Created
August 1, 2019 10:45
-
-
Save jeevan-vj/6354561561025aac9a7d5b4f7f67ded8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#This function generate auth token using azure sdk | |
Function GetAuthTokenUsingAzureSdk { | |
Param ( | |
[Parameter(Mandatory)][ValidateNotNull()][ValidateNotNullOrEmpty()] | |
[String]$apiEndpointUri, | |
[Parameter(Mandatory)][ValidateNotNull()][ValidateNotNullOrEmpty()] | |
[String]$tenantId, | |
[Parameter(Mandatory)][ValidateNotNull()][ValidateNotNullOrEmpty()] | |
[String]$applicationId, | |
[Parameter(Mandatory)][ValidateNotNull()][ValidateNotNullOrEmpty()] | |
[String]$secret | |
) | |
try { | |
$adal = "${env:ProgramFiles(x86)}\Microsoft SDKs\Azure\PowerShell\ServiceManagement\Azure\Services\Microsoft.IdentityModel.Clients.ActiveDirectory.dll" | |
[System.Reflection.Assembly]::LoadFrom($adal) | Out-Null | |
$authorityUri = "https://login.microsoftonline.com/$tenantId/oauth2/token" | |
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authorityUri | |
$credential = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.ClientCredential" -ArgumentList $applicationId, $secret | |
return $authContext.AcquireTokenAsync($apiEndpointUri, $credential).Result.AccessToken; | |
} | |
catch { | |
throw | |
} | |
} | |
#This function generate auth token using REST api | |
Function GetAuthTokenInvokingRestApi { | |
Param( | |
[Parameter(Mandatory)][ValidateNotNull()][ValidateNotNullOrEmpty()] | |
[String]$tenantId, | |
[Parameter(Mandatory)][ValidateNotNull()][ValidateNotNullOrEmpty()] | |
[String]$applicationId, | |
[Parameter(Mandatory)][ValidateNotNull()][ValidateNotNullOrEmpty()] | |
[String]$secret, | |
[Parameter(Mandatory)][ValidateNotNull()][ValidateNotNullOrEmpty()] | |
[string]$apiEndpointUri | |
) | |
$encodedSecret = [System.Web.HttpUtility]::UrlEncode($secret) | |
$RequestAccessTokenUri = "https://login.microsoftonline.com/$tenantId/oauth2/token" | |
$body = "grant_type=client_credentials&client_id=$applicationId&client_secret=$encodedSecret&resource=$apiEndpointUri" | |
$contentType = 'application/x-www-form-urlencoded' | |
try { | |
$Token = Invoke-RestMethod -Method Post -Uri $RequestAccessTokenUri -Body $body -ContentType $contentType | |
Write-Output $Token | |
} | |
catch { throw } | |
} | |
$apiEndpointUri = "https://management.azure.com/" | |
$tenantId = "xxxxxx-xxxxx-xxxx-xxx-xxxx" | |
$applicationId = "xxxx-xxxx-xxxx-xxxx-xxxxx" | |
$secret = "xxxxxxxxxx" | |
$authToken = GetAuthTokenUsingAzureSdk -apiEndpointUri $apiEndpointUri -tenantId $tenantId -applicationId $applicationId -secret $secret | |
if (-not $authToken) { throw "One of the provided login information is invalid 'tenantId: $tenantId', 'applicationId: $applicationId', 'secret: $secret' " } | |
Write-Host "Auth token by GetAuthTokenUsingAzureSdk :" | |
Write-Host $authToken -ForegroundColor Yellow | |
Write-Host "---------------------------------------" | |
$authToken = GetAuthTokenInvokingRestApi -apiEndpointUri $apiEndpointUri -tenantId $tenantId -applicationId $applicationId -secret $secret | |
if (-not $authToken) { throw "One of the provided login information is invalid 'tenantId: $tenantId', 'applicationId: $applicationId', 'secret: $secret' " } | |
Write-Host "Auth token by GetAuthTokenInvokingRestApi :" | |
Write-Host $authToken -ForegroundColor Yellow | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment