[] args) { Utils.SetTraceListener(new ConsoleTraceListener()); try { var persistentAuthHelper = new PersistentAuthHelper(); persistentAuthHelper.AzureEnvironments = AzureEnvironments.Prod; if (args.Length > 0) { var _parameters = new CommandLineParameters(args); var verb = _parameters.Get(0, "verb"); if (String.Equals(verb, "login", StringComparison.OrdinalIgnoreCase)) { _parameters.ThrowIfUnknown(); persistentAuthHelper.AcquireTokens().Wait(); return 0; } else if (String.Equals(verb, "spn", StringComparison.OrdinalIgnoreCase)) { var tenantId = _parameters.Get(1, keyName: "tenant"); var appId = _parameters.Get(2, keyName: "appId"); EnsureGuidFormat(appId); X509Certificate2 certificate = null; var appKey = _parameters.Get(3, keyName: "appKey", requires: false); if (appKey == null) { appKey = PromptForPassword("appKey"); } else { if (File.Exists(appKey)) { var password = _parameters.Get(4, keyName: "password", requires: false); if (password == null) { password = PromptForPassword("password"); } certificate = new X509Certificate2(appKey, password); } } if (certificate == null) { appKey = Utils.EnsureBase64Key(appKey); } _parameters.ThrowIfUnknown(); persistentAuthHelper.AzureEnvironments = Utils.GetDefaultEnv(); var info = certificate != null ? AADHelper.AcquireTokenByX509(tenantId, appId, certificate).Result : AADHelper.AcquireTokenBySPN(tenantId, appId, appKey).Result; Clipboard.SetText(info.access_token); DumpClaims(info.access_token); Console.WriteLine(); Console.WriteLine("Token copied to clipboard successfully."); return 0; } else if (String.Equals(verb, "get-tenant", StringComparison.OrdinalIgnoreCase)) { var tenant = _parameters.Get(1, keyName: "tenant"); _parameters.ThrowIfUnknown(); var path = String.Format("/{0}/tenantDetails?api-version=1.6", tenant); var uri = EnsureAbsoluteUri(path, persistentAuthHelper); var subscriptionId = GetTenantOrSubscription(uri); TokenCacheInfo cacheInfo = persistentAuthHelper.GetToken(subscriptionId).Result; return HttpInvoke(uri, cacheInfo, "get", Utils.GetDefaultVerbose(), null).Result; } else if (String.Equals(verb, "get-tenant", StringComparison.OrdinalIgnoreCase)) { var tenant = _parameters.Get(1, keyName: "tenant"); _parameters.ThrowIfUnknown(); var path = String.Format("/{0}/tenantDetails/{0}?api-version=1.6", tenant); var uri = EnsureAbsoluteUri(path, persistentAuthHelper); var subscriptionId = GetTenantOrSubscription(uri); TokenCacheInfo cacheInfo = persistentAuthHelper.GetToken(subscriptionId).Result; return HttpInvoke(uri, cacheInfo, "get", Utils.GetDefaultVerbose(), null).Result; } else if (String.Equals(verb, "get-apps", StringComparison.OrdinalIgnoreCase)) { var tenant = _parameters.Get(1, keyName: "tenant"); _parameters.ThrowIfUnknown(); var path = String.Format("/{0}/applications?api-version=1.6", tenant); var uri = EnsureAbsoluteUri(path, persistentAuthHelper); var subscriptionId = GetTenantOrSubscription(uri); TokenCacheInfo cacheInfo = persistentAuthHelper.GetToken(subscriptionId).Result; return HttpInvoke(uri, cacheInfo, "get", Utils.GetDefaultVerbose(), null).Result; } else if (String.Equals(verb, "get-app", StringComparison.OrdinalIgnoreCase)) { var tenant = _parameters.Get(1, keyName: "tenant"); var app = _parameters.Get(2, keyName: "app"); _parameters.ThrowIfUnknown(); Guid unused; var isGuid = Guid.TryParse(app, out unused); var path = isGuid ? String.Format("/{0}/applications?$filter=appId eq '{1}'&api-version=1.6", tenant, app) : String.Format("/{0}/applications?