def register(request): registered = False global user global contractid if request.method == "POST": user_form = VoterForm(data=request.POST) profile_form = VoterinfoForm(data=request.POST) if user_form.is_valid() and profile_form.is_valid(): user = user_form.save(commit=False) usercopy = user username = user_form.cleaned_data['username'] password = user_form.cleaned_data['password'] user.set_password(user.password) user.save() profile = profile_form.save(commit=False) profile.user = user profile.save() registered = True context = { "user_form": user_form, "profile_form": profile_form, "registered": registered, "user": user, } auth_context = AuthenticationContext(AUTHORITY) token = auth_context.acquire_token_with_client_credentials( RESOURCE, CLIENT_APP_Id, CLIENT_SECRET) post_data = { "workflowFunctionID": 73, "workflowActionParameters": [{ "name": "Description", "value": str(profile_form.cleaned_data['constituency']), "workflowFunctionParameterId": 249 }, { "name": "Name", "value": user_form.cleaned_data['username'], "workflowFunctionParameterId": 250 }, { "name": "DOB", "value": str(profile_form.cleaned_data['dob']), "workflowFunctionParameterId": 251 }, { "name": "Aadhar", "value": str(profile_form.cleaned_data['aadhar']), "workflowFunctionParameterId": 252 }, { "name": "VoterId", "value": str(profile_form.cleaned_data['voterid']), "workflowFunctionParameterId": 253 }, { "name": "Pin", "value": str(profile_form.cleaned_data['pin']), "workflowFunctionParameterId": 254 }] } endpoint = 'https://safevote-3wpvhp-api.azurewebsites.net/api/v2/contracts' # endpoint = 'https://voteapp-iyby7e-api.azurewebsites.net/api/v2/applications/15' url = endpoint headers = { 'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token['accessToken'] } PARAMS = { 'workflowId': 16, 'contractCodeId': 16, 'connectionId': 1 } response = requests.post(url, headers=headers, params=PARAMS, data=json.dumps(post_data)) if response.status_code == 200: # SUCCESS contractid = response.json() user1 = VoterInfo.objects.get(user=usercopy) user1.contractid = contractid user1.save() else: context = { "user_form": user_form, "profile_form": profile_form, "registered": registered, } return render(request, 'register.html', context) else: user_form = VoterForm() profile_form = VoterinfoForm() context = { "user_form": user_form, "profile_form": profile_form, "registered": registered, } return render(request, 'register.html', context)
endpoint = "http://a7b13c94-3a5f-4a67-8efc-1262bec99d4f.southeastasia.azurecontainer.io/score" headers = { 'Content-Type':'application/json' } predictions = requests.post(endpoint, input_json , headers = headers) predicted_classes = predictions.json() requests. response = requests.post(, headers=aad_token, json={"ExperimentName": "My_Pipeline", "ParameterAssignments": {"pipeline_arg": 20}}) from azureml.core.authentication import ServicePrincipalAuthentication sp = ServicePrincipalAuthentication(tenant_id="e95e330a-6410-4dd1-a705-575cba48e853", # tenantID service_principal_id="306d65da-1788-4088-939e-b1c40bea9c0c", # clientId service_principal_password="******") from adal import AuthenticationContext client_id = "306d65da-1788-4088-939e-b1c40bea9c0c" client_secret = "RzHm3X-Xv_Ubc~q-R89rdLZHQGK_VH.1v7" resource_url = "https://login.microsoftonline.com" tenant_id = "e95e330a-6410-4dd1-a705-575cba48e853" authority = "{}/{}".format(resource_url, tenant_id) auth_context = AuthenticationContext(authority) token_response = auth_context.acquire_token_with_client_credentials("https://management.azure.com/", client_id, client_secret) print(token_response)
import requests from adal import AuthenticationContext auth_context = AuthenticationContext( "https://login.microsoftonline.com/<tenant_id>/") SESSION = requests.Session() # client id and secret from application (has to be assigned to the subscription) token_response = auth_context.acquire_token_with_client_credentials( client_id="<client_id>", client_secret="<client_secret>", resource="https://management.azure.com/", ) # add bearer token to the requests session SESSION.headers.update( {"Authorization": "Bearer " + token_response["accessToken"]}) # endpoints for policies # definition sub_policy_endpoint = "https://management.azure.com/subscriptions/<subscription_id>/providers/Microsoft.Authorization/policyDefinitions?api-version=2019-09-01" # assignment mgmt_policy_endpoint = "https://management.azure.com/providers/Microsoft.Management/managementgroups/mgmt-test/providers/Microsoft.Authorization/policyAssignments?%24filter=atScope()&api-version=2019-09-01" # summarize summarize_endpoint = "https://management.azure.com/subscriptions/<subscription_id>/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04" # trigger policy trigger_endpoint = "https://management.azure.com/subscriptions/<subscription_id>/providers/Microsoft.PolicyInsights/policyStates/latest/triggerEvaluation?api-version=2018-07-01-preview"
