File: Get-AADIdentityFromGithubUser.ps1

package info (click to toggle)
golang-github-azure-azure-sdk-for-go 68.0.0-2
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, forky, sid, trixie
  • size: 556,256 kB
  • sloc: javascript: 196; sh: 96; makefile: 7
file content (81 lines) | stat: -rw-r--r-- 2,253 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
<#
.DESCRIPTION
Get the corresponding ms alias from github identity
.PARAMETER AadToken
The aad access token.
.PARAMETER GithubName
Github identity. E.g sima-zhu
.PARAMETER ContentType
Content type of http requests.
.PARAMETER AdditionalHeaders
Additional parameters for http request headers in key-value pair format, e.g. @{ key1 = val1; key2 = val2; key3 = val3}
#>
[CmdletBinding(SupportsShouldProcess = $true)]
param(
  [Parameter(Mandatory = $true)]
  [string]$TenantId,
  
  [Parameter(Mandatory = $true)]
  [string]$ClientId,
  
  [Parameter(Mandatory = $true)]
  [string]$ClientSecret,

  [Parameter(Mandatory = $true)]
  [string]$GithubUser
)
Set-StrictMode -Version 3

. "${PSScriptRoot}\common.ps1"

$OpensourceAPIBaseURI = "https://repos.opensource.microsoft.com/api/people/links/github/$GithubUser"

function Generate-AadToken ($TenantId, $ClientId, $ClientSecret) {
    $LoginAPIBaseURI = "https://login.microsoftonline.com/$TenantId/oauth2/token"
    try {
        $headers = @{
            "content-type" = "application/x-www-form-urlencoded"
        }
        
        $body = @{
            "grant_type" = "client_credentials"
            "client_id" = $ClientId
            "client_secret" = $ClientSecret
            "resource" = "api://repos.opensource.microsoft.com/audience/7e04aa67"
        }
        Write-Host "Generating aad token..."
        $resp = Invoke-RestMethod $LoginAPIBaseURI -Method 'POST' -Headers $headers -Body $body
    }
    catch { 
        LogError $_
        exit 1
    }
    
    return $resp.access_token
} 

$Headers = @{
    "Content-Type" = "application/json"
    "api-version" = "2019-10-01"
}

try {
    $opsAuthToken = Generate-AadToken -TenantId $TenantId -ClientId $ClientId -ClientSecret $ClientSecret
    $Headers["Authorization"] = "Bearer $opsAuthToken"
    Write-Host "Fetching aad identity for github user: $GithubName"
    $resp = Invoke-RestMethod $OpensourceAPIBaseURI -Method 'GET' -Headers $Headers
}
catch { 
    LogError $_
    exit 1
}

$resp | Write-Verbose

if ($resp.aad) {
    Write-Host "Fetched aad identity $($resp.aad.alias) for github user $GithubName."
    return $resp.aad.alias
}

LogError "Failed to retrieve the aad identity from given github user: $GithubName"
exit 1