def login(username=None, password=None, service_principal=None, tenant=None,
allow_no_subscriptions=False, msi=False, msi_port=DefaultStr(50342)):
"""Log in to access Azure subscriptions"""
import os
import re
from adal.adal_error import AdalError
import requests
# quick argument usage check
if (any([username, password, service_principal, tenant, allow_no_subscriptions]) and
any([msi, not getattr(msi_port, 'is_default', None)])):
raise CLIError("usage error: '--msi/--msi-port' are not applicable with other arguments")
interactive = False
profile = Profile()
if in_cloud_console():
console_tokens = os.environ.get('AZURE_CONSOLE_TOKENS', None)
if console_tokens:
return profile.find_subscriptions_in_cloud_console(re.split(';|,', console_tokens))
logger.warning(_CLOUD_CONSOLE_WARNING_TEMPLATE, 'login')
return
if msi:
return profile.find_subscriptions_in_vm_with_msi(msi_port)
if username:
if not password:
try:
password = prompt_pass('Password: '******'Please specify both username and password in non-interactive mode.')
else:
interactive = True
try:
subscriptions = profile.find_subscriptions_on_login(
interactive,
username,
password,
service_principal,
tenant,
allow_no_subscriptions=allow_no_subscriptions)
except AdalError as err:
# try polish unfriendly server errors
if username:
msg = str(err)
suggestion = "For cross-check, try 'az login' to authenticate through browser."
if ('ID3242:' in msg) or ('Server returned an unknown AccountType' in msg):
raise CLIError("The user name might be invalid. " + suggestion)
if 'Server returned error in RSTR - ErrorCode' in msg:
raise CLIError("Logging in through command line is not supported. " + suggestion)
raise CLIError(err)
except requests.exceptions.ConnectionError as err:
raise CLIError('Please ensure you have network connection. Error detail: ' + str(err))
all_subscriptions = list(subscriptions)
for sub in all_subscriptions:
sub['cloudName'] = sub.pop('environmentName', None)
return all_subscriptions
def login(username=None, password=None, service_principal=None, tenant=None,
allow_no_subscriptions=False, msi=False, msi_port=DefaultStr(50342)):
"""Log in to access Azure subscriptions"""
import os
import re
from adal.adal_error import AdalError
import requests
# quick argument usage check
if (any([username, password, service_principal, tenant, allow_no_subscriptions]) and
any([msi, not getattr(msi_port, 'is_default', None)])):
raise CLIError("usage error: '--msi/--msi-port' are not applicable with other arguments")
interactive = False
profile = Profile()
if _in_cloud_console():
console_tokens = os.environ.get('AZURE_CONSOLE_TOKENS', None)
if console_tokens:
return profile.find_subscriptions_in_cloud_console(re.split(';|,', console_tokens))
else:
raise CLIError(_CLOUD_CONSOLE_ERR_TEMPLATE.format('login'))
if msi:
return profile.find_subscriptions_in_vm_with_msi(msi_port)
if username:
if not password:
try:
password = prompt_pass('Password: '******'Please specify both username and password in non-interactive mode.')
else:
interactive = True
try:
subscriptions = profile.find_subscriptions_on_login(
interactive,
username,
password,
service_principal,
tenant,
allow_no_subscriptions=allow_no_subscriptions)
except AdalError as err:
# try polish unfriendly server errors
if username:
msg = str(err)
suggestion = "For cross-check, try 'az login' to authenticate through browser."
if ('ID3242:' in msg) or ('Server returned an unknown AccountType' in msg):
raise CLIError("The user name might be invalid. " + suggestion)
if 'Server returned error in RSTR - ErrorCode' in msg:
raise CLIError("Logging in through command line is not supported. " + suggestion)
raise CLIError(err)
except requests.exceptions.ConnectionError as err:
raise CLIError('Please ensure you have network connection. Error detail: ' + str(err))
all_subscriptions = list(subscriptions)
for sub in all_subscriptions:
sub['cloudName'] = sub.pop('environmentName', None)
return all_subscriptions
def login(cmd, username=None, password=None, service_principal=None, tenant=None, allow_no_subscriptions=False,
identity=False, identity_port=None):
"""Log in to access Azure subscriptions"""
from adal.adal_error import AdalError
import requests
# quick argument usage check
if (any([password, service_principal, tenant, allow_no_subscriptions]) and identity):
raise CLIError("usage error: '--identity' is not applicable with other arguments")
if identity_port:
logger.warning("'--identity-port' is no longer required to login using managed identity."
