-
Notifications
You must be signed in to change notification settings - Fork 257
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
T5285 Port Azure ID token to v3 (#208)
* add azure id token to v3 * exclude aws and azure tokens from auto-generation in frontend tests
- Loading branch information
1 parent
904a3c8
commit 677d34e
Showing
19 changed files
with
614 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
import logging | ||
from typing import Optional | ||
|
||
import requests | ||
from pydantic import HttpUrl | ||
|
||
from canarytokens.models import AzureID | ||
from canarytokens import tokens | ||
|
||
|
||
def get_azure_id( | ||
token: tokens.Canarytoken, | ||
server: str, | ||
cert_file_name: str, | ||
azure_url: Optional[HttpUrl] = None, | ||
app_id: Optional[str] = None, | ||
cert: Optional[str] = None, | ||
tenant_id: Optional[str] = None, | ||
cert_name: Optional[str] = None, | ||
) -> AzureID: # pragma: no cover | ||
if app_id and cert and tenant_id and cert_name: | ||
return AzureID( | ||
**{ | ||
"app_id": app_id, | ||
"cert": cert, | ||
"tenant_id": tenant_id, | ||
"cert_name": cert_name, | ||
"cert_file_name": cert_file_name, | ||
} | ||
) | ||
if not (token and server) or len(server) == 0: | ||
logging.error("Empty values passed through to get_azure_id function.") | ||
raise ValueError("get_azure_id requires token and server to be set.") | ||
if not azure_url: | ||
raise ValueError("get_azure_id requires azure_url to request from.") | ||
|
||
data = {"token": token.value(), "domain": server} | ||
|
||
resp = requests.post(url=azure_url, json=data) | ||
resp.raise_for_status() | ||
resp_json = resp.json() | ||
return AzureID( | ||
**{ | ||
"app_id": resp_json["app_id"], | ||
"cert": resp_json["cert"], | ||
"tenant_id": resp_json["tenant_id"], | ||
"cert_name": resp_json["cert_name"], | ||
"cert_file_name": cert_file_name, | ||
} | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.