-
Notifications
You must be signed in to change notification settings - Fork 17
/
azure-devops-rest.ps1
121 lines (110 loc) · 3.61 KB
/
azure-devops-rest.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<#
test ado rest script using pat
ado auth not using pat uses rbac and 'api permissions' needes to be modified on app registation to add 'devops' permissions before token will work
#>
param(
#[Parameter(Mandatory = $true)]
$organization,
#[Parameter(Mandatory = $true)]
$project,
$devopsApiUrl = "https://dev.azure.com/$organization/$project/_apis/",
$query = "serviceendpoint/endpoints",
$clientId,
$clientSecret,
$pat,
[ValidateSet("get", "post", "put")]
$method = "get",
[ValidateSet('application/x-www-form-urlencoded', 'application/json', 'application/xml')]
$contentType = 'application/json',
$apiVersion = '7.1-preview.4',
$body = @{
'type' = 'servicefabric'
'api-version' = $apiVersion
'endpointNames' = 'serviceFabricConnection'
},
$headers = @{}
)
function main() {
if(!($pat -or !($cliendId -or $clientSecret)) -or !$organization -or !$project) {
write-error '$pat or $clientid and $clientSecret, $organization, and $project all need to be specified'
return
}
$global:accessToken = $null
if (!$pat) {
if (get-adoAuthToken) {
get-adoSfConnection
}
}
else {
get-adoSfConnection
}
}
function get-adoAuthToken() {
# requires app registration api permissions with 'devops' added
# so cannot use internally
$global:accessToken = $null
write-host "rest logon"
$global:result = $null
$error.clear()
$endpoint = "https://login.windows.net/$tenantId/oauth2/token"
#$endpoint = "https://app.vssps.visualstudio.com/oauth2/token"
$Body = @{
'resource' = 'https://app.vssps.visualstudio.com/'
'client_id' = $clientId
'grant_type' = 'client_credentials'
'client_secret' = $clientSecret
}
$params = @{
ContentType = 'application/x-www-form-urlencoded'
Headers = @{'accept' = '*/*' }
Body = $Body
Method = 'Post'
URI = $endpoint
}
write-host ($body | convertto-json)
write-host ($params | convertto-json)
write-host $clientSecret
$error.Clear()
$result = Invoke-RestMethod @params -Verbose -Debug
write-host "result: $($result | convertto-json)"
write-host "rest logon finished"
$global:accessToken = $result.access_token
return ($global:accessToken -ne $null)
}
function get-adoSfConnection () {
#
# get current ado sf connection
#
write-host "getting service fabric service connection"
if ($pat) {
$base64pat = [Convert]::ToBase64String([System.Text.ASCIIEncoding]::ASCII.GetBytes([string]::Format("{0}:{1}", "", $pat)));
$adoAuthHeader = @{
'authorization' = "Basic $base64pat"
'content-type' = $contentType
}
}
else {
$adoAuthHeader = @{
'authorization' = "Bearer $global:accessToken"
'content-type' = $contentType
}
}
$parameters = @{
Uri = $devopsApiUrl + $query
Method = $method
Headers = $adoAuthHeader
Erroraction = 'continue'
Body = $body
}
write-host "ado connection parameters: $($parameters | convertto-json)"
write-host "invoke-restMethod -uri $([system.web.httpUtility]::UrlDecode($url)) -headers $adoAuthHeader"
$error.clear()
$global:result = invoke-RestMethod @parameters
write-host "rest result: $($global:result | convertto-json -Depth 99)"
if ($error) {
write-error "exception: $($error | out-string)"
return $null
}
return $global:result
}
main