WataruHaniyama watahani
watahani
/ ValidateMicrosoftGraphToken.cs
Last active
April 26, 2023 08:03
This code validates the Microsoft Graph API tokens, but it is just experimental code. You SHOUD NOT validate tokens issued by other APIs than the one you control, not just the Microsoft Graph API. If you are trying to implement a program based on this code,chill out and read carefully the following thread. https://github.com/AzureAD/azure-active…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using Microsoft.IdentityModel.Tokens; | |
| using Microsoft.IdentityModel.Protocols.OpenIdConnect; | |
| using Microsoft.IdentityModel.JsonWebTokens; | |
| using Microsoft.IdentityModel.Protocols; | |
| using System.Text; | |
| using System.Text.RegularExpressions; | |
| // This code validates the Microsoft Graph API tokens, but it is just experimental code. | |
| // You SHOUD NOT validate tokens issued by other APIs than the one you control, not just the Microsoft Graph API. | |
| // If you are trying to implement a program based on this code,chill out and read carefully the following thread. |
watahani
/ ValidateJWT.cs
Created
December 16, 2021 12:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using Microsoft.IdentityModel.Tokens; | |
| using Microsoft.IdentityModel.Protocols.OpenIdConnect; | |
| using Microsoft.IdentityModel.JsonWebTokens; | |
| using Microsoft.IdentityModel.Protocols; | |
| // See https://aka.ms/new-console-template for more information | |
| var token = Console.ReadLine(); | |
| var configManager = new ConfigurationManager<OpenIdConnectConfiguration>("https://login.microsoftonline.com/69191dcf-9be5-47ba-9010-b356d335a6e4/v2.0/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever()); |
watahani
/ github-oidc-claims.json
Created
October 30, 2021 11:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "typ": "JWT", | |
| "alg": "RS256", | |
| "x5t": "2m3USeDoCVmc7N-zvbai19DCUDo", | |
| "kid": "DA6DD449E0E809599CECDFB3BDB6A2D7D0C2503A" | |
| }.{ | |
| "jti": "3784e7f9-f87b-4fd2-99cd-039b474ee0cb", | |
| "sub": "repo:watahani/secure-deployments-for-azure-lab:ref:refs/heads/main", | |
| "aud": "api://AzureADTokenExchange", | |
| "ref": "refs/heads/main", |
watahani
/ aquire-azure-token-github-oidc-curl.yml
Created
October 30, 2021 11:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Aquire Access Token using cURL | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: |
watahani
/ approle-permissions.json
Last active
June 15, 2022 02:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "AllowedMemberTypes": [ | |
| "Application" | |
| ], | |
| "Description": "Allows custom authentication extensions associated with the app to receive HTTP requests triggered by an authentication event. The request can include information about a user, client and resource service principals, and other information about the authentication.", | |
| "DisplayName": "Receive custom authentication extension HTTP requests", | |
| "Id": "214e810f-fda8-4fd7-a475-29461495eb00", | |
| "IsEnabled": true, | |
| "Origin": "Application", |
watahani
/ delegated-permissions.json
Last active
December 1, 2021 07:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "AdminConsentDescription": "Allows the app to read the presence information and write activity and availability on-behalf-of the signed-in user. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location.", | |
| "AdminConsentDisplayName": "Read and write a user\u0027s presence information", | |
| "Id": "8d3c54a7-cf58-4773-bf81-c0cd6ad522bb", | |
| "IsEnabled": true, | |
| "Origin": null, | |
| "Type": "User", | |
| "UserConsentDescription": "Allows the app to read the presence information and write activity and availability on-behalf-of the signed-in user. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location.", | |
| "UserConsentDisplayName": "Read and write your presence information", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>Choose your account</title> | |
| <meta charset="utf-8" /> | |
| <meta http-equiv="X-UA-Compatible" content="IE=edge"> | |
| <meta name="viewport" content="width=device-width, initial-scale=1"> | |
| <link href="https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css" rel="stylesheet" type="text/css" /> |
watahani
/ device-authorization-for-aad.ps1
Created
April 24, 2021 07:20
watahani
/ client-credentials-with-cert-for-aad.ps1
Last active
April 25, 2021 00:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Convert-HexToBytes{ | |
| [OutputType([Microsoft.PowerShell.Commands.ByteCollection])] | |
| param ( | |
| [Parameter(Mandatory = $true, ValueFromPipeline = $true)] | |
| [string]$hex | |
| ) | |
| process { | |
| $hex = $hex.Trim() | |
| $splitStrings = @(":", " ") |
watahani
/ client-credentials-for-aad.ps1
Last active
October 20, 2021 06:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $clientId = '<client-id>' | |
| $clientSecret = '<client-secret>' | |
| $tenantId = "<your-tenant-id>" | |
| $scope = 'https://graph.microsoft.com/.default' | |
| $tokenEndpoint = "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" | |
| $postParams = @{ | |
| client_id = $clientId; | |
| client_secret = $clientSecret; | |
| grant_type = 'client_credentials'; | |
| scope = $scope |
NewerOlder