-
Notifications
You must be signed in to change notification settings - Fork 32
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #82 from Azure-Samples/dev
Add cert usage information, update READMEs
- Loading branch information
Showing
38 changed files
with
3,656 additions
and
117 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
155 changes: 155 additions & 0 deletions
155
1-Authentication/1-sign-in/AppCreationScripts/Cleanup-WithCertificates.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,155 @@ | ||
| #Requires -Version 7 | ||
|
|
||
| [CmdletBinding()] | ||
| param( | ||
| [Parameter(Mandatory=$False, HelpMessage='Tenant ID (This is a GUID which represents the "Directory ID" of the AzureAD tenant into which you want to create the apps')] | ||
| [string] $tenantId, | ||
| [Parameter(Mandatory=$False, HelpMessage='Azure environment to use while running the script. Default = Global')] | ||
| [string] $azureEnvironmentName | ||
| ) | ||
|
|
||
|
|
||
| Function Cleanup | ||
| { | ||
| if (!$azureEnvironmentName) | ||
| { | ||
| $azureEnvironmentName = "Global" | ||
| } | ||
|
|
||
| <# | ||
| .Description | ||
| This function removes the Azure AD applications for the sample. These applications were created by the Configure.ps1 script | ||
| #> | ||
|
|
||
| # $tenantId is the Active Directory Tenant. This is a GUID which represents the "Directory ID" of the AzureAD tenant | ||
| # into which you want to create the apps. Look it up in the Azure portal in the "Properties" of the Azure AD. | ||
|
|
||
| # Connect to the Microsoft Graph API | ||
| Write-Host "Connecting to Microsoft Graph" | ||
|
|
||
|
|
||
| if ($tenantId -eq "") | ||
| { | ||
| Connect-MgGraph -Scopes "User.Read.All Organization.Read.All Application.ReadWrite.All" -Environment $azureEnvironmentName | ||
| } | ||
| else | ||
| { | ||
| Connect-MgGraph -TenantId $tenantId -Scopes "User.Read.All Organization.Read.All Application.ReadWrite.All" -Environment $azureEnvironmentName | ||
| } | ||
|
|
||
| $context = Get-MgContext | ||
| $tenantId = $context.TenantId | ||
|
|
||
| # Get the user running the script | ||
| $currentUserPrincipalName = $context.Account | ||
| $user = Get-MgUser -Filter "UserPrincipalName eq '$($context.Account)'" | ||
|
|
||
| # get the tenant we signed in to | ||
| $Tenant = Get-MgOrganization | ||
| $tenantName = $Tenant.DisplayName | ||
|
|
||
| $verifiedDomain = $Tenant.VerifiedDomains | where {$_.Isdefault -eq $true} | ||
| $verifiedDomainName = $verifiedDomain.Name | ||
| $tenantId = $Tenant.Id | ||
|
|
||
| Write-Host ("Connected to Tenant {0} ({1}) as account '{2}'. Domain is '{3}'" -f $Tenant.DisplayName, $Tenant.Id, $currentUserPrincipalName, $verifiedDomainName) | ||
|
|
||
| # Removes the applications | ||
| Write-Host "Cleaning-up applications from tenant '$tenantId'" | ||
|
|
||
| Write-Host "Removing 'client' (msal-node-webapp) if needed" | ||
| try | ||
| { | ||
| Get-MgApplication -Filter "DisplayName eq 'msal-node-webapp'" | ForEach-Object {Remove-MgApplication -ApplicationId $_.Id } | ||
| } | ||
| catch | ||
| { | ||
| $message = $_ | ||
| Write-Warning $Error[0] | ||
| Write-Host "Unable to remove the application 'msal-node-webapp'. Error is $message. Try deleting manually." -ForegroundColor White -BackgroundColor Red | ||
| } | ||
|
|
||
| Write-Host "Making sure there are no more (msal-node-webapp) applications found, will remove if needed..." | ||
| $apps = Get-MgApplication -Filter "DisplayName eq 'msal-node-webapp'" | Format-List Id, DisplayName, AppId, SignInAudience, PublisherDomain | ||
|
|
||
| if ($apps) | ||
| { | ||
| Remove-MgApplication -ApplicationId $apps.Id | ||
| } | ||
|
|
||
| foreach ($app in $apps) | ||
| { | ||
| Remove-MgApplication -ApplicationId $app.Id | ||
| Write-Host "Removed msal-node-webapp.." | ||
| } | ||
|
|
||
| # also remove service principals of this app | ||
| try | ||
| { | ||
| Get-MgServicePrincipal -filter "DisplayName eq 'msal-node-webapp'" | ForEach-Object {Remove-MgServicePrincipal -ServicePrincipalId $_.Id -Confirm:$false} | ||
| } | ||
| catch | ||
| { | ||
| $message = $_ | ||
| Write-Warning $Error[0] | ||
| Write-Host "Unable to remove ServicePrincipal 'msal-node-webapp'. Error is $message. Try deleting manually from Enterprise applications." -ForegroundColor White -BackgroundColor Red | ||
| } | ||
| # remove self-signed certificate | ||
| Write-Host "Removing CN=msal-node-webapp certificate from Cert:/CurrentUser/My" | ||
| Get-ChildItem -Path Cert:\CurrentUser\My | where { $_.subject -eq "CN=msal-node-webapp" } | Remove-Item | ||
| } | ||
|
|
||
| # Pre-requisites | ||
| if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph")) { | ||
| Install-Module "Microsoft.Graph" -Scope CurrentUser | ||
| } | ||
|
|
||
| #Import-Module Microsoft.Graph | ||
|
|
||
| if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Authentication")) { | ||
| Install-Module "Microsoft.Graph.Authentication" -Scope CurrentUser | ||
| } | ||
|
|
||
| Import-Module Microsoft.Graph.Authentication | ||
|
|
||
| if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Identity.DirectoryManagement")) { | ||
| Install-Module "Microsoft.Graph.Identity.DirectoryManagement" -Scope CurrentUser | ||
| } | ||
|
|
||
| Import-Module Microsoft.Graph.Identity.DirectoryManagement | ||
|
|
||
| if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Applications")) { | ||
| Install-Module "Microsoft.Graph.Applications" -Scope CurrentUser | ||
| } | ||
|
|
||
| Import-Module Microsoft.Graph.Applications | ||
|
|
||
| if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Groups")) { | ||
| Install-Module "Microsoft.Graph.Groups" -Scope CurrentUser | ||
| } | ||
|
|
||
| Import-Module Microsoft.Graph.Groups | ||
|
|
||
| if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Users")) { | ||
| Install-Module "Microsoft.Graph.Users" -Scope CurrentUser | ||
| } | ||
|
|
||
| Import-Module Microsoft.Graph.Users | ||
|
|
||
| $ErrorActionPreference = "Stop" | ||
|
|
||
|
|
||
| try | ||
| { | ||
| Cleanup -tenantId $tenantId -environment $azureEnvironmentName | ||
| } | ||
| catch | ||
| { | ||
| $_.Exception.ToString() | out-host | ||
| $message = $_ | ||
| Write-Warning $Error[0] | ||
| Write-Host "Unable to register apps. Error is $message." -ForegroundColor White -BackgroundColor Red | ||
| } | ||
|
|
||
| Write-Host "Disconnecting from tenant" | ||
| Disconnect-MgGraph |
Oops, something went wrong.