ExternalVendorCode/onefuzz
1
0
Fork 0
mirror of https://github.com/microsoft/onefuzz.git synced 2025-06-16 11:58:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

retry when preauthorized application are invalid (#1175)

Browse Source
This commit is contained in:
Cheick Keita
2021-08-25 09:53:13 -07:00
committed by GitHub
parent 0371139740
commit 822fa13667
1 changed files with 34 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
src/deployment/registration.py
View File

@ -5,6 +5,7 @@
import argparse import argparse
import logging import logging
import re
import time import time
import urllib.parse import urllib.parse
from datetime import datetime, timedelta from datetime import datetime, timedelta
@ -85,15 +86,16 @@ OperationResult = TypeVar("OperationResult")
def retry( def retry(
operation: Callable[[], OperationResult], operation: Callable[[Any], OperationResult],
description: str, description: str,
tries: int = 10, tries: int = 10,
wait_duration: int = 10, wait_duration: int = 10,
data: Any = None,
) -> OperationResult: ) -> OperationResult:
count = 0 count = 0
while True: while True:
try: try:
return operation() return operation(data)
except GraphQueryError as err: except GraphQueryError as err:
error = err error = err
# modeled after AZ-CLI's handling of missing application # modeled after AZ-CLI's handling of missing application
@ -279,7 +281,7 @@ def create_application_registration(
def add_application_password( def add_application_password(
app_object_id: UUID, subscription_id: str app_object_id: UUID, subscription_id: str
) -> Tuple[str, str]: ) -> Tuple[str, str]:
def create_password() -> Tuple[str, str]: def create_password(data: Any) -> Tuple[str, str]:
password = add_application_password_impl(app_object_id, subscription_id) password = add_application_password_impl(app_object_id, subscription_id)
logger.info("app password created") logger.info("app password created")
return password return password
@ -384,18 +386,36 @@ def authorize_application(
onefuzz_app_id = onefuzz_app["id"] onefuzz_app_id = onefuzz_app["id"]
def add_preauthorized_app() -> None: def add_preauthorized_app(app_list: List[Dict]) -> None:
query_microsoft_graph( try:
method="PATCH", query_microsoft_graph(
resource="applications/%s" % onefuzz_app_id, method="PATCH",
body={ resource="applications/%s" % onefuzz_app_id,
"api": { body={"api": {"preAuthorizedApplications": app_list}},
"preAuthorizedApplications": preAuthorizedApplications.to_list() )
} except GraphQueryError as e:
}, m = re.search(
) "Property PreAuthorizedApplication references "
"applications (.*) that cannot be found.",
e.message,
)
if m:
invalid_app_id = m.group(1)
if invalid_app_id:
for app in app_list:
if app["appId"] == invalid_app_id:
logger.warning(
f"removing invalid id {invalid_app_id} for the next request"
)
app_list.remove(app)
retry(add_preauthorized_app, "authorize application") raise e
retry(
add_preauthorized_app,
"authorize application",
data=preAuthorizedApplications.to_list(),
)
except AuthenticationError: except AuthenticationError:
logger.warning("*** Browse to: %s", FIX_URL % onefuzz_app_id) logger.warning("*** Browse to: %s", FIX_URL % onefuzz_app_id)
logger.warning("*** Then add the client application %s", registration_app_id) logger.warning("*** Then add the client application %s", registration_app_id)