This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using Microsoft.IdentityModel.Tokens; | |
using Microsoft.IdentityModel.Protocols.OpenIdConnect; | |
using Microsoft.IdentityModel.JsonWebTokens; | |
using Microsoft.IdentityModel.Protocols; | |
using System.Text; | |
using System.Text.RegularExpressions; | |
// This code validates the Microsoft Graph API tokens, but it is just experimental code. | |
// You SHOUD NOT validate tokens issued by other APIs than the one you control, not just the Microsoft Graph API. | |
// If you are trying to implement a program based on this code,chill out and read carefully the following thread. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using Microsoft.IdentityModel.Tokens; | |
using Microsoft.IdentityModel.Protocols.OpenIdConnect; | |
using Microsoft.IdentityModel.JsonWebTokens; | |
using Microsoft.IdentityModel.Protocols; | |
// See https://aka.ms/new-console-template for more information | |
var token = Console.ReadLine(); | |
var configManager = new ConfigurationManager<OpenIdConnectConfiguration>("https://login.microsoftonline.com/69191dcf-9be5-47ba-9010-b356d335a6e4/v2.0/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever()); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"typ": "JWT", | |
"alg": "RS256", | |
"x5t": "2m3USeDoCVmc7N-zvbai19DCUDo", | |
"kid": "DA6DD449E0E809599CECDFB3BDB6A2D7D0C2503A" | |
}.{ | |
"jti": "3784e7f9-f87b-4fd2-99cd-039b474ee0cb", | |
"sub": "repo:watahani/secure-deployments-for-azure-lab:ref:refs/heads/main", | |
"aud": "api://AzureADTokenExchange", | |
"ref": "refs/heads/main", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Aquire Access Token using cURL | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
permissions: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ | |
{ | |
"AllowedMemberTypes": [ | |
"Application" | |
], | |
"Description": "Allows custom authentication extensions associated with the app to receive HTTP requests triggered by an authentication event. The request can include information about a user, client and resource service principals, and other information about the authentication.", | |
"DisplayName": "Receive custom authentication extension HTTP requests", | |
"Id": "214e810f-fda8-4fd7-a475-29461495eb00", | |
"IsEnabled": true, | |
"Origin": "Application", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ | |
{ | |
"AdminConsentDescription": "Allows the app to read the presence information and write activity and availability on-behalf-of the signed-in user. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location.", | |
"AdminConsentDisplayName": "Read and write a user\u0027s presence information", | |
"Id": "8d3c54a7-cf58-4773-bf81-c0cd6ad522bb", | |
"IsEnabled": true, | |
"Origin": null, | |
"Type": "User", | |
"UserConsentDescription": "Allows the app to read the presence information and write activity and availability on-behalf-of the signed-in user. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location.", | |
"UserConsentDisplayName": "Read and write your presence information", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>Choose your account</title> | |
<meta charset="utf-8" /> | |
<meta http-equiv="X-UA-Compatible" content="IE=edge"> | |
<meta name="viewport" content="width=device-width, initial-scale=1"> | |
<link href="https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css" rel="stylesheet" type="text/css" /> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Convert-HexToBytes{ | |
[OutputType([Microsoft.PowerShell.Commands.ByteCollection])] | |
param ( | |
[Parameter(Mandatory = $true, ValueFromPipeline = $true)] | |
[string]$hex | |
) | |
process { | |
$hex = $hex.Trim() | |
$splitStrings = @(":", " ") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$clientId = '<client-id>' | |
$clientSecret = '<client-secret>' | |
$tenantId = "<your-tenant-id>" | |
$scope = 'https://graph.microsoft.com/.default' | |
$tokenEndpoint = "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" | |
$postParams = @{ | |
client_id = $clientId; | |
client_secret = $clientSecret; | |
grant_type = 'client_credentials'; | |
scope = $scope |
NewerOlder