def device_flow_session(client_id, auto=False): """Obtain an access token from Azure AD (via device flow) and create a Requests session instance ready to make authenticated calls to Microsoft Graph. client_id = Application ID for registered "Azure AD only" V1-endpoint app auto = whether to copy device code to clipboard and auto-launch browser Returns Requests session object if user signed in successfully. The session includes the access token in an Authorization header. User identity must be an organizational account (ADAL does not support MSAs). """ context = AuthenticationContext(config.AUTHORITY_URL, api_version=None) # Authenticate user via email & password try: token_response = context.acquire_token_with_username_password( config.RESOURCE, config.EMAIL, config.PASSWORD, config.CLIENT_ID) except: print("ERROR: Username or Password incorrect. Closing program") exit() if not token_response.get('accessToken', None): return None session = requests.Session() session.headers.update({ 'Authorization': f'Bearer {token_response["accessToken"]}', 'SdkVersion': 'sample-python-adal', 'x-client-SKU': 'sample-python-adal' }) return session
def _make_request_headers(self, config): if request.headers is None: return None, 'No Headers' if 'authorization' in request.headers: authorization = request.headers['authorization'] else: return None, 'No authorization header' if authorization.count(';') != 1: return None, 'Invalid authorization header' authorization_split = authorization.split(';') username = authorization_split[0] password = authorization_split[1] auth_context = AuthenticationContext(config.authorization_endpoint, api_version=None) token_response = auth_context.acquire_token_with_username_password(config.base_url, username, password, config.application_id) try: self.access_token = token_response['accessToken'] self.expires_on = datetime.strptime(token_response['expiresOn'], '%Y-%m-%d %H:%M:%S.%f') except(KeyError): return None, repr(token_response) return self._create_header_from_token(), None
def meetings(application_id, email, password, log): context = AuthenticationContext(AUTHORITY_URL, api_version=None) token = context.acquire_token_with_username_password( RESOURCE, email, password, application_id) return get_meetings(token, log)
def email_count(application_id, email, password): context = AuthenticationContext(AUTHORITY_URL, api_version=None) token = context.acquire_token_with_username_password( RESOURCE, email, password, application_id) inbox = get_primary_inbox(token) return get_email_count(inbox, token)
def get_accesstoken(resource_url,username,password): domain_name = username.split("@")[1] auth_endpoint = get_tennantid(domain_name) client_id = "d3590ed6-52b3-4102-aeff-aad2292ab01c" context = AuthenticationContext(auth_endpoint.replace("/oauth2/authorize","")) token_response = context.acquire_token_with_username_password(("https://" + resource_url),username,password,client_id) if "accessToken" in token_response: return token_response else: raise ValueError('Token Could not be retrieved')
class _AadHelper(object): def __init__( self, kusto_cluster, client_id=None, client_secret=None, username=None, password=None, authority=None, ): self.adal_context = AuthenticationContext( "https://login.windows.net/{0}".format(authority or "microsoft.com")) self.kusto_cluster = kusto_cluster self.client_id = client_id or "db662dc1-0cfe-4e1c-a843-19a68e65be58" self.client_secret = client_secret self.username = username self.password = password def acquire_token(self): """A method to acquire tokens from AAD.""" token_response = self.adal_context.acquire_token( self.kusto_cluster, self.username, self.client_id) if token_response is not None: expiration_date = dateutil.parser.parse( token_response["expiresOn"]) if expiration_date > datetime.utcnow() + timedelta(minutes=5): return token_response["accessToken"] if self.client_secret is not None and self.client_id is not None: token_response = self.adal_context.acquire_token_with_client_credentials( self.kusto_cluster, self.client_id, self.client_secret) elif self.username is not None and self.password is not None: token_response = self.adal_context.acquire_token_with_username_password( self.kusto_cluster, self.username, self.password, self.client_id) else: code = self.adal_context.acquire_user_code(self.kusto_cluster, self.client_id) print(code["message"]) webbrowser.open(code["verification_url"]) token_response = self.adal_context.acquire_token_with_device_code( self.kusto_cluster, code, self.client_id) return token_response["accessToken"]
