Skip to content

Commit

Permalink
Updated to support credential manager for appids
Browse files Browse the repository at this point in the history
  • Loading branch information
@erwinvanhunen
erwinvanhunen committed Sep 13, 2024
1 parent 5608e13 commit 72f78c7
Showing 1 changed file with 63 additions and 17 deletions.
80 changes: 63 additions & 17 deletions src/Commands/Base/ConnectOnline.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -507,6 +507,14 @@ private PnPConnection ConnectACSAppOnly()
ReuseAuthenticationManager();
}

if (ClientId == null)
{
ClientId = GetAppId();
if (ClientId != null)
{
WriteVerbose("Using Managed AppId from secure store");
}
}
WriteVerbose($"Using ClientID {ClientId}");

return PnPConnection.CreateWithACSAppOnly(new Uri(Url), Realm, ClientId, ClientSecret, TenantAdminUrl, AzureEnvironment);
Expand Down Expand Up @@ -567,16 +575,24 @@ private PnPConnection ConnectDeviceLogin()
}
else
{
var environmentAppId = Environment.GetEnvironmentVariable("ENTRAID_APP_ID") ?? Environment.GetEnvironmentVariable("ENTRAID_CLIENT_ID") ?? Environment.GetEnvironmentVariable("AZURE_CLIENT_ID");
if (!string.IsNullOrEmpty(environmentAppId))
clientId = GetAppId();
if (clientId == null)
{
clientId = environmentAppId;
var environmentAppId = Environment.GetEnvironmentVariable("ENTRAID_APP_ID") ?? Environment.GetEnvironmentVariable("ENTRAID_CLIENT_ID") ?? Environment.GetEnvironmentVariable("AZURE_CLIENT_ID");
if (!string.IsNullOrEmpty(environmentAppId))
{
clientId = environmentAppId;
}
else
{
//clientId = PnPConnection.PnPManagementShellClientId;
CmdletMessageWriter.WriteFormattedMessage(this, new CmdletMessageWriter.Message { Text = "Connecting with -DeviceLogin used the PnP Management Shell multi-tenant App Id for authentication. As of September 9th, 2024 this option is not available anymore. Refer to https://pnp.github.io/powershell/articles/registerapplication.html on how to register your own application.", Formatted = true, Type = CmdletMessageWriter.MessageType.Warning });
ThrowTerminatingError(new ErrorRecord(new NotSupportedException(), "PNPMGTSHELLNOTSUPPORTED", ErrorCategory.AuthenticationError, this));
}
}
else
{
//clientId = PnPConnection.PnPManagementShellClientId;
CmdletMessageWriter.WriteFormattedMessage(this, new CmdletMessageWriter.Message { Text = "Connecting with -DeviceLogin used the PnP Management Shell multi-tenant App Id for authentication. As of September 9th, 2024 this option is not available anymore. Refer to https://pnp.github.io/powershell/articles/registerapplication.html on how to register your own application.", Formatted = true, Type = CmdletMessageWriter.MessageType.Warning });
ThrowTerminatingError(new ErrorRecord(new NotSupportedException(), "PNPMGTSHELLNOTSUPPORTED", ErrorCategory.AuthenticationError, this));
WriteVerbose("Using Managed AppId from secure store");
}
}
Expand Down Expand Up @@ -702,16 +718,24 @@ private PnPConnection ConnectCredentials(PSCredential credentials, Initializatio
}
if (ClientId == null)
{
var environmentAppId = Environment.GetEnvironmentVariable("ENTRAID_APP_ID") ?? Environment.GetEnvironmentVariable("ENTRAID_CLIENT_ID") ?? Environment.GetEnvironmentVariable("AZURE_CLIENT_ID");
if (!string.IsNullOrEmpty(environmentAppId))
ClientId = GetAppId();
if (ClientId == null)
{
ClientId = environmentAppId;
var environmentAppId = Environment.GetEnvironmentVariable("ENTRAID_APP_ID") ?? Environment.GetEnvironmentVariable("ENTRAID_CLIENT_ID") ?? Environment.GetEnvironmentVariable("AZURE_CLIENT_ID");
if (!string.IsNullOrEmpty(environmentAppId))
{
ClientId = environmentAppId;
}
else
{
// ClientId = PnPConnection.PnPManagementShellClientId;
CmdletMessageWriter.WriteFormattedMessage(this, new CmdletMessageWriter.Message { Text = "As of September 9th, 2024 the option to use the PnP Management Shell app registration for authentication is not available anymore. Refer to https://pnp.github.io/powershell/articles/registerapplication.html on how to register your own application.", Formatted = true, Type = CmdletMessageWriter.MessageType.Warning });
ThrowTerminatingError(new ErrorRecord(new NotSupportedException(), "PNPMGTSHELLNOTSUPPORTED", ErrorCategory.AuthenticationError, this));
}
}
else
{
// ClientId = PnPConnection.PnPManagementShellClientId;
CmdletMessageWriter.WriteFormattedMessage(this, new CmdletMessageWriter.Message { Text = "As of September 9th, 2024 the option to use the PnP Management Shell app registration for authentication is not available anymore. Refer to https://pnp.github.io/powershell/articles/registerapplication.html on how to register your own application.", Formatted = true, Type = CmdletMessageWriter.MessageType.Warning });
ThrowTerminatingError(new ErrorRecord(new NotSupportedException(), "PNPMGTSHELLNOTSUPPORTED", ErrorCategory.AuthenticationError, this));
WriteVerbose("Using Managed AppId from secure store");
}
}

