I have created an PAT from azure devops. Now i have create a react app to handle all the api logics. I have a login screen now user need to enter the DEVOPS_TOKEN, ORGANISATION_NAME. How can i validate the user token at login. I couldn't find any api for validate the user.
Any suggestions would be helpful.
After a bit of investigation i found out a way to validate the user. There is an api that is available in Azure Devops: https://dev.azure.com/{ORGANISATION_NAME}/_apis/connectionData.
Need to pass the encoded token in header parameter that results the user authorization.
{
"authenticatedUser": {
"id": "123-13-131231231-123-123-123-123",
"descriptor": "Microsoft.IdentityModel.Claims.ClaimsIdentity;123-13-131231231-123-123-123-123\\user#domain.com",
"subjectDescriptor": "aad.Masdasdpadspoadsjpaodsjapodj",
"providerDisplayName": "User Name",
"isActive": true,
"properties": {
"Account": {
"$type": "System.String",
"$value": "user#domain.com"
}
},
"resourceVersion": 2,
"metaTypeId": 0
},
"authorizedUser": {
"id": "123-13-131231231-123-123-123-123",
"descriptor": "Microsoft.IdentityModel.Claims.ClaimsIdentity;123-13-131231231-123-123-123-123\\user#domain.com",
"subjectDescriptor": "aad.Masdasdpadspoadsjpaodsjapodj",
"providerDisplayName": "User Name",
"isActive": true,
"properties": {
"Account": {
"$type": "System.String",
"$value": "user#domain.com"
}
},
"resourceVersion": 2,
"metaTypeId": 0
},
"instanceId": "123-13-131231231-123-123-123-123",
"deploymentId": "123-13-131231231-123-123-123-123",
"deploymentType": "hosted",
"locationServiceData": {
"serviceOwner": "123-13-131231231-123-123-123-123",
"defaultAccessMappingMoniker": "PublicAccessMapping",
"lastChangeId": 12313123,
"lastChangeId64": 123123123
}
}
Related
I am creating a test run in Azure Devops with Rest API. A sample POST request I make is like:
{
"name": "Test Run Name",
"automated": true,
"plan": {
"id": 11111111,
"name": null,
"url": null,
"state": null,
"iteration": null
},
"pointIds": [
222222222222
],
"build": {
"id": "2222233455",
"buildNumber": "buildNumberjlkajdlajsldj",
"uri": "vstfs:///Build/Build/2222222222",
"sourceBranch": "refs/pull/22222/merge",
"definition": {
"id": "2222"
}
},
"buildConfiguration": {
"id": 3333333,
"number": "buildNumberjlkajdlajsldj",
"uri": "vstfs:///Build/Build/222222222222"
},
"owner": {
"id": "44444444-2222-bbbb-aaaa-1111111111",
"descriptor": "aad.AAAAAAAAAAAAAAAAAAAAAAAAAA"
}
}
But here owner information is ignored and owner is assigned as authorized user of the requester. The requested account have necessary permissions.
Do I make something wrong or owner information cannot be assigned to another user?
I need to know if there is a way to delete a user from databricks using email only using SCIM api? As of now I can see it can only delete user by ID which means I need to first retrive the ID of the user and then use it to delete.
I am using this api from powershell to delete users by email.