def main(argv): try: options, args = getopt.getopt(argv, 'hu:p:a:r:c:') except getopt.GetoptError: printUsage() sys.exit(-1) username = '' password = '' authority = '' resource = '' clientId = '' for option, arg in options: if option == '-h': printUsage() sys.exit() elif option == '-u': username = arg elif option == '-p': password = arg elif option == '-a': authority = arg elif option == '-r': resource = arg elif option == '-c': clientId = arg if username == '' or password == '' or authority == '' or resource == '' or clientId == '': printUsage() sys.exit(-1) # Find everything after the last '/' and replace it with 'token' if not authority.endswith('token'): regex = re.compile('^(.*[\/])') match = regex.match(authority) authority = match.group() authority = authority + username.split('@')[1] auth_context = AuthenticationContext(authority) token = auth_context.acquire_token_with_username_password( resource, username, password, clientId) print(token["accessToken"])
class _MyAadHelper(object): def __init__(self, kcsb, default_clientid): authority = kcsb.authority_id or "common" self._resource = "{0.scheme}://{0.hostname}".format( urlparse(kcsb.data_source)) self._adal_context = AuthenticationContext( "https://login.microsoftonline.com/{0}".format(authority)) self._username = None if all([kcsb.aad_user_id, kcsb.password]): self._authentication_method = AuthenticationMethod.aad_username_password self._client_id = default_clientid self._username = kcsb.aad_user_id self._password = kcsb.password elif all([kcsb.application_client_id, kcsb.application_key]): self._authentication_method = AuthenticationMethod.aad_application_key self._client_id = kcsb.application_client_id self._client_secret = kcsb.application_key elif all([ kcsb.application_client_id, kcsb.application_certificate, kcsb.application_certificate_thumbprint ]): self._authentication_method = AuthenticationMethod.aad_application_certificate self._client_id = kcsb.application_client_id self._certificate = kcsb.application_certificate self._thumbprint = kcsb.application_certificate_thumbprint else: self._authentication_method = AuthenticationMethod.aad_device_login self._client_id = default_clientid def acquire_token(self, **options): """Acquire tokens from AAD.""" token = self._adal_context.acquire_token(self._resource, self._username, self._client_id) if token is not None: expiration_date = dateutil.parser.parse( token[TokenResponseFields.EXPIRES_ON]) if expiration_date > datetime.now() + timedelta(minutes=1): return self._get_header(token) if TokenResponseFields.REFRESH_TOKEN in token: token = self._adal_context.acquire_token_with_refresh_token( token[TokenResponseFields.REFRESH_TOKEN], self._client_id, self._resource) if token is not None: return self._get_header(token) if self._authentication_method is AuthenticationMethod.aad_username_password: token = self._adal_context.acquire_token_with_username_password( self._resource, self._username, self._password, self._client_id) elif self._authentication_method is AuthenticationMethod.aad_application_key: token = self._adal_context.acquire_token_with_client_credentials( self._resource, self._client_id, self._client_secret) elif self._authentication_method is AuthenticationMethod.aad_device_login: # print(code[OAuth2DeviceCodeResponseParameters.MESSAGE]) # webbrowser.open(code[OAuth2DeviceCodeResponseParameters.VERIFICATION_URL]) # token = self._adal_context.acquire_token_with_device_code( # self._resource, code, self._client_id # ) code: dict = self._adal_context.acquire_user_code( self._resource, self._client_id) url = code[OAuth2DeviceCodeResponseParameters.VERIFICATION_URL] device_code = code[ OAuth2DeviceCodeResponseParameters.USER_CODE].strip() html_str = ("""<!DOCTYPE html> <html><body> <!