Skip to content

[AppService] Fix #11244: az webapp auth update: Add optional parameter to update client-secret-certificate-thumbprint #14730

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
qwordy merged 10 commits into from
Aug 11, 2020
Merged

[AppService] Fix #11244: az webapp auth update: Add optional parameter to update client-secret-certificate-thumbprint #14730

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
00b9235
{Docs} Remove stale reference in README to closed issue about extensi…
dkmiller Apr 27, 2020
ab16df0
Merge remote-tracking branch 'upstream/release'
azclibot Apr 28, 2020
03436bc
Merge remote-tracking branch 'upstream/release'
azclibot Apr 30, 2020
8261bff
Merge branch 'dev' of https://github.com/Azure/azure-cli
mkarmark Aug 10, 2020
e31746f
fix
mkarmark Aug 10, 2020
fca0528
fix commands
mkarmark Aug 10, 2020
db245cd
fix commands
mkarmark Aug 10, 2020
8429a70
fix params
mkarmark Aug 10, 2020
69649a5
fix params
mkarmark Aug 10, 2020
39753fd
fix custom
mkarmark Aug 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions src/azure-cli/azure/cli/command_modules/appservice/_params.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -541,6 +541,8 @@ def load_arguments(self, _):
help='Application ID to integrate AAD organization account Sign-in into your web app')
c.argument('client_secret', options_list=['--aad-client-secret'], arg_group='Azure Active Directory',
help='AAD application secret')
c.argument('client_secret_certificate_thumbprint', options_list=['--aad-client-secret-certificate-thumbprint', '--thumbprint'], arg_group='Azure Active Directory',
help='Alternative to AAD Client Secret, thumbprint of a certificate used for signing purposes')
c.argument('allowed_audiences', nargs='+', options_list=['--aad-allowed-token-audiences'],
arg_group='Azure Active Directory', help="One or more token audiences (space-delimited).")
c.argument('issuer', options_list=['--aad-token-issuer-url'],
Expand Down
1 change: 1 addition & 0 deletions src/azure-cli/azure/cli/command_modules/appservice/custom.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -847,6 +847,7 @@ def update_auth_settings(cmd, resource_group_name, name, enabled=None, action=No
client_id=None, token_store_enabled=None, runtime_version=None, # pylint: disable=unused-argument
token_refresh_extension_hours=None, # pylint: disable=unused-argument
allowed_external_redirect_urls=None, client_secret=None, # pylint: disable=unused-argument
client_secret_certificate_thumbprint=None, # pylint: disable=unused-argument
allowed_audiences=None, issuer=None, facebook_app_id=None, # pylint: disable=unused-argument
facebook_app_secret=None, facebook_oauth_scopes=None, # pylint: disable=unused-argument
twitter_consumer_key=None, twitter_consumer_secret=None, # pylint: disable=unused-argument
Expand Down
10 changes: 5 additions & 5 deletions ...re/cli/command_modules/appservice/tests/latest/recordings/test_webapp_authentication.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -653,7 +653,7 @@ interactions:
ParameterSetName:
- -g -n --enabled --action --token-store --token-refresh-extension-hours --runtime-version
--aad-client-id --aad-client-secret --aad-allowed-token-audiences --aad-token-issuer-url
--facebook-app-id --facebook-app-secret --facebook-oauth-scopes
--aad-client-secret-certificate-thumbprint --facebook-app-id --facebook-app-secret --facebook-oauth-scopes
User-Agent:
- python/3.7.2 (Darwin-16.7.0-x86_64-i386-64bit) msrest/0.6.9 msrest_azure/0.6.3
azure-mgmt-web/0.47.0 Azure-SDK-For-Python AZURECLI/2.9.0
Expand Down Expand Up @@ -702,8 +702,8 @@ interactions:
"RedirectToLoginPage", "tokenStoreEnabled": false, "defaultProvider": "Facebook",
"tokenRefreshExtensionHours": 7.2, "clientId": "aad_client_id", "clientSecret":
"aad_secret", "issuer": "https://issuer_url", "allowedAudiences": ["https://audience1"],
"facebookAppId": "facebook_id", "facebookAppSecret": "facebook_secret", "facebookOAuthScopes":
["public_profile", "email"]}}'
"clientSecretCertificateThumbprint": "aad_thumbprint", "facebookAppId": "facebook_id", "facebookAppSecret":
"facebook_secret", "facebookOAuthScopes": ["public_profile", "email"]}}'
headers:
Accept:
- application/json