https://learn.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/scim/scim-users
If you look into the documentation for Get Users command of SCIM Users REST API, you can see that you can specify the filtering condition for it. For example, to find specific user, you can filter on the userName attribute, like this:
GET /api/2.0/preview/scim/v2/Users?filter=userName+eq+example#databricks.com HTTP/1.1
Host: <databricks-instance>
Accept: application/scim+json
Authorization: Bearer dapi48…a6138b
it will return a list of items in the Resources section, from which you can extract user ID that you can use for delete operation:
{
"totalResults": 1,
"startIndex": 1,
"itemsPerPage": 1,
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"Resources": [
{
"id": "8679504224234906",
"userName": "example#databricks.com",
"emails": [
{
"type": "work",
"value": "example#databricks.com",
"primary": true
}
],
"entitlements": [
{
"value": "allow-cluster-create"
},
{
"value": "databricks-sql-access"
},
{
"value": "workspace-access"
}
],
"displayName": "User 1",
"name": {
"familyName": "User",
"givenName": "1"
},
"externalId": "12413",
"active": true,
"groups": [
{
"display": "123",
"type": "direct",
"value": "13223",
"$ref": "Groups/13223"
}
]
}
]
}
#Using Azure DevOps pipeline release with a powershell script and a json template file and json parameter #file. Note-authenticating to the azure portal requires multi factor authentication (ie.authenticator on my mobile)
#'ERROR- >>>>> <strong>"Showing a modal dialog box or form when the application is not running in #UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly #style to display a notification from a service application."</strong>
#(Note- Bottom of logs immediately below contains this modal error.)'
2020-11-14T20:33:38.7159389Z ##[section]Starting: WebApp_Create01
2020-11-14T20:33:38.7499602Z ==============================================================================
2020-11-14T20:33:38.7499865Z Task : Azure PowerShell
2020-11-14T20:33:38.7499927Z Description : Run a PowerShell script within an Azure environment
2020-11-14T20:33:38.7499981Z Version : 3.1.28
2020-11-14T20:33:38.7500050Z Author : Microsoft Corporation
2020-11-14T20:33:38.7500132Z Help : https://learn.microsoft.com/azure/devops/pipelines/tasks/deploy/azure-powershell
2020-11-14T20:33:38.7500215Z ==============================================================================
2020-11-14T20:33:40.5542183Z ##[command]Import-Module -Name C:\Program Files\WindowsPowerShell\Modules\AzureRM\6.13.1\AzureRM.psd1 -Global
2020-11-14T20:33:54.9421385Z ##[command]Clear-AzureRmContext -Scope Process
2020-11-14T20:33:55.3824175Z ##[command]Disable-AzureRmContextAutosave -ErrorAction Stop
2020-11-14T20:33:56.1766169Z ##[command]Add-AzureRMAccount -ServicePrincipal -Tenant *** -Credential System.Management.Automation.PSCredential -Environment AzXXXXXXXXXXXXXnt #processScope
2020-11-14T20:33:57.8815316Z ##[command] Select-AzureRMSubscription -SubscriptionId c27XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2 -TenantId ***
2020-11-14T20:33:58.5484671Z ##[command]& 'C:\agent\Workfolder_CloudUiPathAgent03\_temp\939d1XXXXXXXXXXXXXXXXXXXXXXXX2127.ps1'
2020-11-14T20:33:58.7424214Z ##[command]Disconnect-AzureRmAccount -Scope Process -ErrorAction Stop
2020-11-14T20:33:59.1018440Z ##[command]Clear-AzureRmContext -Scope Process -ErrorAction Stop
<strong>2020-11-14T20:33:59.7603535Z ##[error]Showing a modal dialog box or form when the application is not running in UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a service application.</strong>
2020-11-14T20:33:59.8133689Z ##[section]Finishing: WebApp_Create01
<br>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
#The immediately below is the ps1 pasted into the section for the "Inline" script. Pipeline was #created as "Azure Powershell":
Connect-AzureRmAccount -Environment AzXXXXXXXXXXXXXnt -TenantId '410XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXf1d' -Force
Select-AzureRmSubscription -Subscription "c271XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX832"