-- h1 id="user_code_p"><b>""" + device_code + """</b><br></h1--> <input id="kql_MagicCodeAuthInput" type="text" readonly style="font-weight: bold; border: none;" size = '""" + str(len(device_code)) + """' value='""" + device_code + """'> <button id='kql_MagicCodeAuth_button', onclick="this.style.visibility='hidden';kql_MagicCodeAuthFunction()">Copy code to clipboard and authenticate</button> <script> var kql_MagicUserCodeAuthWindow = null function kql_MagicCodeAuthFunction() { /* Get the text field */ var copyText = document.getElementById("kql_MagicCodeAuthInput"); /* Select the text field */ copyText.select(); /* Copy the text inside the text field */ document.execCommand("copy"); /* Alert the copied text */ // alert("Copied the text: " + copyText.value); var w = screen.width / 2; var h = screen.height / 2; params = 'width='+w+',height='+h kql_MagicUserCodeAuthWindow = window.open('""" + url + """', 'kql_MagicUserCodeAuthWindow', params); // TODO: save selected cell index, so that the clear will be done on the lince cell } </script> </body></html>""") if options.get("notebook_app") in ["visualstudiocode", "ipython"]: Display.show_window('verification_url', url, **options) # Display.showInfoMessage("Code: {0}".format(device_code)) Display.showInfoMessage( "Copy code: {0} to verification url: {1} and authenticate". format(device_code, url), **options) else: Display.show_html(html_str) try: token = self._adal_context.acquire_token_with_device_code( self._resource, code, self._client_id) finally: html_str = """<!DOCTYPE html> <html><body><script> // close authentication window if (kql_MagicUserCodeAuthWindow && kql_MagicUserCodeAuthWindow.opener != null && !kql_MagicUserCodeAuthWindow.closed) { kql_MagicUserCodeAuthWindow.close() } // TODO: make sure, you clear the right cell. BTW, not sure it is a must to do any clearing // clear output cell Jupyter.notebook.clear_output(Jupyter.notebook.get_selected_index()) // TODO: if in run all mode, move to last cell, otherwise move to next cell // move to next cell </script></body></html>""" Display.show_html(html_str) elif self._authentication_method is AuthenticationMethod.aad_application_certificate: token = self._adal_context.acquire_token_with_client_certificate( self._resource, self._client_id, self._certificate, self._thumbprint) else: raise AuthenticationError("Unknown authentication method.") return self._get_header(token) def _get_header(self, token): return "{0} {1}".format(token[TokenResponseFields.TOKEN_TYPE], token[TokenResponseFields.ACCESS_TOKEN])
class _AadHelper(object): def __init__(self, kcsb): authority = kcsb.authority_id or "microsoft.com" self._kusto_cluster = "{0.scheme}://{0.hostname}".format( urlparse(kcsb.data_source)) self._adal_context = AuthenticationContext("https://{0}/{1}".format( AADConstants.WORLD_WIDE_AUTHORITY, authority)) self._username = None if all([kcsb.aad_user_id, kcsb.password]): self._authentication_method = AuthenticationMethod.aad_username_password self._client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" self._username = kcsb.aad_user_id self._password = kcsb.password elif all([kcsb.application_client_id, kcsb.application_key]): self._authentication_method = AuthenticationMethod.aad_application_key self._client_id = kcsb.application_client_id self._client_secret = kcsb.application_key elif all([ kcsb.application_client_id, kcsb.application_certificate, kcsb.application_certificate_thumbprint, ]): self._authentication_method = AuthenticationMethod.aad_application_certificate self._client_id = kcsb.application_client_id self._certificate = kcsb.application_certificate self._thumbprint = kcsb.application_certificate_thumbprint else: self._authentication_method = AuthenticationMethod.aad_device_login self._client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" def acquire_token(self): """Acquire tokens from AAD.""" token = self._adal_context.acquire_token(self._kusto_cluster, self._username, self._client_id) if token is not None: expiration_date = dateutil.parser.parse( token[TokenResponseFields.EXPIRES_ON]) if expiration_date > datetime.now() + timedelta(minutes=1): return _get_header(token) if TokenResponseFields.REFRESH_TOKEN in token: token = self._adal_context.acquire_token_with_refresh_token( token[TokenResponseFields.REFRESH_TOKEN], self._client_id, self._kusto_cluster) if token is not None: return _get_header(token) if self._authentication_method is AuthenticationMethod.aad_username_password: token = self._adal_context.acquire_token_with_username_password( self._kusto_cluster, self._username, self._password, self._client_id) elif self._authentication_method is AuthenticationMethod.aad_application_key: token = self._adal_context.acquire_token_with_client_credentials( self._kusto_cluster, self._client_id, self._client_secret) elif