def vote(request): curruser = VoterInfo.objects.get(user=request.user) cands = CandidateInfo.objects.all() haserror = False if curruser.hasVoted == False: verified = False auth_context = AuthenticationContext(AUTHORITY) token = auth_context.acquire_token_with_client_credentials( RESOURCE, CLIENT_APP_Id, CLIENT_SECRET) endpoint = 'https://safevote-3wpvhp-api.azurewebsites.net/api/v2/' + str( curruser.contractid) + '/actions' url = endpoint headers = {'Authorization': 'Bearer ' + token['accessToken']} response = requests.get(url, headers=headers) # print(token['accessToken']) # print(response.text) # data=response.json() # print(data) if True: verified = True curruser.is_Verified = True if request.method == 'POST': candidateid = request.POST.get('candidateid') print(candidateid) pin = request.POST.get('pin') print(pin) post_data = { "workflowFunctionID": 77, "workflowActionParameters": [{ "name": "Candidate", "value": str(candidateid), "workflowFunctionParameterId": 247 }, { "name": "PIN", "value": str(pin), "workflowFunctionParameterId": 248 }] } endpoint = 'https://safevote-3wpvhp-api.azurewebsites.net/api/v2/contracts/' + str( curruser.contractid) + '/actions' url = endpoint headers = { 'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token['accessToken'] } response = requests.post(url, headers=headers, data=json.dumps(post_data)) if response.status_code == 200: curruser.hasVoted = True # SUCCESS curruser.save() currcand = CandidateInfo.objects.get(name=candidateid) currcand.vote_count += 1 currcand.save() return render(request, 'about.html', { 'cands': cands, 'curruser': curruser }) #vote count display page redirection else: print(response.status_code) print(curruser.contractid) haserror = True return render( request, 'vote.html', { 'verified': verified, 'haserror': haserror, 'cands': cands, 'curruser': curruser }) else: return render( request, 'vote.html', { 'verified': verified, 'haserror': haserror, 'cands': cands, 'curruser': curruser }) #redirect to voting page else: verified = False return render( request, 'vote.html', { 'verified': verified, 'haserror': haserror, 'cands': cands, 'curruser': curruser }) #redirect to voting page else: return render(request, 'about.html', { 'cands': cands, 'curruser': curruser }) #vote count display page redirection
class _MyAadHelper(object): def __init__(self, kusto_cluster, client_id=None, client_secret=None, username=None, password=None, authority=None): self.adal_context = AuthenticationContext( 'https://login.windows.net/{0}'.format(authority or 'microsoft.com')) self.kusto_cluster = kusto_cluster self.client_id = client_id or "db662dc1-0cfe-4e1c-a843-19a68e65be58" self.client_secret = client_secret self.username = username self.password = password def acquire_token(self): """ A method to acquire tokens from AAD. """ # print("my_aad_helper_acquire_token") token_response = self.adal_context.acquire_token( self.kusto_cluster, self.username, self.client_id) if token_response is not None: expiration_date = dateutil.parser.parse( token_response['expiresOn']) if expiration_date > datetime.utcnow() + timedelta(minutes=5): return token_response['accessToken'] if self.client_secret is not None and self.client_id is not None: token_response = self.adal_context.acquire_token_with_client_credentials( self.kusto_cluster, self.client_id, self.client_secret) elif self.username is not None and self.password is not None: token_response = self.adal_context.acquire_token_with_username_password( self.kusto_cluster, self.username, self.password, self.client_id) else: code = self.adal_context.acquire_user_code(self.kusto_cluster, self.client_id) url = code['verification_url'] device_code = code["user_code"].strip() html_str = """<!DOCTYPE html> <html><body> <!