Expand All @@ -720,7 +720,7 @@ interactions:
ParameterSetName:
- -g -n --enabled --action --token-store --token-refresh-extension-hours --runtime-version
--aad-client-id --aad-client-secret --aad-allowed-token-audiences --aad-token-issuer-url
--facebook-app-id --facebook-app-secret --facebook-oauth-scopes
--aad-client-secret-certificate-thumbprint --facebook-app-id --facebook-app-secret --facebook-oauth-scopes
User-Agent:
- python/3.7.2 (Darwin-16.7.0-x86_64-i386-64bit) msrest/0.6.9 msrest_azure/0.6.3
azure-mgmt-web/0.47.0 Azure-SDK-For-Python AZURECLI/2.9.0
Expand All @@ -731,7 +731,7 @@ interactions:
response:
body:
string: '{"id":"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_webapp_authentication000001/providers/Microsoft.Web/sites/webapp-authentication-test000002/config/authsettings","name":"authsettings","type":"Microsoft.Web/sites/config","location":"Japan
West","properties":{"enabled":true,"runtimeVersion":"1.2.8","unauthenticatedClientAction":"RedirectToLoginPage","tokenStoreEnabled":false,"allowedExternalRedirectUrls":null,"defaultProvider":"Facebook","tokenRefreshExtensionHours":7.2,"clientId":"aad_client_id","clientSecret":"aad_secret","clientSecretCertificateThumbprint":null,"issuer":"https://issuer_url","allowedAudiences":["https://audience1"],"additionalLoginParams":null,"isAadAutoProvisioned":false,"googleClientId":null,"googleClientSecret":null,"googleOAuthScopes":null,"facebookAppId":"facebook_id","facebookAppSecret":"facebook_secret","facebookOAuthScopes":["public_profile","email"],"twitterConsumerKey":null,"twitterConsumerSecret":null,"microsoftAccountClientId":null,"microsoftAccountClientSecret":null,"microsoftAccountOAuthScopes":null}}'
West","properties":{"enabled":true,"runtimeVersion":"1.2.8","unauthenticatedClientAction":"RedirectToLoginPage","tokenStoreEnabled":false,"allowedExternalRedirectUrls":null,"defaultProvider":"Facebook","tokenRefreshExtensionHours":7.2,"clientId":"aad_client_id","clientSecret":"aad_secret","clientSecretCertificateThumbprint":"aad_thumbprint","issuer":"https://issuer_url","allowedAudiences":["https://audience1"],"additionalLoginParams":null,"isAadAutoProvisioned":false,"googleClientId":null,"googleClientSecret":null,"googleOAuthScopes":null,"facebookAppId":"facebook_id","facebookAppSecret":"facebook_secret","facebookOAuthScopes":["public_profile","email"],"twitterConsumerKey":null,"twitterConsumerSecret":null,"microsoftAccountClientId":null,"microsoftAccountClientSecret":null,"microsoftAccountOAuthScopes":null}}'
headers:
cache-control:
- no-cache
Expand Down
4 changes: 3 additions & 1 deletion src/azure-cli/azure/cli/command_modules/appservice/tests/latest/test_webapp_commands.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2084,6 +2084,7 @@ def test_webapp_authentication(self, resource_group):
JMESPathCheck('runtimeVersion', None),
JMESPathCheck('clientId', None),
JMESPathCheck('clientSecret', None),
JMESPathCheck('clientSecretCertificateThumbprint', None),
JMESPathCheck('allowedAudiences', None),
JMESPathCheck('issuer', None),
JMESPathCheck('facebookAppId', None),
Expand All @@ -2094,7 +2095,7 @@ def test_webapp_authentication(self, resource_group):
# update and verify
result = self.cmd('webapp auth update -g {} -n {} --enabled true --action LoginWithFacebook '
'--token-store false --token-refresh-extension-hours 7.2 --runtime-version 1.2.8 '
'--aad-client-id aad_client_id --aad-client-secret aad_secret '
'--aad-client-id aad_client_id --aad-client-secret aad_secret --aad-client-secret-certificate-thumbprint aad_thumbprint '
'--aad-allowed-token-audiences https://audience1 --aad-token-issuer-url https://issuer_url '
'--facebook-app-id facebook_id --facebook-app-secret facebook_secret '
'--facebook-oauth-scopes public_profile email'
Expand All @@ -2108,6 +2109,7 @@ def test_webapp_authentication(self, resource_group):
JMESPathCheck('runtimeVersion', '1.2.8'),
JMESPathCheck('clientId', 'aad_client_id'),
JMESPathCheck('clientSecret', 'aad_secret'),
JMESPathCheck('clientSecretCertificateThumbprint', 'aad_thumbprint'),
JMESPathCheck('issuer', 'https://issuer_url'),
JMESPathCheck('facebookAppId', 'facebook_id'),
JMESPathCheck('facebookAppSecret', 'facebook_secret')]).get_output_in_json()
Expand Down