def get_iot_central_tokens(cmd, app_id, central_dns_suffix):
import requests
aad_token = get_aad_token(
cmd, resource="https://apps.azureiotcentral.com")["accessToken"]
url = "https://{}.{}/system/iothubs/generateSasTokens".format(
app_id, central_dns_suffix)
response = requests.post(
url, headers={"Authorization": "Bearer {}".format(aad_token)})
tokens = response.json()
additional_help = (
"Please ensure that the user is logged through the `az login` command, "
"has the correct tenant set (the users home tenant) and "
"has access to the application through http://apps.azureiotcentral.com"
)
if tokens.get("error"):
error_message = tokens["error"]["message"]
if tokens["error"]["code"].startswith("403.043.004."):
error_message = "{} {}".format(error_message, additional_help)
raise CLIError("Error {} getting tokens. {}".format(
tokens["error"]["code"], error_message))
if tokens.get("message"):
error_message = "{} {}".format(tokens["message"], additional_help)
raise CLIError(error_message)
return tokens
def get_headers(token, cmd, has_json_payload=False):
if not token:
aad_token = auth.get_aad_token(cmd, resource="https://apps.azureiotcentral.com")
token = "Bearer {}".format(aad_token["accessToken"])
if has_json_payload:
return {
"Authorization": token,
"User-Agent": constants.USER_AGENT,
"Content-Type": "application/json",
}
return {"Authorization": token, "User-Agent": constants.USER_AGENT}
def test_get_aad_token(self, fixture_azure_profile):
from azext_iot.common.auth import get_aad_token
class Cmd:
cli_ctx = ""
# Test to ensure _get_aad_token is called and returns the right values based on profile.get_raw_tokens
assert get_aad_token(Cmd(), "resource") == {
"accessToken": "raw token 0 -b",
"expiresOn": "value",
"subscription": "raw token 1",
"tenant": "raw token 2",
"tokenType": "raw token 0 - A",
}