-- h1 id="user_code_p"><b>""" + device_code + """</b><br></h1--> <input id="kqlMagicCodeAuthInput" type="text" readonly style="font-weight: bold; border: none;" size = '""" + str( len(device_code)) + """' value='""" + device_code + """'> <button id='kqlMagicCodeAuth_button', onclick="this.style.visibility='hidden';kqlMagicCodeAuthFunction()">Copy code to clipboard and authenticate</button> <script> var kqlMagicUserCodeAuthWindow = null function kqlMagicCodeAuthFunction() { /* Get the text field */ var copyText = document.getElementById("kqlMagicCodeAuthInput"); /* Select the text field */ copyText.select(); /* Copy the text inside the text field */ document.execCommand("copy"); /* Alert the copied text */ // alert("Copied the text: " + copyText.value); var w = screen.width / 2; var h = screen.height / 2; params = 'width='+w+',height='+h kqlMagicUserCodeAuthWindow = window.open('""" + url + """', 'kqlMagicUserCodeAuthWindow', params); } </script> </body></html>""" Display.show(html_str) # webbrowser.open(code['verification_url']) try: token_response = self.adal_context.acquire_token_with_device_code( self.kusto_cluster, code, self.client_id) finally: html_str = """<!DOCTYPE html> <html><body><script> // close authentication window if (kqlMagicUserCodeAuthWindow && kqlMagicUserCodeAuthWindow.opener != null && !kqlMagicUserCodeAuthWindow.closed) { kqlMagicUserCodeAuthWindow.close() } // clear output cell Jupyter.notebook.clear_output(Jupyter.notebook.get_selected_index()) // move to next cell </script></body></html>""" Display.show(html_str) return token_response['accessToken']
from adal import AuthenticationContext import requests from pprint import pprint import json AUTHORITY = 'https://login.microsoftonline.com/chiragvmj2012gmail.onmicrosoft.com' WORKBENCH_API_URL = 'https://safevote-3wpvhp.azurewebsites.net' RESOURCE = '9569b296-589d-488b-a582-246d957827de' CLIENT_APP_Id = 'b4d34ae7-b24d-4aab-87a5-a72c23d60dec' CLIENT_SECRET = '.M-m0UajsaeD*uCc6@WlLigK5oVMPbj8' auth_context = AuthenticationContext(AUTHORITY) if __name__ == '__main__': try: # Acquiring the token token = auth_context.acquire_token_with_client_credentials( RESOURCE, CLIENT_APP_Id, CLIENT_SECRET) # print(token['accessToken']) endpoint = 'https://safevote-3wpvhp-api.azurewebsites.net/api/v2/36/actions' url = endpoint headers = {'Authorization': 'Bearer ' + token['accessToken']} response = requests.get(url, headers=headers) mydata = json.loads(response.text) print(mydata["nextLink"]) except Exception as error: print(error)
class _AadHelper: authentication_method = None auth_context = None msi_auth_context = None username = None kusto_uri = None authority_uri = None client_id = None password = None thumbprint = None certificate = None msi_params = None token_provider = None code_callback = None def __init__(self, kcsb: "KustoConnectionStringBuilder", cb: Callable = None): self.kusto_uri = "{0.scheme}://{0.hostname}".format( urlparse(kcsb.data_source)) self.username = None if all([kcsb.aad_user_id, kcsb.password]): self.authentication_method = AuthenticationMethod.aad_username_password self.client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" self.username = kcsb.aad_user_id self.password = kcsb.password elif all([kcsb.application_client_id, kcsb.application_key]): self.authentication_method = AuthenticationMethod.aad_application_key self.client_id = kcsb.application_client_id self.client_secret = kcsb.application_key elif all([ kcsb.application_client_id, kcsb.application_certificate, kcsb.application_certificate_thumbprint ]): self.authentication_method = AuthenticationMethod.aad_application_certificate self.client_id = kcsb.application_client_id self.certificate = kcsb.application_certificate self.thumbprint = kcsb.application_certificate_thumbprint elif kcsb.msi_authentication: self.authentication_method = AuthenticationMethod.aad_msi self.msi_params = kcsb.msi_parameters return elif any([kcsb.user_token, kcsb.application_token]): self.token = kcsb.user_token or kcsb.application_token self.authentication_method = AuthenticationMethod.aad_token return elif kcsb.az_cli: self.authentication_method = AuthenticationMethod.az_cli_profile return elif kcsb.token_provider: self.authentication_method = AuthenticationMethod.token_provider self.token_provider = kcsb.token_provider else: self.authentication_method = AuthenticationMethod.aad_device_login self.client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" self.code_callback = cb authority = kcsb.authority_id or "common" aad_authority_uri = os.environ.get("AadAuthorityUri", CLOUD_LOGIN_URL) self.authority_uri = aad_authority_uri + authority if aad_authority_uri.endswith( "/") else aad_authority_uri + "/" + authority def acquire_authorization_header(self): """Acquire tokens from AAD.""" try: return self._acquire_authorization_header() except (AdalError, KustoClientError) as error: if self.authentication_method is AuthenticationMethod.aad_username_password: kwargs = { "username": self.username, "client_id": self.client_id } elif self.authentication_method is AuthenticationMethod.aad_application_key: kwargs = {"client_id": self.client_id} elif self.authentication_method is AuthenticationMethod.aad_device_login: kwargs = {"client_id": self.client_id} elif self.authentication_method is AuthenticationMethod.aad_application_certificate: kwargs = { "client_id": self.client_id, "thumbprint": self.thumbprint } elif self.authentication_method is AuthenticationMethod.aad_msi: kwargs = self.msi_params elif self.authentication_method is AuthenticationMethod.token_provider: kwargs = {} else: raise error kwargs["resource"] = self.kusto_uri if self.authentication_method is AuthenticationMethod.aad_msi: kwargs["authority"] = AuthenticationMethod.aad_msi.value elif self.authentication_method is AuthenticationMethod.token_provider: kwargs["authority"] = AuthenticationMethod.token_provider.value elif self.auth_context is not None: kwargs["authority"] = self.auth_context.authority.url raise KustoAuthenticationError(self.authentication_method.value, error, **kwargs) def _acquire_authorization_header(self) -> str: # Token was provided by caller if self.authentication_method is AuthenticationMethod.aad_token: return _get_header("Bearer", self.token) if self.authentication_method is AuthenticationMethod.token_provider: caller_token = self.token_provider() if not isinstance(caller_token, str): raise KustoClientError( "Token provider returned something that is not a string [" + str(type(caller_token)) + "]") return _get_header("Bearer", caller_token) # Obtain token from MSI endpoint if self.authentication_method == AuthenticationMethod.aad_msi: token = self.get_token_from_msi() return _get_header_from_dict(token) refresh_token = None if self.authentication_method == AuthenticationMethod.az_cli_profile: stored_token = _get_azure_cli_auth_token() if (TokenResponseFields.REFRESH_TOKEN in stored_token and TokenResponseFields._CLIENT_ID in stored_token and TokenResponseFields._AUTHORITY in stored_token): self.client_id = stored_token[TokenResponseFields._CLIENT_ID] self.username = stored_token[TokenResponseFields.USER_ID] self.authority_uri = stored_token[ TokenResponseFields._AUTHORITY] refresh_token = stored_token[TokenResponseFields.REFRESH_TOKEN] if self.auth_context is None: self.auth_context = AuthenticationContext(self.authority_uri) if refresh_token is not None: token = self.auth_context.acquire_token_with_refresh_token( refresh_token, self.client_id, self.kusto_uri) else: token = self.auth_context.acquire_token(self.kusto_uri, self.username, self.client_id) if token is not None: expiration_date = dateutil.parser.parse( token[TokenResponseFields.EXPIRES_ON]) if expiration_date > datetime.now() + timedelta(minutes=1): return _get_header_from_dict(token) if TokenResponseFields.REFRESH_TOKEN in token: token = self.auth_context.acquire_token_with_refresh_token( token[TokenResponseFields.REFRESH_TOKEN], self.client_id, self.kusto_uri) if token is not None: return _get_header_from_dict(token) # obtain token from AAD if self.authentication_method is AuthenticationMethod.aad_username_password: token = self.auth_context.acquire_token_with_username_password( self.kusto_uri, self.username, self.password, self.client_id) elif self.authentication_method is AuthenticationMethod.aad_application_key: token = self.auth_context.acquire_token_with_client_credentials( self.kusto_uri, self.client_id, self.client_secret) elif self.authentication_method is AuthenticationMethod.aad_device_login: code = self.auth_context.acquire_user_code(self.kusto_uri, self.client_id) if self.code_callback is not None: if asyncio.iscoroutinefunction(self.code_callback): asyncio.run(self.code_callback(code['user_code'])) else: self.code_callback(code['user_code']) print(code[OAuth2DeviceCodeResponseParameters.MESSAGE]) token = self.auth_context.acquire_token_with_device_code( self.kusto_uri, code, self.client_id) elif self.authentication_method is AuthenticationMethod.aad_application_certificate: token = self.auth_context.acquire_token_with_client_certificate( self.kusto_uri, self.client_id, self.certificate, self.thumbprint) else: raise KustoClientError( "Please choose authentication method from azure.kusto.data.security.AuthenticationMethod" ) return _get_header_from_dict(token) def get_token_from_msi(self) -> dict: try: if self.msi_auth_context is None: # Create the MSI Authentication object, the first token is acquired implicitly self.msi_auth_context = MSIAuthentication(**self.msi_params) else: # Acquire a fresh token self.msi_auth_context.set_token() except Exception as e: raise KustoClientError("Failed to obtain MSI context for [" + str(self.msi_params) + "]\n" + str(e)) return self.msi_auth_context.token
