Config Refactor Round 2. (#2771)

* Config Refactor Round 2. * Adding docs. * Fix file formatting. * Removing. * fixing imports. * Removing. * Fixing cli access token retrieval. * Fixing authority check. * Small edits. * Removing duplicate. * Adding uuid check. * Possible to override with existing params. * Allowing flags to override storage. * Trying to fix config params.? * Fixing. * Set endpoint params via app function. * Checking changes to params. * Make tenant_domain default. * Remove endoint params from models. * UPdating docs. * Setting * Removing hardcoded values. * Typo. * Removing endpoint upload. * Typo. * Fixing typos. * Fix error message about aad tenant. * Responding to comments. * Update src/ApiService/ApiService/UserCredentials.cs Co-authored-by: Marc Greisen <mgreisen@microsoft.com> --------- Co-authored-by: Marc Greisen <mgreisen@microsoft.com>
2025-06-17 20:38:06 +00:00 · 2023-01-31 23:03:38 +00:00
parent 3d2fb65c14
commit f402304084
16 changed files with 269 additions and 96 deletions
--- a/src/cli/onefuzz/api.py
+++ b/src/cli/onefuzz/api.py
@ -41,8 +41,9 @@ from .ssh import build_ssh_command, ssh_connect, temp_file
 UUID_EXPANSION = TypeVar("UUID_EXPANSION", UUID, str)

 DEFAULT = BackendConfig(
-    authority="https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47",
-    client_id="72f1562a-8c0c-41ea-beb9-fa2b71c80134",
+    authority="",
+    client_id="",
+    tenant_domain="",
 )

 # This was generated randomly and should be preserved moving forwards
@ -122,6 +123,10 @@ class Endpoint:
        as_params: bool = False,
        alternate_endpoint: Optional[str] = None,
    ) -> A:
+
+        # Retrieve Auth Parameters
+        self._req_config_params()
+
        response = self._req_base(
            method,
            data=data,
@ -153,6 +158,33 @@ class Endpoint:

        return [model.parse_obj(x) for x in response]

+    def _req_config_params(
+        self,
+    ) -> None:
+
+        if self.onefuzz._backend.config.endpoint is None:
+            raise Exception("Endpoint Not Configured")
+
+        endpoint = self.onefuzz._backend.config.endpoint
+
+        response = self.onefuzz._backend.session.request(
+            "GET", endpoint + "/api/config"
+        )
+
+        logging.debug(response.json())
+        endpoint_params = responses.Config.parse_obj(response.json())
+
+        logging.debug(self.onefuzz._backend.config.authority)
+        # Will override values in storage w/ provided values for SP use
+        if self.onefuzz._backend.config.client_id == "":
+            self.onefuzz._backend.config.client_id = endpoint_params.client_id
+        if self.onefuzz._backend.config.authority == "":
+            self.onefuzz._backend.config.authority = endpoint_params.authority
+        if self.onefuzz._backend.config.tenant_domain == "":
+            self.onefuzz._backend.config.tenant_domain = endpoint_params.tenant_domain
+
+        self.onefuzz._backend.save_config()
+
    def _disambiguate(
        self,
        name: str,
@ -1862,7 +1894,9 @@ class Onefuzz:
        self.logger.debug("set config")

        if reset:
-            self._backend.config = BackendConfig(authority="", client_id="")
+            self._backend.config = BackendConfig(
+                authority="", client_id="", tenant_domain=""
+            )

        if endpoint is not None:
            # The normal path for calling the API always uses the oauth2 workflow,