$filter=displayName eq '{1}'&api-version=1.6", tenant, app); var uri = EnsureAbsoluteUri(path, persistentAuthHelper); var subscriptionId = GetTenantOrSubscription(uri); TokenCacheInfo cacheInfo = persistentAuthHelper.GetToken(subscriptionId).Result; return HttpInvoke(uri, cacheInfo, "get", Utils.GetDefaultVerbose(), null).Result; } else if (String.Equals(verb, "add-cred", StringComparison.OrdinalIgnoreCase)) { var tenant = _parameters.Get(1, keyName: "tenant"); var app = _parameters.Get(2, keyName: "app"); X509Certificate2 certificate = null; var appKey = _parameters.Get(3, keyName: "appKey", requires: false); if (appKey == null) { appKey = PromptForPassword("appKey"); } else { if (File.Exists(appKey)) { certificate = new X509Certificate2(appKey); if (certificate.HasPrivateKey) { throw new Exception("Certificate must not contain private key!"); } } } if (certificate == null) { appKey = Utils.EnsureBase64Key(appKey); } _parameters.ThrowIfUnknown(); var appObject = GetAppObject(persistentAuthHelper, tenant, app).Result; var appObjectId = GetAppObjectId(appObject); HttpContent content; if (certificate != null) { content = GetPatchContent(appObject, certificate); } else { content = GetPatchContent(appObject, appKey); } var path = String.Format("/{0}/directoryObjects/{1}/Microsoft.DirectoryServices.Application?api-version=1.6", tenant, appObjectId); var uri = EnsureAbsoluteUri(path, persistentAuthHelper); var subscriptionId = GetTenantOrSubscription(uri); TokenCacheInfo cacheInfo = persistentAuthHelper.GetToken(subscriptionId).Result; return HttpInvoke(uri, cacheInfo, "patch", Utils.GetDefaultVerbose(), content).Result; } else if (String.Equals(verb, "del-cred", StringComparison.OrdinalIgnoreCase)) { var tenant = _parameters.Get(1, keyName: "tenant"); var app = _parameters.Get(2, keyName: "app"); var keyId = _parameters.Get(3, keyName: "keyId"); EnsureGuidFormat(keyId); _parameters.ThrowIfUnknown(); var appObject = GetAppObject(persistentAuthHelper, tenant, app).Result; var appObjectId = GetAppObjectId(appObject); var content = GetRemoveContent(appObject, keyId); var path = String.Format("/{0}/directoryObjects/{1}/Microsoft.DirectoryServices.Application?api-version=1.6", tenant, appObjectId); var uri = EnsureAbsoluteUri(path, persistentAuthHelper); var subscriptionId = GetTenantOrSubscription(uri); TokenCacheInfo cacheInfo = persistentAuthHelper.GetToken(subscriptionId).Result; return HttpInvoke(uri, cacheInfo, "patch", Utils.GetDefaultVerbose(), content).Result; } else { throw new CommandLineException(String.Format("Parameter '{0}' is invalid!", verb)); } } PrintUsage(); return 1; } catch (Exception ex) { DumpException(ex); return -1; } }
static int Main(string[] args) { Utils.SetTraceListener(new ConsoleTraceListener()); try { var persistentAuthHelper = new PersistentAuthHelper(); if (args.Length > 0) { var _parameters = new CommandLineParameters(args); var verb = _parameters.Get(0, "verb"); if (String.Equals(verb, "login", StringComparison.OrdinalIgnoreCase)) { var env = _parameters.Get(1, requires: false); _parameters.ThrowIfUnknown(); persistentAuthHelper.AzureEnvironments = env == null ? Utils.GetDefaultEnv() : (AzureEnvironments)Enum.Parse(typeof(AzureEnvironments), args[1], ignoreCase: true); persistentAuthHelper.AcquireTokens().Wait(); return 0; } else if (String.Equals(verb, "listcache", StringComparison.OrdinalIgnoreCase)) { _parameters.ThrowIfUnknown(); EnsureTokenCache(persistentAuthHelper); foreach (var line in persistentAuthHelper.DumpTokenCache()) { Console.WriteLine(line); } return 0; } else if (String.Equals(verb, "clearcache", StringComparison.OrdinalIgnoreCase)) { _parameters.ThrowIfUnknown(); persistentAuthHelper.ClearTokenCache(); return 0; } else if (String.Equals(verb, "token", StringComparison.OrdinalIgnoreCase)) { var tenantId = _parameters.Get(1, requires: false); _parameters.ThrowIfUnknown(); if (tenantId != null && tenantId.StartsWith("ey")) { DumpClaims(tenantId); return 0; } EnsureTokenCache(persistentAuthHelper); persistentAuthHelper.AzureEnvironments = Utils.GetDefaultEnv(); TokenCacheInfo cacheInfo = persistentAuthHelper.GetToken(tenantId).Result; var bearer = cacheInfo.CreateAuthorizationHeader(); Clipboard.SetText(bearer); DumpClaims(cacheInfo.AccessToken); Console.WriteLine(); Console.WriteLine("Token copied to clipboard successfully."); return 