" This flag will be removed in a future release of CLI.")
interactive = False
profile = Profile(cli_ctx=cmd.cli_ctx, async_persist=False)
if identity:
if in_cloud_console():
return profile.find_subscriptions_in_cloud_console()
return profile.find_subscriptions_in_vm_with_msi(username)
elif in_cloud_console(): # tell users they might not need login
logger.warning(_CLOUD_CONSOLE_LOGIN_WARNING)
if username:
if not password:
try:
password = prompt_pass('Password: '******'Please specify both username and password in non-interactive mode.')
else:
interactive = True
try:
subscriptions = profile.find_subscriptions_on_login(
interactive,
username,
password,
service_principal,
tenant,
allow_no_subscriptions=allow_no_subscriptions)
except AdalError as err:
# try polish unfriendly server errors
if username:
msg = str(err)
suggestion = "For cross-check, try 'az login' to authenticate through browser."
if ('ID3242:' in msg) or ('Server returned an unknown AccountType' in msg):
raise CLIError("The user name might be invalid. " + suggestion)
if 'Server returned error in RSTR - ErrorCode' in msg:
raise CLIError("Logging in through command line is not supported. " + suggestion)
raise CLIError(err)
except requests.exceptions.ConnectionError as err:
raise CLIError('Please ensure you have network connection. Error detail: ' + str(err))
all_subscriptions = list(subscriptions)
for sub in all_subscriptions:
sub['cloudName'] = sub.pop('environmentName', None)
return all_subscriptions
def login(cmd, username=None, password=None, service_principal=None, tenant=None, allow_no_subscriptions=False,
identity=False, use_device_code=False):
"""Log in to access Azure subscriptions"""
from adal.adal_error import AdalError
import requests
# quick argument usage check
if any([password, service_principal, tenant, allow_no_subscriptions]) and identity:
raise CLIError("usage error: '--identity' is not applicable with other arguments")
if any([password, service_principal, username, identity]) and use_device_code:
raise CLIError("usage error: '--use-device-code' is not applicable with other arguments")
interactive = False
profile = Profile(cli_ctx=cmd.cli_ctx, async_persist=False)
if identity:
if in_cloud_console():
return profile.find_subscriptions_in_cloud_console()
return profile.find_subscriptions_in_vm_with_msi(username)
elif in_cloud_console(): # tell users they might not need login
logger.warning(_CLOUD_CONSOLE_LOGIN_WARNING)
if username:
if not password:
try:
password = prompt_pass('Password: '******'Please specify both username and password in non-interactive mode.')
else:
interactive = True
try:
subscriptions = profile.find_subscriptions_on_login(
interactive,
username,
password,
service_principal,
tenant,
use_device_code=use_device_code,
allow_no_subscriptions=allow_no_subscriptions)
except AdalError as err:
# try polish unfriendly server errors
if username:
msg = str(err)
suggestion = "For cross-check, try 'az login' to authenticate through browser."
if ('ID3242:' in msg) or ('Server returned an unknown AccountType' in msg):
raise CLIError("The user name might be invalid. " + suggestion)
if 'Server returned error in RSTR - ErrorCode' in msg:
raise CLIError("Logging in through command line is not supported. " + suggestion)
raise CLIError(err)
except requests.exceptions.ConnectionError as err:
raise CLIError('Please ensure you have network connection. Error detail: ' + str(err))
all_subscriptions = list(subscriptions)
for sub in all_subscriptions:
sub['cloudName'] = sub.pop('environmentName', None)
return all_subscriptions
def login(cmd,
username=None,
password=None,
service_principal=None,
tenant=None,
allow_no_subscriptions=False,
identity=False,
use_device_code=False,
use_cert_sn_issuer=None):
"""Log in to access Azure subscriptions"""
from adal.adal_error import AdalError
import requests
# quick argument usage check
if any([password, service_principal, tenant]) and identity:
raise CLIError(
"usage error: '--identity' is not applicable with other arguments")
if any([password, service_principal, username, identity
]) and use_device_code:
raise CLIError(
"usage error: '--use-device-code' is not applicable with other arguments"
)
if use_cert_sn_issuer and not service_principal:
raise CLIError(
"usage error: '--use-sn-issuer' is only applicable with a service principal"
)
if service_principal and not username:
raise CLIError(
'usage error: --service-principal --username NAME --password SECRET --tenant TENANT'
)
interactive = False
profile = Profile(cli_ctx=cmd.cli_ctx, async_persist=False)
if identity:
if in_cloud_console():
return profile.find_subscriptions_in_cloud_console()
return profile.find_subscriptions_in_vm_with_msi(
username, allow_no_subscriptions)
if in_cloud_console(): # tell users they might not need login
logger.warning(_CLOUD_CONSOLE_LOGIN_WARNING)
if username:
if not password:
try:
password = prompt_pass('Password: '******'Please specify both username and password in non-interactive mode.'