class _AadHelper(object): def __init__(self, kcsb): authority = kcsb.authority_id or "common" self._kusto_cluster = "{0.scheme}://{0.hostname}".format( urlparse(kcsb.data_source)) self._adal_context = AuthenticationContext( "https://login.microsoftonline.com/{0}".format(authority)) self._username = None if all([kcsb.aad_user_id, kcsb.password]): self._authentication_method = AuthenticationMethod.aad_username_password self._client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" self._username = kcsb.aad_user_id self._password = kcsb.password elif all([kcsb.application_client_id, kcsb.application_key]): self._authentication_method = AuthenticationMethod.aad_application_key self._client_id = kcsb.application_client_id self._client_secret = kcsb.application_key elif all([ kcsb.application_client_id, kcsb.application_certificate, kcsb.application_certificate_thumbprint ]): self._authentication_method = AuthenticationMethod.aad_application_certificate self._client_id = kcsb.application_client_id self._certificate = kcsb.application_certificate self._thumbprint = kcsb.application_certificate_thumbprint else: self._authentication_method = AuthenticationMethod.aad_device_login self._client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" def acquire_authorization_header(self): """Acquire tokens from AAD.""" try: return self._acquire_authorization_header() except AdalError as error: if self._authentication_method is AuthenticationMethod.aad_username_password: kwargs = { "username": self._username, "client_id": self._client_id } elif self._authentication_method is AuthenticationMethod.aad_application_key: kwargs = {"client_id": self._client_id} elif self._authentication_method is AuthenticationMethod.aad_device_login: kwargs = {"client_id": self._client_id} elif self._authentication_method is AuthenticationMethod.aad_application_certificate: kwargs = { "client_id": self._client_id, "thumbprint": self._thumbprint } else: raise error kwargs["resource"] = self._kusto_cluster kwargs["authority"] = self._adal_context.authority.url raise KustoAuthenticationError(self._authentication_method.value, error, **kwargs) def _acquire_authorization_header(self): token = self._adal_context.acquire_token(self._kusto_cluster, self._username, self._client_id) if token is not None: expiration_date = dateutil.parser.parse( token[TokenResponseFields.EXPIRES_ON]) if expiration_date > datetime.now() + timedelta(minutes=1): return _get_header(token) if TokenResponseFields.REFRESH_TOKEN in token: token = self._adal_context.acquire_token_with_refresh_token( token[TokenResponseFields.REFRESH_TOKEN], self._client_id, self._kusto_cluster) if token is not None: return _get_header(token) if self._authentication_method is AuthenticationMethod.aad_username_password: token = self._adal_context.acquire_token_with_username_password( self._kusto_cluster, self._username, self._password, self._client_id) elif self._authentication_method is AuthenticationMethod.aad_application_key: token = self._adal_context.acquire_token_with_client_credentials( self._kusto_cluster, self._client_id, self._client_secret) elif self._authentication_method is AuthenticationMethod.aad_device_login: code = self._adal_context.acquire_user_code( self._kusto_cluster, self._client_id) print(code[OAuth2DeviceCodeResponseParameters.MESSAGE]) webbrowser.open( code[OAuth2DeviceCodeResponseParameters.VERIFICATION_URL]) token = self._adal_context.acquire_token_with_device_code( self._kusto_cluster, code, self._client_id) elif self._authentication_method is AuthenticationMethod.aad_application_certificate: token = self._adal_context.acquire_token_with_client_certificate( self._kusto_cluster, self._client_id, self._certificate, self._thumbprint) else: raise KustoClientError( "Please choose authentication method from azure.kusto.data.security.AuthenticationMethod" ) return _get_header(token)
def __call__(self, request): context = AuthenticationContext(self.authority) response = context.acquire_token_with_client_credentials(self.resource_url, self.client_id, self.client_secret) request.headers['Authorization'] = 'Bearer %s' % response.get('accessToken') return request