0; } else if (String.Equals(verb, "spn", StringComparison.OrdinalIgnoreCase)) { var tenantId = _parameters.Get(1, keyName: "tenant"); var appId = _parameters.Get(2, keyName: "appId"); EnsureGuidFormat(appId); X509Certificate2 certificate = null; var appKey = _parameters.Get(3, keyName: "appKey", requires: false); if (appKey == null) { appKey = PromptForPassword("appKey"); } else { if (File.Exists(appKey)) { var password = _parameters.Get(4, keyName: "password", requires: false); if (password == null) { password = PromptForPassword("password"); } certificate = new X509Certificate2(appKey, password); } } if (certificate == null) { appKey = Utils.EnsureBase64Key(appKey); } _parameters.ThrowIfUnknown(); persistentAuthHelper.AzureEnvironments = Utils.GetDefaultEnv(); var cacheInfo = certificate != null ? persistentAuthHelper.GetTokenBySpn(tenantId, appId, certificate).Result : persistentAuthHelper.GetTokenBySpn(tenantId, appId, appKey).Result; return 0; } else if (String.Equals(verb, "upn", StringComparison.OrdinalIgnoreCase)) { var username = _parameters.Get(1, keyName: "username"); var password = _parameters.Get(2, keyName: "password", requires: false); if (password == null) { password = PromptForPassword("password"); } _parameters.ThrowIfUnknown(); persistentAuthHelper.AzureEnvironments = Utils.GetDefaultEnv(); var cacheInfo = persistentAuthHelper.GetTokenByUpn(username, password).Result; return 0; } else if (String.Equals(verb, "get", StringComparison.OrdinalIgnoreCase) || String.Equals(verb, "delete", StringComparison.OrdinalIgnoreCase) || String.Equals(verb, "put", StringComparison.OrdinalIgnoreCase) || String.Equals(verb, "post", StringComparison.OrdinalIgnoreCase) || String.Equals(verb, "patch", StringComparison.OrdinalIgnoreCase)) { var path = _parameters.Get(1, keyName: "url"); var verbose = _parameters.Get("-verbose", requires: false) != null || Utils.GetDefaultVerbose(); if (!verbose) { Trace.Listeners.Clear(); } var uri = EnsureAbsoluteUri(path, persistentAuthHelper); var env = GetAzureEnvironments(uri, persistentAuthHelper); if (!persistentAuthHelper.IsCacheValid() || persistentAuthHelper.AzureEnvironments != env) { persistentAuthHelper.AzureEnvironments = env; persistentAuthHelper.AcquireTokens().Wait(); } var content = ParseHttpContent(verb, _parameters); _parameters.ThrowIfUnknown(); var subscriptionId = GetTenantOrSubscription(uri); TokenCacheInfo cacheInfo = persistentAuthHelper.GetToken(subscriptionId).Result; return HttpInvoke(uri, cacheInfo, verb, verbose, content).Result; } else { throw new CommandLineException(String.Format("Parameter '{0}' is invalid!", verb)); } } PrintUsage(); return 1; } catch (Exception ex) { DumpException(ex); return -1; } }
static AzureEnvironments GetAzureEnvironments(Uri uri, PersistentAuthHelper persistentAuthHelper) { var host = uri.Host; for (int i = 0; i < Constants.AADGraphUrls.Length; ++i) { var url = Constants.AADGraphUrls[i]; if (url.IndexOf(host, StringComparison.OrdinalIgnoreCase) > 0) { if ((AzureEnvironments)i == AzureEnvironments.Prod) { return (AzureEnvironments)i; } if (!persistentAuthHelper.IsCacheValid()) { return (AzureEnvironments)i; } if (persistentAuthHelper.AzureEnvironments != AzureEnvironments.Prod) { return persistentAuthHelper.AzureEnvironments; } return (AzureEnvironments)i; } } for (int i = 0; i < Constants.CSMUrls.Length; ++i) { var url = Constants.CSMUrls[i]; if (url.IndexOf(host, StringComparison.OrdinalIgnoreCase) > 0) { return (AzureEnvironments)i; } } for (int i = 0; i < Constants.RdfeUrls.Length; ++i) { var url = Constants.RdfeUrls[i]; if (url.IndexOf(host, StringComparison.OrdinalIgnoreCase) > 0) { return (AzureEnvironments)i; } } for (int i = 0; i < Constants.SCMSuffixes.Length; ++i) { var suffix = Constants.SCMSuffixes[i]; if (host.IndexOf(suffix, StringComparison.OrdinalIgnoreCase) > 0) { return (AzureEnvironments)i; } } return AzureEnvironments.Prod; }