Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot pass PowerShell array as $mylist to Azure CLI #23797

Closed
jacksch opened this issue Sep 7, 2022 · 6 comments
Closed

Cannot pass PowerShell array as $mylist to Azure CLI #23797

jacksch opened this issue Sep 7, 2022 · 6 comments
Assignees
@jiasli
Labels
AAD Auto-Assign Auto assign by bot Azure CLI Team The command of the issue is owned by Azure CLI team customer-reported Issues that are reported by GitHub users external to the Azure organization. Graph az ad Installation question The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Milestone
Backlog

Comments

@jacksch
Copy link

jacksch commented Sep 7, 2022
edited
Loading

Related command

az ad app update

Describe the bug

--Using Powershell--
Adding a redirect URI to an app is common practice for us.
--web-redirect-uris is rather particular with how values are given to it. As of 2.37 with the migration of az ad to Microsoft Graph API, we use the following script to append a single URI to the list and it's worked pretty well:

$app = az ad app show --id $appId | ConvertFrom-Json
$redirectUris = $app.web.redirectUris
$redirectUris += $newRedirectUri
$redirectUris = $redirectUris | ForEach-Object {"`"$_`""}
az ad app update --id $appId --web-redirect-uris $redirectUris

This has been sufficient until 2.40, where this no longer works. I have not been able to figure out a way to pass multiple URIs in a Powershell variable to --web-redirect-uris.

To Reproduce

Use Az CLI 2.39:

  1. Create a App Registration in AAD. Add two or three redirect URIs.
    a. I.e., https://site1.example.com/signin-oidc, https://site2.example.com/signin-oidc
  2. Assign a new URI to $newRedirectUri variable (or similar), and run the script snippet.
  3. The command should be successful

$redirectUris should appear like so when printed to console:

"https://site1.example.com/signin-oidc"
"https://site2.example.com/signin-oidc"
"https://site3.example.com/signin-oidc"

Try again with Az CLI 2.40. It no longer works:
One or more properties contains invalid values.

Expected behavior

At least in Powershell, each URI must be wrapped in quotes. Double quotes works for us because we're using vars. This is achieved with line 4 of the script. Each URI must also be space separated as per the documentation. The $redirectUris variable is an array, however Powershell appears to just print out each URI sequentially when the command is run. It behaves like so:
az ad app update --id $AppId --web-redirect-uris "https://site1.example.com/signin-oidc" "https://site2.example.com/signin-oidc" "https://site3.example.com/signin-oidc" "https://site4.example.com/signin-oidc"
This satisfies the command as of 2.39.

Environment summary

Az CLI 2.40, Windows 11, Powershell 7

Additional context

There does not appear to be any changes to az ad for 2.40 according to the release notes.
The --set flag doesn't appear to be much use either. Perhaps I am using it wrong, but that's outside of the scope of this issue.
(If someone knows how to update redirect URIs using --set, I'd love to know how!
@ghost ghost added customer-reported Issues that are reported by GitHub users external to the Azure organization. Auto-Assign Auto assign by bot Graph az ad labels Sep 7, 2022
@ghost ghost assigned jiasli Sep 7, 2022
@ghost ghost added this to the Backlog milestone Sep 7, 2022
@yonzhan
Copy link
Collaborator

yonzhan commented Sep 7, 2022

@jiasli for awareness

@yonzhan yonzhan added Azure CLI Team The command of the issue is owned by Azure CLI team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Sep 7, 2022
@jiasli
Copy link
Member

jiasli commented Sep 7, 2022
edited
Loading

This error is not a breaking change. Previously that $newRedirectUri works is by accident, and Azure CLI was never designed to take a PowerShell array. The correct way to pass a list to Azure CLI is to provide space-separated values, as documented by the argument help:

> az ad app update --help
...
    --web-redirect-uris            : Space-separated values. Specifies the URLs where user tokens
                                     are sent for sign-in, or the redirect URIs where OAuth 2.0
                                     authorization codes and access tokens are sent.

The entry script az is now a ps1 script located at C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin\az.ps1 (#23514).

The correct way to pass a list as multiple arguments is to use @ splatting.

> $mylist = "a", "b"
> az --debug @mylist
cli.knack.cli: Command arguments: ['--debug', 'a', 'b']

# This is wrong
> az --debug $mylist
cli.knack.cli: Command arguments: ['--debug', 'a b']

@jiasli jiasli mentioned this issue Sep 7, 2022
Closed
@jiasli
Copy link
Member

jiasli commented Sep 8, 2022
edited
Loading

Sometimes $mylist may contain only one item. @mylist will cause "abc" to be split:

> $mylist = "abc"
> az --debug @mylist
cli.knack.cli: Command arguments: ['--debug', 'a', 'b', 'c']

Instead, use

> $mylist = @("abc")
> az --debug @mylist
cli.knack.cli: Command arguments: ['--debug', 'abc']

See https://docs.microsoft.com/en-us/powershell/scripting/learn/deep-dives/everything-about-arrays?view=powershell-7.2

@jacksch
Copy link
Author

jacksch commented Sep 8, 2022

Thank you so much! This is exactly the help we needed.
I felt like I was missing something, and this was it!

@kmkelly2015
Copy link

Thank you @jiasli , I second what @jacksch said, this has saved us a lot of pain.

@jiasli
Copy link
Member

jiasli commented Sep 13, 2022
edited
Loading

Similarly, argument names can also be included in the array:

> $Params = @(
  'keyvault', 'network-rule', 'add',
  '--resource-group', 'ResourceGroupName',
  '--name', 'KeyVaultName',
  '--ip-address', 'IPAddress'
)
> az --debug @Params
DEBUG: cli.knack.cli: Command arguments: ['--debug', 'keyvault', 'network-rule', 'add', '--resource-group', 'ResourceGroupName', '--name', 'KeyVaultName', '--ip-address', 'IPAddress']

Note: Don't really put --debug as the first argument. The command will fail. It's only used to demonstrate the arguments received by az.

This was referenced Sep 13, 2022
Closed
Closed
@jiasli jiasli closed this as completed Sep 14, 2022
This was referenced Sep 19, 2022
Closed
Closed
Closed
Closed
This was referenced Sep 19, 2022
Closed
Closed
Closed
@evelyn-ys evelyn-ys mentioned this issue Sep 20, 2022
Closed
@jiasli jiasli changed the title Cannot pass --web-redirect-uris multiple URIs with Powershell variable Cannot pass PowerShell array Sep 27, 2022
@jiasli jiasli changed the title Cannot pass PowerShell array Cannot pass PowerShell array as $mylist to Azure CLI Sep 27, 2022
@jiasli jiasli mentioned this issue Sep 27, 2022
Merged
@t-bzhan t-bzhan mentioned this issue Oct 9, 2022
Closed
@RakeshMohanMSFT RakeshMohanMSFT mentioned this issue Oct 11, 2022
Closed
@t-bzhan t-bzhan mentioned this issue Oct 13, 2022
Closed
@jiasli jiasli mentioned this issue Mar 1, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jiasli jiasli

Labels
AAD Auto-Assign Auto assign by bot Azure CLI Team The command of the issue is owned by Azure CLI team customer-reported Issues that are reported by GitHub users external to the Azure organization. Graph az ad Installation question The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Projects
None yet
Milestone
Backlog
Development

Successfully merging a pull request may close this issue.

{Core} Entry script: Use @args to tolerate incorrectly passing list with $ jiasli/azure-cli
4 participants
@jiasli @kmkelly2015 @jacksch @yonzhan