def cleanup_database(spark_args): client_secret = SERVICE_PRINCIPAL_SECRET database = args.jdbc_database jdbcHost = args.jdbc_host jdbcPort = args.jdbc_port jdbc_username_key_name = spark_args.jdbc_username_key_name jdbc_password_key_name = spark_args.jdbc_password_key_name use_msi_azure_sql_auth = spark_args.use_msi_azure_sql_auth application_id = spark_args.application_id directory_id = spark_args.directory_id connectionProperties = { 'databaseName': database, 'url': 'watercooler-sql-wt.database.windows.net', 'hostNameInCertificate': '*.database.windows.net', 'encrypt': 'true', 'Driver': 'com.microsoft.sqlserver.jdbc.SQLServerDriver', 'ServerCertificate': 'false', 'trustServerCertificate': 'false', 'loginTimeout': '30' } if use_msi_azure_sql_auth: sts_url = "https://login.microsoftonline.com/" + directory_id auth_context = AuthenticationContext(sts_url) token_obj = auth_context.acquire_token_with_client_credentials( "https://database.windows.net/", application_id, client_secret) access_token = token_obj['accessToken'] connectionProperties['accessToken'] = access_token else: service_principal_credential = ClientSecretCredential( tenant_id=spark_args.directory_id, client_id=spark_args.application_id, client_secret=SERVICE_PRINCIPAL_SECRET) secret_client = SecretClient(vault_url=spark_args.key_vault_url, credential=service_principal_credential) connectionProperties["user"] = secret_client.get_secret( name=jdbc_username_key_name).value connectionProperties["password"] = secret_client.get_secret( name=jdbc_password_key_name).value connection = jaydebeapi.connect( "com.microsoft.sqlserver.jdbc.SQLServerDriver", f"jdbc:sqlserver://{jdbcHost}:{jdbcPort};databaseName={database};", connectionProperties) cursor = connection.cursor() truncate_groups_per_day = "truncate table groups_per_day;" truncate_groups_per_week = "truncate table groups_per_week;" truncate_members_group_personal_meetings = "truncate table members_group_personal_meetings;" members_to_group_participation = "truncate table members_to_group_participation;" cursor.execute(truncate_groups_per_day) logger.info("Truncated groups_per_day table.") cursor.execute(truncate_groups_per_week) logger.info("Truncated groups_per_week table.") cursor.execute(truncate_members_group_personal_meetings) logger.info("Truncated members_group_personal_meetings table.") cursor.execute(members_to_group_participation) logger.info("Truncated members_to_group_participation table.") cursor.close() connection.close()
def export_data_to_azure_sql(spark_args): application_id = spark_args.application_id directory_id = spark_args.directory_id adb_secret_scope = spark_args.adb_secret_scope_name adb_sp_client_key_secret_name = spark_args.adb_sp_client_key_secret_name employee_profile = spark_args.employee_profile_file_name groups_per_day_file = spark_args.groups_per_day_file_name groups_per_week = spark_args.groups_per_weeks_file_name members_group_personal_meetings = spark_args.members_group_personal_meetings_file_name members_to_group_participation = spark_args.members_to_group_participation_file_name database = spark_args.jdbc_database jdbc_host = spark_args.jdbc_host jdbc_port = spark_args.jdbc_port use_msi_azure_sql_auth = spark_args.use_msi_azure_sql_auth key_vault_url = spark_args.key_vault_url jdbc_username_key_name = spark_args.jdbc_username_key_name jdbc_password_key_name = spark_args.jdbc_password_key_name jdbc_username = spark_args.jdbc_user # this parameter should be used only for running the application locally jdbc_password = spark_args.jdbc_password # this parameter should be used only for running the application locally export_batch_size = int(spark_args.export_batch_size) base_folder = spark_args.csv_input_data_path full_base_path = retrieve_latest_run(base_folder) logger.info(f"*******#####Result {full_base_path}") employee_profile_file = os.path.join(full_base_path, employee_profile) groups_per_day_file = os.path.join(full_base_path, groups_per_day_file) groups_per_week_file = os.path.join(full_base_path, groups_per_week) members_group_personal_meetings_file = os.path.join( full_base_path, members_group_personal_meetings) members_to_group_participation_file = os.path.join( full_base_path, members_to_group_participation) client_secret = SERVICE_PRINCIPAL_SECRET if SERVICE_PRINCIPAL_SECRET is not None else \ dbutils.secrets.get(scope=adb_secret_scope, key=adb_sp_client_key_secret_name) if application_id is None: ValueError("Missing application_id parameter!") if