self._authentication_method is AuthenticationMethod.aad_device_login: code = self._adal_context.acquire_user_code( self._kusto_cluster, self._client_id) print(code[OAuth2DeviceCodeResponseParameters.MESSAGE]) webbrowser.open( code[OAuth2DeviceCodeResponseParameters.VERIFICATION_URL]) token = self._adal_context.acquire_token_with_device_code( self._kusto_cluster, code, self._client_id) elif self._authentication_method is AuthenticationMethod.aad_application_certificate: token = self._adal_context.acquire_token_with_client_certificate( self._kusto_cluster, self._client_id, self._certificate, self._thumbprint) else: raise KustoClientError( "Please choose authentication method from azure.kusto.data.security.AuthenticationMethod" ) return _get_header(token)
class _AadHelper: authentication_method = None auth_context = None username = None kusto_uri = None authority_uri = None client_id = None password = None thumbprint = None certificate = None msi_params = None token_provider = None def __init__(self, kcsb): self.kusto_uri = "{0.scheme}://{0.hostname}".format( urlparse(kcsb.data_source)) self.username = None if all([kcsb.aad_user_id, kcsb.password]): self.authentication_method = AuthenticationMethod.aad_username_password self.client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" self.username = kcsb.aad_user_id self.password = kcsb.password elif all([kcsb.application_client_id, kcsb.application_key]): self.authentication_method = AuthenticationMethod.aad_application_key self.client_id = kcsb.application_client_id self.client_secret = kcsb.application_key elif all([ kcsb.application_client_id, kcsb.application_certificate, kcsb.application_certificate_thumbprint ]): self.authentication_method = AuthenticationMethod.aad_application_certificate self.client_id = kcsb.application_client_id self.certificate = kcsb.application_certificate self.thumbprint = kcsb.application_certificate_thumbprint elif kcsb.msi_authentication: self.authentication_method = AuthenticationMethod.aad_msi self.msi_params = kcsb.msi_parameters return elif any([kcsb.user_token, kcsb.application_token]): self.token = kcsb.user_token or kcsb.application_token self.authentication_method = AuthenticationMethod.aad_token return elif kcsb.az_cli: self.authentication_method = AuthenticationMethod.az_cli_profile return elif kcsb.token_provider: self.authentication_method = AuthenticationMethod.token_provider self.token_provider = kcsb.token_provider else: self.authentication_method = AuthenticationMethod.aad_device_login self.client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" authority = kcsb.authority_id or "common" aad_authority_uri = os.environ.get("AadAuthorityUri", CLOUD_LOGIN_URL) self.authority_uri = aad_authority_uri + authority if aad_authority_uri.endswith( "/") else aad_authority_uri + "/" + authority def acquire_authorization_header(self): """Acquire tokens from AAD.""" try: return self._acquire_authorization_header() except (AdalError, KustoClientError) as error: if self.authentication_method is AuthenticationMethod.aad_username_password: kwargs = { "username": self.username, "client_id": self.client_id } elif self.authentication_method is AuthenticationMethod.aad_application_key: kwargs = {"client_id": self.client_id} elif self.authentication_method is AuthenticationMethod.aad_device_login: kwargs = {"client_id": self.client_id} elif self.authentication_method is AuthenticationMethod.aad_application_certificate: kwargs = { "client_id": self.client_id, "thumbprint": self.thumbprint } elif self.authentication_method is AuthenticationMethod.aad_msi: kwargs = self.msi_params elif self.authentication_method is AuthenticationMethod.token_provider: kwargs = {} else: raise error kwargs["resource"] = self.kusto_uri if self.authentication_method is AuthenticationMethod.aad_msi: kwargs["authority"] = AuthenticationMethod.aad_msi.value elif self.authentication_method is AuthenticationMethod.token_provider: kwargs["authority"] = AuthenticationMethod.token_provider.value elif self.auth_context is not None: kwargs["authority"] = self.auth_context.authority.url raise KustoAuthenticationError(self.authentication_method.value, error, **kwargs) def _acquire_authorization_header(self) -> str: # Token was provided by caller if self.authentication_method is