# Tried both Connect-AzureRmAccount and Login-AzureRmAccount without any success?
#Login-AzureRmAccount -Environment AzXXXXXXXXXXXXXt | Out-Null
#Select-AzureRmSubscription -Subscription "c271XXXXXXXXXXXXXXXXXXXXXXXXX832" | Out-Null
<br>
# Deploy App Service Plan, Web App & Deployment Slots
$DeploymentParametersBuildVM = #{
ResourceGroupName = 'DXXXXXXXXXXXXXXXXXXXXXXXXamic'
TemplateUri = 'https://dXXXXXXXXXXXXXXXXX.blob.core.XXXXXcloudapi.net/blob-uXXXXXXXXXXXXXXXXXXXXXXXXX7/webappcreate.json'
TemplateParameterFile = "https://XXXXXXXXXXXXXapi.net/blob-uXXXXXXXXXXXXXXXXXXXXXXXXX7/webappcreate.parameters.json"
Verbose = $true
webAppName = 'uXXXXXXXXXXXXXXXXXXXXXXXXXXX7'
hostingPlanName = 'WebXXXXXXXXXXXXXXXXXXXXXX01'
templateSasToken = 'mtAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXpSTQ=='
subscriptionId = 'c271XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX832'
name = 'uXXXXXXXXXXXXXXXXXXXXX7'
location = 'UXXXXXXXXXXXXXXX'
serverFarmResourceGroup = 'DXXXXXXXXXXXXXXXXXXXXXXXXamic'
Tenantid = '410XXXXXXXXXXXXXXXXXXXXXXXXXXXf1d'
alwaysOn = 'off'
sku = 'Free'
skuCode = 'F1'
workerSize = '0'
workerSizeId = '0'
numberOfWorkers = '1'
currentStack = 'dotnet'
phpVersion = 'OFF'
appInsightValue = 'uXXXXXXXXXXXXXXXXXXXXXXo7Insight'
netFrameworkVersion = 'v4.0'
azureAccountPassword = '12XXXXXXXXXXXXXXXXXditto'
accountid = 'a183XXXXXXXXXXXXXXXXXXXXXXXXXXXXX68fa'
Credential = '12XXXXXXXXXXXXXXXXXditto'
ServicePrincipal = '_MV_XXXXXXXXXXXXXXXXXXXXXXXXXXXX9~1e'
}
# DEPLOY
New-AzureRmResourceGroupDeployment #DeploymentParametersBuildVM
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
#webapp.parameters.json (this is the azure webapp "parameter" json immediately below):
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"subscriptionId": {
"value": "c271XXXXXXXXXXXXXXXXXXXXXXXXXXXXX832"
},
"name": {
"value": "uXXXXXXXXXXXXXXXXXXX7"
},
"location": {
"value": "UXXXXXXXXXXXXXX"
},
"hostingPlanName": {
"value": "WebXXXXXXXXXXXXXXXXXXX01"
},
"serverFarmResourceGroup": {
"value": "DXXXXXXXXXXXXXXXXXXXic"
},
"alwaysOn": {
"value": "true"
},
"sku": {
"value": "Free"
},
"skuCode": {
"value": "F1"
},
"workerSize": {
"value": "0"
},
"workerSizeId": {
"value": "0"
},
"numberOfWorkers": {
"value": "1"
},
"currentStack": {
"value": "dotnet"
},
"phpVersion": {
"value": "OFF"
},
"appInsightValue": {
"value": "uXXXXXXXXXXXXXXXXXX7Insight"
},
"netFrameworkVersion": {
"value": "v4.0"
}
}
}
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
#webappacreate.json (this is the azure webapp "template" json immediately below)
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"subscriptionId": {
"type": "string"
},
"name": {
"type": "string"
},
"location": {
"type": "string"
},
"hostingPlanName": {
"type": "string"
},
"serverFarmResourceGroup": {
"type": "string"
},
"alwaysOn": {
"type": "bool"
},
"sku": {
"type": "string"
},
"skuCode": {
"type": "string"
},
"workerSize": {
"type": "string"
},
"workerSizeId": {
"type": "string"
},
"numberOfWorkers": {
"type": "string"
},
"currentStack": {
"type": "string"
},
"phpVersion": {
"type": "string"
},
"appInsightValue": {
"type": "string"
},
"netFrameworkVersion": {
"type": "string"
}
},
"variables": {
"appInsightName": "[concat('microsoft.insights/components/',parameters('appInsightValue'))]"
},
"resources": [
{
"apiVersion": "2018-11-01",
"name": "[parameters('name')]",
"type": "Microsoft.Web/sites",
"location": "[parameters('location')]",