)
else:
interactive = True
try:
subscriptions = profile.find_subscriptions_on_login(
interactive,
username,
password,
service_principal,
tenant,
use_device_code=use_device_code,
allow_no_subscriptions=allow_no_subscriptions,
use_cert_sn_issuer=use_cert_sn_issuer)
except AdalError as err:
# try polish unfriendly server errors
if username:
msg = str(err)
suggestion = "For cross-check, try 'az login' to authenticate through browser."
if ('ID3242:' in msg) or ('Server returned an unknown AccountType'
in msg):
raise CLIError("The user name might be invalid. " + suggestion)
if 'Server returned error in RSTR - ErrorCode' in msg:
raise CLIError(
"Logging in through command line is not supported. " +
suggestion)
if 'wstrust' in msg:
raise CLIError(
"Authentication failed due to error of '" + msg + "' "
"This typically happens when attempting a Microsoft account, which requires "
"interactive login. Please invoke 'az login' to cross check. "
# pylint: disable=line-too-long
"More details are available at https://github.com/AzureAD/microsoft-authentication-library-for-python/wiki/Username-Password-Authentication"
)
raise CLIError(err)
except requests.exceptions.SSLError as err:
from azure.cli.core.util import SSLERROR_TEMPLATE
raise CLIError(SSLERROR_TEMPLATE.format(str(err)))
except requests.exceptions.ConnectionError as err:
raise CLIError(
'Please ensure you have network connection. Error detail: ' +
str(err))
all_subscriptions = list(subscriptions)
for sub in all_subscriptions:
sub['cloudName'] = sub.pop('environmentName', None)
return all_subscriptions
def login(cmd, username=None, password=None, service_principal=None, tenant=None, allow_no_subscriptions=False,
identity=False, identity_port=None,
msi=False, msi_port=None): # will remove msi_xxx in a future release
"""Log in to access Azure subscriptions"""
import os
import re
from adal.adal_error import AdalError
import requests
# quick argument usage check
if (any([password, service_principal, tenant, allow_no_subscriptions]) and
any([identity, msi])):
raise CLIError("usage error: '--identity/--identity-port' are not applicable with other arguments")
interactive = False
profile = Profile(cli_ctx=cmd.cli_ctx, async_persist=False)
# if identity or msi:
# if in_cloud_console():
# return profile.find_subscriptions_in_cloud_console()
# return profile.find_subscriptions_in_vm_with_msi(identity_port or msi_port or 50342, username)
# elif in_cloud_console(): # tell users they might not need login
# logger.warning(_CLOUD_CONSOLE_LOGIN_WARNING)
if in_cloud_console():
console_tokens = os.environ.get('AZURE_CONSOLE_TOKENS', None)
if console_tokens:
return profile.find_subscriptions_in_cloud_console_thru_raw_token(re.split(';|,', console_tokens))
logger.warning(_CLOUD_CONSOLE_WARNING_TEMPLATE, 'login')
return
if identity or msi:
return profile.find_subscriptions_in_vm_with_msi(identity_port or msi_port or 50342, username)
if username:
if not password:
try:
password = prompt_pass('Password: '******'Please specify both username and password in non-interactive mode.')
else:
interactive = True
try:
subscriptions = profile.find_subscriptions_on_login(
interactive,
username,
password,
service_principal,
tenant,
allow_no_subscriptions=allow_no_subscriptions)
except AdalError as err:
# try polish unfriendly server errors
if username:
msg = str(err)
suggestion = "For cross-check, try 'az login' to authenticate through browser."
if ('ID3242:' in msg) or ('Server returned an unknown AccountType' in msg):
raise CLIError("The user name might be invalid. " + suggestion)
if 'Server returned error in RSTR - ErrorCode' in msg:
raise CLIError("Logging in through command line is not supported. " + suggestion)
raise CLIError(err)
except requests.exceptions.ConnectionError as err:
raise CLIError('Please ensure you have network connection. Error detail: ' + str(err))
all_subscriptions = list(subscriptions)
for sub in all_subscriptions:
sub['cloudName'] = sub.pop('environmentName', None)
return all_subscriptions