AuthenticationMethod.aad_token: return _get_header("Bearer", self.token) if self.authentication_method is AuthenticationMethod.token_provider: caller_token = self.token_provider() if not isinstance(caller_token, str): raise KustoClientError( "Token provider returned something that is not a string [" + str(type(caller_token)) + "]") return _get_header("Bearer", caller_token) # Obtain token from MSI endpoint if self.authentication_method == AuthenticationMethod.aad_msi: token = self.get_token_from_msi() return _get_header_from_dict(token) refresh_token = None if self.authentication_method == AuthenticationMethod.az_cli_profile: stored_token = _get_azure_cli_auth_token() if (TokenResponseFields.REFRESH_TOKEN in stored_token and TokenResponseFields._CLIENT_ID in stored_token and TokenResponseFields._AUTHORITY in stored_token): self.client_id = stored_token[TokenResponseFields._CLIENT_ID] self.username = stored_token[TokenResponseFields.USER_ID] self.authority_uri = stored_token[ TokenResponseFields._AUTHORITY] refresh_token = stored_token[TokenResponseFields.REFRESH_TOKEN] if self.auth_context is None: self.auth_context = AuthenticationContext(self.authority_uri) if refresh_token is not None: token = self.auth_context.acquire_token_with_refresh_token( refresh_token, self.client_id, self.kusto_uri) else: token = self.auth_context.acquire_token(self.kusto_uri, self.username, self.client_id) if token is not None: expiration_date = dateutil.parser.parse( token[TokenResponseFields.EXPIRES_ON]) if expiration_date > datetime.now() + timedelta(minutes=1): return _get_header_from_dict(token) if TokenResponseFields.REFRESH_TOKEN in token: token = self.auth_context.acquire_token_with_refresh_token( token[TokenResponseFields.REFRESH_TOKEN], self.client_id, self.kusto_uri) if token is not None: return _get_header_from_dict(token) # obtain token from AAD if self.authentication_method is AuthenticationMethod.aad_username_password: token = self.auth_context.acquire_token_with_username_password( self.kusto_uri, self.username, self.password, self.client_id) elif self.authentication_method is AuthenticationMethod.aad_application_key: token = self.auth_context.acquire_token_with_client_credentials( self.kusto_uri, self.client_id, self.client_secret) elif self.authentication_method is AuthenticationMethod.aad_device_login: code = self.auth_context.acquire_user_code(self.kusto_uri, self.client_id) print(code[OAuth2DeviceCodeResponseParameters.MESSAGE]) webbrowser.open( code[OAuth2DeviceCodeResponseParameters.VERIFICATION_URL]) token = self.auth_context.acquire_token_with_device_code( self.kusto_uri, code, self.client_id) elif self.authentication_method is AuthenticationMethod.aad_application_certificate: token = self.auth_context.acquire_token_with_client_certificate( self.kusto_uri, self.client_id, self.certificate, self.thumbprint) else: raise KustoClientError( "Please choose authentication method from azure.kusto.data.security.AuthenticationMethod" ) return _get_header_from_dict(token) def get_token_from_msi(self) -> dict: try: credentials = MSIAuthentication(**self.msi_params) except Exception as e: raise KustoClientError("Failed to obtain MSI context for [" + str(self.msi_params) + "]\n" + str(e)) return credentials.token
class _AadHelper(object): def __init__(self, kcsb): if any([kcsb.user_token, kcsb.application_token]): self._token = kcsb.user_token or kcsb.application_token self._authentication_method = AuthenticationMethod.aad_token return authority = kcsb.authority_id or "common" self._kusto_cluster = "{0.scheme}://{0.hostname}".format( urlparse(kcsb.data_source)) self._adal_context = AuthenticationContext( "https://login.microsoftonline.com/{0}".format(authority)) self._username = None if all([kcsb.aad_user_id, kcsb.password]): self._authentication_method = AuthenticationMethod.aad_username_password self._client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" self._username = kcsb.aad_user_id self._password = kcsb.password elif all([kcsb.application_client_id, kcsb.application_key]): self._authentication_method = AuthenticationMethod.aad_application_key self._client_id = kcsb.application_client_id self._client_secret = kcsb.application_key elif all([ kcsb.application_client_id, kcsb.application_certificate, kcsb.application_certificate_thumbprint ]): self._authentication_method = AuthenticationMethod.aad_application_certificate