"tags": {},
"dependsOn": [
"[concat('microsoft.insights/components/',parameters('appInsightValue'))]",
"[concat('Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]"
],
"properties": {
"name": "[parameters('name')]",
"siteConfig": {
"appSettings": [
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(variables('appInsightName'), '2015-05-01').InstrumentationKey]"
},
{
"name": "APPLICATIONINSIGHTS_CONNECTION_STRING",
"value": "[reference(variables('appInsightName'), '2015-05-01').ConnectionString]"
},
{
"name": "ApplicationInsightsAgent_EXTENSION_VERSION",
"value": "~2"
},
{
"name": "XDT_MicrosoftApplicationInsights_Mode",
"value": "default"
}
],
"metadata": [
{
"name": "CURRENT_STACK",
"value": "[parameters('currentStack')]"
}
],
"phpVersion": "[parameters('phpVersion')]",
"netFrameworkVersion": "[parameters('netFrameworkVersion')]",
"alwaysOn": "[parameters('alwaysOn')]"
},
"serverFarmId": "[concat('/subscriptions/', parameters('subscriptionId'),'/resourcegroups/', parameters('serverFarmResourceGroup'), '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]",
"clientAffinityEnabled": true
}
},
{
"apiVersion": "2018-11-01",
"name": "[parameters('hostingPlanName')]",
"type": "Microsoft.Web/serverfarms",
"location": "[parameters('location')]",
"kind": "",
"tags": {},
"dependsOn": [],
"properties": {
"name": "[parameters('hostingPlanName')]",
"workerSize": "[parameters('workerSize')]",
"workerSizeId": "[parameters('workerSizeId')]",
"numberOfWorkers": "[parameters('numberOfWorkers')]"
},
"sku": {
"Tier": "[parameters('sku')]",
"Name": "[parameters('skuCode')]"
}
},
{
"apiVersion": "2015-05-01",
"name": "[parameters('appInsightValue')]",
"type": "microsoft.insights/components",
"location": "[parameters('location')]",
"tags": {},
"properties": {
"ApplicationId": "[parameters('name')]",
"Request_Source": "IbizaWebAppExtensionCreate"
}
}
]
}
According to the error message, it seems you need to set the options of MessageBox.Show to either ServiceNotification or DefaultDesktopOnly. You can try the workaround provided in this ticket: adding MessageBoxOptions.ServiceNotification
MessageBox.Show(msg, "Print Error", System.Windows.Forms.MessageBoxButtons.YesNo,
System.Windows.Forms.MessageBoxIcon.Error,
System.Windows.Forms.MessageBoxDefaultButton.Button1,
System.Windows.Forms.MessageBoxOptions.ServiceNotification);
But, MessageBox is for use within windows (as opposed to web) applications. It would attempt to open a message box on the server. Here is a ticket you can refer to.
Found out that no authentication was required for azure devops pipeline hence no login or connect is required. This got rid of the popup (modal error).
Next I checked with the azure devops person and he said to not use powershell in the pipeline.
He recommended "Azure Resource Group Deployment" option for the pipeline release. This does not require any initiation script but just a json template and a json parameter.
Thank You.
I am building an action with the new Actions Builder and everything is going pretty smoothly. I just setup account linking and can successfully link my account, however, once I do link my account there is no token included in the subsequent requests for me to use, even though the account linking status is in the request as "LINKED". Can anyone shed any light on why I am not seeing a token?
For reference, here is a version of one of my requests.
