CODEWITHSUNDEEP
powershellazure-ad-graph-api
Justin Dearing
Justin Dearing

Reputation: 14928

Exposing the Connection token from Connect-AzureAd

I am using the AzureAd Powershell module for user management. However it does not have all the functionality that I need, specifically, I can't assign Application Extension values to objects, (although I can create delete and remove application extensions themselves via [Get/New/Remove]-AzureADApplicationExtensionProperty).

I know from watching the API calls with Fiddler that the graph calls are using bearer tokens, and I've called the graph API directly from Postman manually so I know how to use the Bearer token if I could get it. How do I get it?

Upvotes: 1

Views: 2874

Answers (1)

Justin Dearing
Justin Dearing

Reputation: 14928

To get the token simply use:

$token = [Microsoft.Open.Azure.AD.CommonLibrary.AzureSession]::AccessTokens['AccessToken']

But how could one come to this conclusion?

First look for where the module is located:

(Get-Module AzureAd).Path
C:\Program Files\WindowsPowerShell\Modules\AzureAD\2.0.1.3\Microsoft.Open.AzureAD16.Graph.PowerShell.dll

Now lets just make 2 assumptions. First that the token is stored in a static member of a static class, and second that it might not be stored in that dll, but any of the DLLs in the folder.

$fileInfo = New-Object 'IO.FileInfo' (Get-Module AzureAd).Path
$moduleFolder = $fileInfo.Directory.FullName
$assemblies = [AppDomain]::CurrentDomain.GetAssemblies() | where { $_.Location -ne $null -and  $_.Location.StartsWith($moduleFolder)}
$assemblies | select -expandproperty ExportedTypes | Where { $_.IsSealed -and $_.IsAbstract } | Select Name, FullName

That last line btw is because of the weird way static types are noted in IL.

Which outputs a very small list:

Name                                          FullName
----                                          --------
RestSharpExtensionMethods                     Microsoft.Open.Azure.AD.CommonLibrary.RestSharpExtensionMethods
AzureSession                                  Microsoft.Open.Azure.AD.CommonLibrary.AzureSession
DictionaryExtensions                          Microsoft.Open.Azure.AD.CommonLibrary.DictionaryExtensions
Logger                                        Microsoft.Open.Azure.AD.CommonLibrary.Logger
ImageUtils                                    Microsoft.Open.Azure.AD.CommonLibrary.Utilities.ImageUtils
SecureStringExtension                         Microsoft.Open.Azure.AD.CommonLibrary.Extensions.SecureStringExtension
AzureEnvironmentConstants                     Microsoft.Open.Azure.AD.CommonLibrary.AzureEnvironment+AzureEnvironmentConstants
TypeToOdataTypeMapping                        Microsoft.Open.AzureAD16.Client.TypeToOdataTypeMapping
JsonConvert                                   Newtonsoft.Json.JsonConvert
Extensions                                    Newtonsoft.Json.Linq.Extensions
Extensions                                    Newtonsoft.Json.Schema.Extensions
TypeToOdataTypeMapping                        Microsoft.Open.MSGraphV10.Client.TypeToOdataTypeMapping
AdalError                                     Microsoft.IdentityModel.Clients.ActiveDirectory.AdalError
AuthenticationContextIntegratedAuthExtensions Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions
AdalOption                                    Microsoft.IdentityModel.Clients.ActiveDirectory.AdalOption
MiscExtensions                                RestSharp.Extensions.MiscExtensions
ReflectionExtensions                          RestSharp.Extensions.ReflectionExtensions
ResponseExtensions                            RestSharp.Extensions.ResponseExtensions
ResponseStatusExtensions                      RestSharp.Extensions.ResponseStatusExtensions
StringExtensions                              RestSharp.Extensions.StringExtensions
XmlExtensions                                 RestSharp.Extensions.XmlExtensions
RestClientExtensions                          RestSharp.RestClientExtensions
SimpleJson                                    RestSharp.SimpleJson

We could pipe through Out-Gridview if the list was longer, but my attention was immediatly drawn to AzureSession. After that a little PowerShell autocomplete, and I found my way to [Microsoft.Open.Azure.AD.CommonLibrary.AzureSession]::AccessTokens['AccessToken']

Upvotes: 6

Related Questions