self._client_id = kcsb.application_client_id self._certificate = kcsb.application_certificate self._thumbprint = kcsb.application_certificate_thumbprint else: self._authentication_method = AuthenticationMethod.aad_device_login self._client_id = "db662dc1-0cfe-4e1c-a843-19a68e65be58" def acquire_authorization_header(self): """Acquire tokens from AAD.""" try: return self._acquire_authorization_header() except AdalError as error: if self._authentication_method is AuthenticationMethod.aad_username_password: kwargs = { "username": self._username, "client_id": self._client_id } elif self._authentication_method is AuthenticationMethod.aad_application_key: kwargs = {"client_id": self._client_id} elif self._authentication_method is AuthenticationMethod.aad_device_login: kwargs = {"client_id": self._client_id} elif self._authentication_method is AuthenticationMethod.aad_application_certificate: kwargs = { "client_id": self._client_id, "thumbprint": self._thumbprint } else: raise error kwargs["resource"] = self._kusto_cluster kwargs["authority"] = self._adal_context.authority.url raise KustoAuthenticationError(self._authentication_method.value, error, **kwargs) def _acquire_authorization_header(self): if self._authentication_method is AuthenticationMethod.aad_token: return _get_header("Bearer", self._token) token = self._adal_context.acquire_token(self._kusto_cluster, self._username, self._client_id) if token is not None: expiration_date = dateutil.parser.parse( token[TokenResponseFields.EXPIRES_ON]) if expiration_date > datetime.now() + timedelta(minutes=1): return _get_header_from_dict(token) if TokenResponseFields.REFRESH_TOKEN in token: token = self._adal_context.acquire_token_with_refresh_token( token[TokenResponseFields.REFRESH_TOKEN], self._client_id, self._kusto_cluster) if token is not None: return _get_header_from_dict(token) if self._authentication_method is AuthenticationMethod.aad_username_password: token = self._adal_context.acquire_token_with_username_password( self._kusto_cluster, self._username, self._password, self._client_id) elif self._authentication_method is AuthenticationMethod.aad_application_key: token = self._adal_context.acquire_token_with_client_credentials( self._kusto_cluster, self._client_id, self._client_secret) elif self._authentication_method is AuthenticationMethod.aad_device_login: code = self._adal_context.acquire_user_code( self._kusto_cluster, self._client_id) print(code[OAuth2DeviceCodeResponseParameters.MESSAGE]) webbrowser.open( code[OAuth2DeviceCodeResponseParameters.VERIFICATION_URL]) token = self._adal_context.acquire_token_with_device_code( self._kusto_cluster, code, self._client_id) elif self._authentication_method is AuthenticationMethod.aad_application_certificate: token = self._adal_context.acquire_token_with_client_certificate( self._kusto_cluster, self._client_id, self._certificate, self._thumbprint) else: raise KustoClientError( "Please choose authentication method from azure.kusto.data.security.AuthenticationMethod" ) return _get_header_from_dict(token)
class _MyAadHelper(object): def __init__(self, kusto_cluster, client_id=None, client_secret=None, username=None, password=None, authority=None): self.adal_context = AuthenticationContext( 'https://login.windows.net/{0}'.format(authority or 'microsoft.com')) self.kusto_cluster = kusto_cluster self.client_id = client_id or "db662dc1-0cfe-4e1c-a843-19a68e65be58" self.client_secret = client_secret self.username = username self.password = password def acquire_token(self): """ A method to acquire tokens from AAD. """ # print("my_aad_helper_acquire_token") token_response = self.adal_context.acquire_token( self.kusto_cluster, self.username, self.client_id) if token_response is not None: expiration_date = dateutil.parser.parse( token_response['expiresOn']) if expiration_date > datetime.utcnow() + timedelta(minutes=5): return token_response['accessToken'] if self.client_secret is not None and self.client_id is not None: token_response = self.adal_context.acquire_token_with_client_credentials( self.kusto_cluster, self.client_id, self.client_secret) elif self.username is not None and self.password is not None: token_response = self.adal_context.acquire_token_with_username_password( self.kusto_cluster, self.username, self.password, self.client_id) else: code = self.adal_context.acquire_user_code(self.kusto_cluster, self.client_id) url = code['verification_url'] device_code = code["user_code"].strip() html_str = """<!DOCTYPE html> <html><body> <!