{
"requestJson": {
"handler": {
"name": "main"
},
"intent": {
"name": "actions.intent.MAIN",
"params": {},
"query": "Talk to my new app"
},
"scene": {
"name": "actions.scene.START_CONVERSATION",
"slotFillingStatus": "UNSPECIFIED",
"slots": {},
"next": {
"name": "ListPrompt"
}
},
"session": {
"id": "ABwppHE7M6NS8KdyjljEptrtZZ5GkE3qDdaiwjYbL9ehrA-t_c-ZsCrZ_WhN0ZTG5lXXXXXXhU6Im5vgeSwow",
"params": {},
"typeOverrides": [],
"languageCode": ""
},
"user": {
"locale": "en-US",
"params": {},
"accountLinkingStatus": "LINKED",
"verificationStatus": "VERIFIED",
"packageEntitlements": [],
"lastSeenTime": "2020-07-13T12:02:42Z"
},
"home": {
"params": {}
},
"device": {
"capabilities": [
"SPEECH",
"RICH_RESPONSE",
"LONG_FORM_AUDIO"
]
}
}
}
The Google docs for the Account Linking with the new Actions Builder have now been updated with additional information. The token is now provided within the headers of the incoming request. Details of how to find and decode this can be found at https://developers.google.com/assistant/identity/google-sign-in#handle_data_access_requests
I'm trying to replicate an Azure DevOps process from one organization to another via the AZDO REST Api. I'm working on replicating the layout and am stuck because I can't discover the relationship between a custom field and a picklist when querying the source AZDO instance.
In my scenario I have a test work item type which I've called Issue. On the Issue interface I've created a custom field which is a picklist. While I can retrieve a list of lists via the Rest API and examine the field as well, I can't figure out how the two are related.
Here is a partial payload from the field:
{
"count": 39,
"value": [
...
{
"referenceName": "Custom.IssueSource",
"name": "Issue Source",
"type": "string",
"description": "Who is this attributed to",
"required": true,
"url": "https://dev.azure.com/MYORG/_apis/work/processes/f390103e-7097-4f19-b5b5-f9dbcf92bb6f/behaviors",
"customization": "custom"
},
... ]
}
and here is a partial payload from the lists get query which I used trial and error to determine was the picklist I've assigned:
{
"count": 10,
"value": [
...
{
"id": "2998d4e4-2bec-4935-98a1-b67a0b0b6d5d",
"name": "picklist_e854661e-8620-4ad9-be28-b974c5cb3a5d",
"type": "String",
"isSuggested": false,
"url": "https://dev.azure.com/MYORG/_apis/work/processes/lists/2998d4e4-2bec-4935-98a1-b67a0b0b6d5d"
},
...
]
}
Here is a partial layout response for the WIT:
{
"pages": [
{
"id": "d0171d51-ff84-4038-afc1-8800ab613160.System.WorkItemType.Details",
"inherited": true,
"label": "Details",
"pageType": "custom",
"visible": true,
"isContribution": false,
"sections": [
{
"id": "Section1",
"groups": [
...
{
"id": "bf03e049-5062-4d82-b91d-4396541fbed2",
"label": "Custom",
"isContribution": false,
"visible": true,
"controls": [
{
"id": "Custom.IssueSource",
"label": "Issue Source",
"controlType": "FieldControl",
"readOnly": false,
"visible": true,
"isContribution": false
}
]
}
]
},
... ]
}
Using fiddler against the AZDO web interface, the only time I see a reference to the picklist is from another non-AZDO API to https://dev.azure.com/MYORG/_apis/Contribution/dataProviders/query
Is there a way to discover the link via the AZDO Rest API? I saw this question which was similar but was about creating the link
Figured it out. Turns out you need to query from a different scope - work item tracking rather than work item tracking process:
https://dev.azure.com/MYORG/_apis/wit/fields/Custom.IssueSource?api-version=5.0-preview.2
returns
{
"name": "Issue Source",
"referenceName": "Custom.IssueSource",
"description": "Who is this attributed to",
"type": "string",
"usage": "workItem",
"readOnly": false,
"canSortBy": true,
"isQueryable": true,
...
"isIdentity": false,
--> "isPicklist": true,
"isPicklistSuggested": false,
--> "picklistId": "2998d4e4-2bec-4935-98a1-b67a0b0b6d5d",
"url": "https://dev.azure.com/MYORG/_apis/wit/fields/Custom.IssueSource"
}