directory_id is None: ValueError("Missing directory_id parameter!") if adb_secret_scope is None: ValueError("Missing adb_secret_scope_name parameter!") if adb_sp_client_key_secret_name is None: ValueError("Missing adb_sp_client_key_secret_name parameter!") if database is None: ValueError("Missing database parameter!") if jdbc_host is None: ValueError("Missing jdbc_host parameter!") if jdbc_port is None: ValueError("Missing jdbc_port parameter!") if use_msi_azure_sql_auth is None: ValueError("Missing use_msi_azure_sql_auth parameter!") if key_vault_url is None: ValueError("Missing key_vault_url parameter!") if jdbc_username_key_name is None: ValueError("Missing jdbc_username_key_name parameter!") if jdbc_password_key_name is None: ValueError("Missing jdbc_password_key_name parameter!") if jdbc_username is None: ValueError("Missing jdbc_username parameter!") if jdbc_password is None: ValueError("Missing jdbc_password parameter!") if export_batch_size is None: ValueError("Missing export_batch_size parameter!") connectionProperties = { 'databaseName': database, 'url': 'watercooler-sql-wt.database.windows.net', 'hostNameInCertificate': '*.database.windows.net', 'encrypt': 'true', 'Driver': 'com.microsoft.sqlserver.jdbc.SQLServerDriver', 'ServerCertificate': 'false', 'trustServerCertificate': 'false', 'loginTimeout': '30' } if use_msi_azure_sql_auth: sts_url = "https://login.microsoftonline.com/" + directory_id auth_context = AuthenticationContext(sts_url) token_obj = auth_context.acquire_token_with_client_credentials( "https://database.windows.net/", application_id, client_secret) access_token = token_obj['accessToken'] connectionProperties['accessToken'] = access_token else: service_principal_credential = ClientSecretCredential( tenant_id=spark_args.directory_id, client_id=spark_args.application_id, client_secret=SERVICE_PRINCIPAL_SECRET) secret_client = SecretClient(vault_url=spark_args.key_vault_url, credential=service_principal_credential) if jdbc_username_key_name and jdbc_password_key_name: connectionProperties["user"] = secret_client.get_secret( name=jdbc_username_key_name).value connectionProperties["password"] = secret_client.get_secret( name=jdbc_password_key_name).value else: connectionProperties["user"] = jdbc_username connectionProperties["password"] = jdbc_password connectionProperties["encrypt"] = "false" connection = jaydebeapi.connect( "com.microsoft.sqlserver.jdbc.SQLServerDriver", f"jdbc:sqlserver://{jdbc_host}:{jdbc_port};databaseName={database};", connectionProperties) cursor = connection.cursor() # logger.info(f"*******#####Processing {employee_profile_file}") # write_employee_profile_to_az_sql(employee_profile_file, export_batch_size, cursor) logger.info("*******#####Processing {groups_per_day_file}") write_groups_per_day_to_az_sql(groups_per_day_file, export_batch_size, cursor) logger.info(f"*******#####Processing {groups_per_week_file}") write_groups_per_week_to_az_sql(groups_per_week_file, export_batch_size, cursor) logger.info( f"*******#####Processing {members_group_personal_meetings_file}") write_members_group_personal_meetings_to_az_sql( members_group_personal_meetings_file, export_batch_size, cursor) logger.info( f"*******#####Processing {members_to_group_participation_file}") write_members_to_group_participation_to_az_sql( members_to_group_participation_file, export_batch_size, cursor) cursor.close() connection.close()
class MicrosoftAppCredentials(Authentication): """ MicrosoftAppCredentials auth implementation and cache. """ schema = "Bearer" trustedHostNames = { "state.botframework.com": datetime.max, "api.botframework.com": datetime.max, "token.botframework.com": datetime.max, "state.botframework.azure.us": datetime.max, "api.botframework.azure.us": datetime.max, "token.botframework.azure.us": datetime.max, } cache = {} def __init__( self, app_id: str, password: str, channel_auth_tenant: str = None, oauth_scope: str = None, ): """ Initializes a new instance of MicrosoftAppCredentials class :param app_id: The Microsoft app ID. :param app_password: The Microsoft app password. :param channel_auth_tenant: Optional. The oauth token tenant. """ # The configuration property for the Microsoft app ID. self.microsoft_app_id = app_id # The configuration property for the Microsoft app Password. self.microsoft_app_password = password tenant = (channel_auth_tenant if channel_auth_tenant else AuthenticationConstants.DEFAULT_CHANNEL_AUTH_TENANT) self.oauth_endpoint = ( AuthenticationConstants.TO_CHANNEL_FROM_BOT_LOGIN_URL_PREFIX + tenant) self.oauth_scope = ( oauth_scope or AuthenticationConstants.TO_BOT_FROM_CHANNEL_TOKEN_ISSUER) self.token_cache_key = app_id + self.oauth_scope + "-cache" if app_id else None self.authentication_context = AuthenticationContext( self.oauth_endpoint) # pylint: disable=arguments-differ def signed_session(self, session: requests.Session = None) -> requests.Session: """ Gets the signed session. :returns: Signed requests.Session object """ if not session: session = requests.Session() # If there is no microsoft_app_id and no self.microsoft_app_password, then there shouldn't # be an "Authorization" header on the outgoing activity. if not self.microsoft_app_id and not self.microsoft_app_password: session.headers.pop("Authorization", None) elif not session.headers.get("Authorization"): auth_token = self.get_access_token() header = "{} {}".format("Bearer", auth_token) session.headers["Authorization"] = header return session def get_access_token(self, force_refresh: bool = False) -> str: """ Gets an OAuth access token. :param force_refresh: True to force a refresh of the token; or false to get a cached token if it exists. :returns: Access token string """ if self.microsoft_app_id and self.microsoft_app_password: if not force_refresh: # check the global cache for the token. If we have it, and it's valid, we're done. oauth_token = MicrosoftAppCredentials.cache.get( self.token_cache_key, None) if oauth_token is not None: # we have the token. Is it valid? if oauth_token.expiration_time > datetime.now(): return oauth_token.access_token # We need to refresh the token, because: # 1. The user requested it via the force_refresh parameter # 2. We have it, but it's expired # 3. We don't have it in the cache. oauth_token = self.refresh_token() MicrosoftAppCredentials.cache.setdefault(self.token_cache_key, oauth_token) return oauth_token.access_token return "" def refresh_token(self) -> _OAuthResponse: """ returns: _OAuthResponse """ token = self.authentication_context.acquire_token_with_client_credentials( self.oauth_scope, self.microsoft_app_id, self.microsoft_app_password) oauth_response = _OAuthResponse.from_json(token) oauth_response.expiration_time = datetime.now() + timedelta( seconds=(int(oauth_response.expires_in) - 300)) return oauth_response @staticmethod def trust_service_url(service_url: str, expiration=None): """ Checks if the service url is for a trusted host or not. :param service_url: The service url. :param expiration: The expiration time after which this service url is not trusted anymore. :returns: True if the host of the service url is trusted; False otherwise. """ if expiration is None: expiration = datetime.now() + timedelta(days=1) host = urlparse(service_url).hostname if host is not None: MicrosoftAppCredentials.trustedHostNames[host] = expiration @staticmethod def is_trusted_service(service_url: str) -> bool: """ Checks if the service url is for a trusted host or not. :param service_url: The service url. :returns: True if the host of the service url is trusted; False otherwise. """ host = urlparse(service_url).hostname if host is not None: return MicrosoftAppCredentials._is_trusted_url(host) return False @staticmethod def _is_trusted_url(host: str) -> bool: expiration = MicrosoftAppCredentials.trustedHostNames.get( host, datetime.min) return expiration > (datetime.now() - timedelta(minutes=5))
import requests import json import pandas as pd import urllib from adal import AuthenticationContext # Azure App which need to be granted with Dynamics 365 permission on Azure portal clientAppId = [AppId] clientAppKey = [AppKey] # Request Azure access token requestURL = 'https://[domain].dynamics.com/' auth_context = AuthenticationContext( "https://login.microsoftonline.com/[domain]") token_response = auth_context.acquire_token_with_client_credentials( requestURL, clientAppId, clientAppKey) # Example of CRM API crmwebapi = 'https://[domain].api.crm.dynamics.com/api/data/v9.0' crmwebapiquery = '/contacts' ################################################################# # 1. Direct query example # https://docs.microsoft.com/en-us/dynamics365/customer-engagement/developer/webapi/query-data-web-api # example: https://[domain].api.crm.dynamics.com/api/data/v9.0/contacts?$select=fullname,contactid&$top=10 # params = '$select=fullname,contactid&$top=10' ################################################################# # 2. Fetch data via fetchXml as parameter # fetchXml can be generated from advance search page on CRM site