-- h1 id="user_code_p"><b>""" + device_code + """</b><br></h1--> <input id="kqlMagicCodeAuthInput" type="text" readonly style="font-weight: bold; border: none;" size = '""" + str( len(device_code)) + """' value='""" + device_code + """'> <button id='kqlMagicCodeAuth_button', onclick="this.style.visibility='hidden';kqlMagicCodeAuthFunction()">Copy code to clipboard and authenticate</button> <script> var kqlMagicUserCodeAuthWindow = null function kqlMagicCodeAuthFunction() { /* Get the text field */ var copyText = document.getElementById("kqlMagicCodeAuthInput"); /* Select the text field */ copyText.select(); /* Copy the text inside the text field */ document.execCommand("copy"); /* Alert the copied text */ // alert("Copied the text: " + copyText.value); var w = screen.width / 2; var h = screen.height / 2; params = 'width='+w+',height='+h kqlMagicUserCodeAuthWindow = window.open('""" + url + """', 'kqlMagicUserCodeAuthWindow', params); } </script> </body></html>""" Display.show(html_str) # webbrowser.open(code['verification_url']) try: token_response = self.adal_context.acquire_token_with_device_code( self.kusto_cluster, code, self.client_id) finally: html_str = """<!DOCTYPE html> <html><body><script> // close authentication window if (kqlMagicUserCodeAuthWindow && kqlMagicUserCodeAuthWindow.opener != null && !kqlMagicUserCodeAuthWindow.closed) { kqlMagicUserCodeAuthWindow.close() } // clear output cell Jupyter.notebook.clear_output(Jupyter.notebook.get_selected_index()) // move to next cell </script></body></html>""" Display.show(html_str) return token_response['accessToken']
class DB12Kernel(MetaKernel): app_name = "db_12_kernel" implementation = "A Jupyter kernel for Databricks using REST API 1.2" implementation_version = "0.1.0" language = "python" language_version = "3.6+" banner = "Databricks REST API 1.2 Kernel - evaluates Python statements on a remote Databricks cluster" language_info = { "mimetype": "text/x-python", "name": "python", "file_extension": ".py", "help_links": MetaKernel.help_links, } kernel_json = { "argv": [sys.executable, "-m", "db_12_kernel", "-f", "{connection_file}"], "display_name": "DB Kernel", "language": "python", "name": "db_12_kernel", } profile = Unicode(None, allow_none=True).tag(config=True) host = Unicode(None, allow_none=True).tag(config=True) cluster = Unicode(None, allow_none=True).tag(config=True) org = Unicode(None, allow_none=True).tag(config=True) tenant = Unicode(None, allow_none=True).tag(config=True) user = Unicode(None, allow_none=True).tag(config=True) def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) # self.log = logging.getLogger(self.__class__.__name__) self.log.setLevel(logging.DEBUG) self.log.info("Current Databricks config") self.log.info("- Profile %s", self.profile) self.log.info("- Cluster %s", self.cluster) # All clusters self.command = None self.token = None # Azure clusters for User AAD Token self.password = None # self._get_config() def _get_config(self, config_file="~/.dbjl-light"): if self.profile is None: with open(os.path.expanduser(config_file)) as fd: db_config = yaml.safe_load(fd) self.cluster = db_config["cluster"] self.host = db_config["host"] self.org = db_config["org"] self.tenant = db_config["tenant"] self.user = db_config["user"] self.token = None else: self.log.info("profile2 %s", self.profile) self.host, self.token = get_db_config(self.profile) self.log.info("host %s", self.host) self.org = None self.tenant = None self.user = None self.host = self.host.rstrip("/") def _decode_token(self, token): self.log.info(jwt.decode(token, verify=False)) def _debug(self, *args): self.redirect_to_log = True self.log.debug(" ".join([str(a) for a in args]) + "\n") self.redirect_to_log = False def _strip_out(self, result): return re.sub(r"^(Out\[\d+\]: )", "", result) def _get_password(self, prompt): # Using a private API here. No idea how to avoid this ... return self._input_request(str(prompt), self._parent_ident, self._parent_header, password=True) def _login(self): if self.token is None and self.org is not None: # Azure, use User AAD Token password = self._get_password("Password for '%s': " % self.user) authority_url = "https://login.microsoftonline.com/%s" % self.tenant