Expand All @@ -733,6 +757,7 @@ private PnPConnection ConnectCredentials(PSCredential credentials, Initializatio
RedirectUri, TransformationOnPrem, initializationType);
}


private PnPConnection ConnectManagedIdentity()
{
WriteVerbose("Connecting using an Azure Managed Identity");
Expand Down Expand Up @@ -784,6 +809,10 @@ private PnPConnection ConnectInteractive()
ThrowTerminatingError(new ErrorRecord(new NotSupportedException(), "PNPMGTSHELLNOTSUPPORTED", ErrorCategory.AuthenticationError, this));
}
}
else
{
WriteVerbose("Using Managed AppId from secure store");
}
}
if (Connection?.ClientId == ClientId && Connection?.ConnectionMethod == ConnectionMethod.Credentials)
{
Expand All @@ -807,6 +836,15 @@ private PnPConnection ConnectEnvironmentVariable(InitializationType initializati
string azureCertificatePath = Environment.GetEnvironmentVariable("AZURE_CLIENT_CERTIFICATE_PATH") ?? Environment.GetEnvironmentVariable("ENTRAID_APP_CERTIFICATE_PATH") ?? Environment.GetEnvironmentVariable("ENTRAID_CLIENT_CERTIFICATE_PATH");
string azureCertPassword = Environment.GetEnvironmentVariable("AZURE_CLIENT_CERTIFICATE_PASSWORD") ?? Environment.GetEnvironmentVariable("ENTRAID_APP_CERTIFICATE_PASSWORD") ?? Environment.GetEnvironmentVariable("ENTRAID_CLIENT_CERTIFICATE_PASSWORD");

if (azureClientId == null)
{
azureClientId = GetAppId();
if (azureClientId != null)
{
WriteVerbose("Using Managed AppId from secure store");
}
}

if (!string.IsNullOrEmpty(azureCertificatePath) && !string.IsNullOrEmpty(azureCertPassword))
{
if (!Path.IsPathRooted(azureCertificatePath))
Expand Down Expand Up @@ -849,7 +887,7 @@ private PnPConnection ConnectEnvironmentVariable(InitializationType initializati
{
if (string.IsNullOrEmpty(azureClientId))
{
azureClientId = PnPConnection.PnPManagementShellClientId;
//azureClientId = PnPConnection.PnPManagementShellClientId;
CmdletMessageWriter.WriteFormattedMessage(this, new CmdletMessageWriter.Message { Text = "Connecting without an Azure Client ID used then PnP Management Shell multi-tenant App Id for authentication. As of September 9th, 2024 this option is not available anymore. Refer to https://pnp.github.io/powershell/articles/registerapplication.html on how to register your own application.", Formatted = true, Type = CmdletMessageWriter.MessageType.Warning });
ThrowTerminatingError(new ErrorRecord(new NotSupportedException(), "PNPMGTSHELLNOTSUPPORTED", ErrorCategory.AuthenticationError, this));
}
Expand Down Expand Up @@ -892,10 +930,18 @@ private PnPConnection ConnectWithOSLogin()

if (ClientId == null)
{
var environmentAppId = Environment.GetEnvironmentVariable("ENTRAID_APP_ID") ?? Environment.GetEnvironmentVariable("ENTRAID_CLIENT_ID") ?? Environment.GetEnvironmentVariable("AZURE_CLIENT_ID");
if (!string.IsNullOrEmpty(environmentAppId))
ClientId = GetAppId();
if (ClientId == null)
{
var environmentAppId = Environment.GetEnvironmentVariable("ENTRAID_APP_ID") ?? Environment.GetEnvironmentVariable("ENTRAID_CLIENT_ID") ?? Environment.GetEnvironmentVariable("AZURE_CLIENT_ID");
if (!string.IsNullOrEmpty(environmentAppId))
{
ClientId = environmentAppId;
}
}
else
{
ClientId = environmentAppId;
WriteVerbose("Using Managed AppId from secure store");
}
}
if (Connection?.ClientId == ClientId && Connection?.ConnectionMethod == ConnectionMethod.Credentials)
Expand Down Expand Up @@ -981,7 +1027,7 @@ private string GetAppId()
var connectionUri = new Uri(Url);

// Try to get the credentials by full url
string appId = Utilities.CredentialManager.GetAppId(Url);
string appId = Utilities.CredentialManager.GetAppId(connectionUri.ToString());
if (appId == null)
{
// Try to get the credentials by splitting up the path
Expand Down

0 comments on commit 72f78c7

Please sign in to comment.