-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathget_organization.ps1
93 lines (86 loc) · 3.99 KB
/
get_organization.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
#!/usr/bin/env pwsh
#Requires -Version 7
[CmdletBinding(DefaultParameterSetName = 'AAD')]
param (
[parameter(Mandatory=$true,HelpMessage="Url of the Azure DevOps Organization")]
[ValidateNotNullOrEmpty()]
[uri]
$OrganizationUrl=($env:AZDO_ORG_SERVICE_URL ?? $env:SYSTEM_COLLECTIONURI),
[parameter(Mandatory=$false,HelpMessage="PAT token with read access on 'User Profile' scope",ParameterSetName='Token')]
[string]
$Token=($env:AZURE_DEVOPS_EXT_PAT ?? $env:AZDO_PERSONAL_ACCESS_TOKEN),
[parameter(Mandatory=$false,HelpMessage="Azure Active Directory tenant id",ParameterSetName='AAD')]
[guid]
$TenantId=($env:ARM_TENANT_ID ?? $env:AZURE_TENANT_ID ?? [guid]::Empty)
)
$ErrorActionPreference = 'Stop'
Write-Debug $MyInvocation.line
. (Join-Path $PSScriptRoot functions.ps1)
$OrganizationUrl = $OrganizationUrl.ToString().TrimEnd('/')
if ($OrganizationUrl -match "^https://dev.azure.com/(\w+)|^https://(\w+).visualstudio.com/") {
$organizationName = ($Matches[1] ?? $Matches[2])
} else {
Write-Error "Invalid organization url. Please provide a valid url of the form https://dev.azure.com/{organization} or https://{organization}.visualstudio.com"
exit 1
}
if ($Token) {
"Basic {0}" -f [Convert]::ToBase64String([System.Text.ASCIIEncoding]::ASCII.GetBytes(":${Token}")) `
| Set-Variable authHeader
} else {
Login-Az -TenantId $TenantId
az account get-access-token --resource 499b84ac-1321-427f-aa17-267ca6975798 `
--query "accessToken" `
--output tsv `
| Set-Variable aadToken
$authHeader = "Bearer ${aadToken}"
}
Write-Debug $authHeader
Write-Host "Retrieving member information from profile REST API..."
$profileUrl = "https://app.vssps.visualstudio.com/_apis/profile/profiles/me?api-version=7.1-preview.1"
Write-Debug $profileUrl
Invoke-WebRequest -Uri $profileUrl `
-Headers @{
Accept = "application/json"
Authorization = $authHeader
"Content-Type" = "application/json"
} `
-Method Get `
| Tee-Object -Variable profileResponse `
| Select-Object -ExpandProperty Content `
| Tee-Object -Variable profileJson `
| ConvertFrom-Json `
| Set-Variable profile
$profileResponse | Format-List | Out-String | Write-Debug
$profileJson | ConvertFrom-Json -Depth 4 | ConvertTo-Json -Depth 4 | Write-Debug
if (!$profile) {
Write-Error "Could not find profile"
exit 2
}
$profile | Format-List | Out-String | Write-Debug
Write-Host "Retrieving organization from accounts REST API..."
$accountsUrl = "https://app.vssps.visualstudio.com/_apis/accounts?api-version=7.1-preview.1&memberId=$($profile.id)"
Write-Debug $accountsUrl
Invoke-WebRequest -Uri $accountsUrl `
-Headers @{
Accept = "application/json"
Authorization = $authHeader
"Content-Type" = "application/json"
} `
-Method Get `
| Tee-Object -Variable accountsResponse `
| Select-Object -ExpandProperty Content `
| Tee-Object -Variable accountsJson `
| ConvertFrom-Json `
| Select-Object -ExpandProperty value `
| Tee-Object -Variable accounts `
| Where-Object { $_.accountName -eq $organizationName } `
| Set-Variable account
$accountsResponse | Format-List | Out-String | Write-Debug
$accountsJson | ConvertFrom-Json -Depth 4 | ConvertTo-Json -Depth 4 | Write-Debug
$accounts | Format-Table | Out-String | Write-Debug
if (!$account) {
Write-Error "Could not find account for organization '${organizationName}'"
exit 2
}
Add-Member -InputObject $account -NotePropertyName issuerUrl -NotePropertyValue "https://vstoken.dev.azure.com/$($account.accountId)"
$account | Format-List