self.auth_context = AuthenticationContext(authority_url) token_response = self.auth_context.acquire_token_with_username_password( DB_RESOURCE, self.user, password, self.client_id) self.token = token_response.get("accessToken", None) self.refresh_token = token_response.get("refreshToken", None) self._decode_token(self.access_token) def _create_context(self): if self.command == None: if self.token is None: self._get_config() self.log.info("Creating execution context\n") self.log.debug("Current config:") self.log.debug("- Profile: %s", self.profile) self.log.debug("- Databricks host: %s", self.host) self.log.debug("- Cluster: %s", self.cluster) if self.org is not None: self.log.info("- Organsation: %s", self.org) if self.user is not None: self.log.info("- User: %s\n", self.user) self._login() self.command = RemoteCommand( self.host, self.cluster, self.org, self.token, self.log, self.Print, ) if self.command.start_context(): self.Print("Importing jedi and pydoc") self.command.execute("import jedi, pydoc") self.Print("Patching matplotlib.pyplot.show") self.command.execute(SHOW_TEMPLATE) try: self.Print("Generating Spark UI URL") response = self.command.execute( "sc.getConf().get('spark.databricks.sparkContextId')") print(response) context_id = self._strip_out(response[1])[1:-1] url = "%ssparkui/%s/driver-%s/jobs?o=%s" % ( self.host, self.cluster, context_id, self.org, ) url = "%s/?o=%s#/setting/clusters/%s/sparkUi" % ( self.host, self.org, self.cluster, ) self.command.execute("SPARK_UI='%s'" % url) self.Display( HTML( "Databricks execution context created: <a href='%s'>Spark UI</a> (variable SPARK_UI)" % url), clear_output=True, ) except: self.Print("Cannot automatically determine SPARK UI URL") self.Display(HTML("Databricks execution context created"), clear_output=True) else: self.Display( HTML("Could not start Databricks execution context"), clear_output=False, ) def _close_context(self): if self.command is not None: self.command.close_context() def get_usage(self): return "This is a Databricks REST Kernel. It implements a remote Python interpreter." def do_execute_direct(self, code): self._debug(code) self._create_context() response = self.command.execute(code) if response[0]: try: result = eval(self._strip_out(response[1])) except: result = self._strip_out(response[1]) self._debug("result=", result, type(result)) if isinstance(result, dict): if result.get("client", None) == "__dbjl_light__": if result["format"] in ["png", "jpg", "jpeg"]: self.Display(Image(base64.b64decode(result["data"]))) return None elif result["format"] == "html": self.Display(HTML(result["data"])) return None elif result["format"] == "svg": self.Display(SVG(result["data"])) return None if result == "": return None elif isinstance(result, str): self.Print(result) else: return result else: self.Display(HTML("Summary: " + response[1]["summary"])) self.Print(response[1]["cause"]) def get_completions(self, info): self._create_context() text = info["code"] lines = split_lines(text) position = (info["line_num"], info["column"]) code = COMPLETION_TEMPLATE % (text, str(lines), str(position)) response = self.command.execute(code) result = self._strip_out(response[1]) before, _, completions = eval(result) completions = [before + c for c in completions] return [c[info["start"]:] for c in completions] def get_kernel_help_on(self, info, level=1, none_on_fail=False): last = info["obj"] default = None if none_on_fail else ('No help available for "%s"' % last) code = HELP_TEMPLATE % (last, default) response = self.command.execute(code) result = (self._strip_out(response[1]).replace( "``", "`").encode("utf-8").decode("unicode_escape").strip('"')) self.Print(result) def restart_kernel(self): self._close_context() def do_shutdown(self, restart): self._close_context() return super().do_shutdown(restart)
from adal import AuthenticationContext from dynamics365crm.client import Client DYNAMIC_RESOURCE = 'https://edge.crm2.dynamics.com/' auth_context = AuthenticationContext( 'https://login.microsoftonline.com/76b77ddd-7462-4810-b24e-bc1668ab6f19') token = auth_context.acquire_token_with_username_password( 'https://edge.crm2.dynamics.com/', '*****@*****.**', 'Murilao23', '87dafbc3-e1eb-418f-abbb-3d526d1508d4') #'e84e50cb-b9df-4311-b672-b47951e6a2c7') client = Client(DYNAMIC_RESOURCE) client.set_token(token["accessToken"])