Permalink
Browse files

Updated README and added ServicePrincipal Scripts

  • Loading branch information...
1 parent a0d85f6 commit 246b6c548155e51b2220e5924ceb6ff59edd3ac7 Brandon Werner committed Jul 11, 2012
View
59 WAAD.WebSSO.PHP/README-FIRST.txt
@@ -0,0 +1,59 @@
+
+PRE-REQUISITES BEFORE USING THIS SAMPLE
+
+*************************************************
+
+Step 1: Create the Microsoft.Samples.Waad.PS.dll
+
+*************************************************
+
+In order to use the PowerShell cmdlets provided under the %ROOT%/php/scripts/ directory, you will need to build the DLL that provides the WAAD functionality.
+
+We have included the source for building this DLL in this code for your convenience. It is located at:
+
+%ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/
+
+You have two options to build this DLL:
+
+1. Build using VS 2010 Tools Command Line and included batch file
+
+You can build this DLL easily by running:
+
+ %ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/buildWaadPS.bat
+
+This will build the DLL and copy the DLL to the correct location under %ROOT%/php/scripts/
+
+2. Load the .csproj file and build under Visual Studio 2010 or higher
+
+This is located under %ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS. You will need to ensure that the Microsoft.Samples.Waad.PS.dll file is moved to the correct location under %ROOT%/csharp/scripts/
+
+
+The rest of the setup instructions and walk-through are located at:
+
+http://www.windowsazure.com/en-us/develop/php/how-to-guides/web-sso/
+
+
+********************************************************************
+
+STEP 2: Download the simpleSAMLphp library
+
+********************************************************************
+
+ SimpleSAMLphp is an award-winning application written in native PHP that deals with authentication. The project is led by UNINETT, has a large user base, a helpful user community and a large set of external contributors.
+
+SimpleSAMLphp is having a main focus on providing support for:
+ •SAML 2.0 as a Service Provider.
+ •SAML 2.0 as a Identity Provider.
+
+But also supports some other identity protocols, such as Shibboleth 1.3, A-Select, CAS, OpenID, WS-Federation and OAuth.
+
+You can download this by going to: http://simplesamlphp.org/
+
+and including the base install underneath the root directory such as:
+
+%ROOT/simplesamlphp
+
+
+
+Enjoy!
+
View
44 WAAD.WebSSO.PHP/README.txt
@@ -1,44 +0,0 @@
-
-IMPORTANT STEPS BEFORE USING THIS SAMPLE:
-
-********************************************************************
-
-STEP 1: Compile the Microsft.Samples.Waad.PS.dll from command line
-
-********************************************************************
-
-In order to use this example correctly, you will need to built the PowerShell DLL to provide the correct loading of the Microsoft.Samples.Waad.PS linka as referred to in the documentation.
-
-The source for this DLL is included under %ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS
-
-You may either load this in to Visual Studio 2008 / 2010 and build, or you may use the included script as follows:
-
-%ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/buildWaadPS.bat
-
-It's a simple MSBuild script that will run the default MSBuild with DEBUG configuration and copy the correct .dll in to the \java\
-scripts\ directory
-
-********************************************************************
-
-STEP 2: Download the simpleSAMLphp library
-
-********************************************************************
-
- SimpleSAMLphp is an award-winning application written in native PHP that deals with authentication. The project is led by UNINETT, has a large user base, a helpful user community and a large set of external contributors.
-
-SimpleSAMLphp is having a main focus on providing support for:
- •SAML 2.0 as a Service Provider.
- •SAML 2.0 as a Identity Provider.
-
-But also supports some other identity protocols, such as Shibboleth 1.3, A-Select, CAS, OpenID, WS-Federation and OAuth.
-
-You can download this by going to: http://simplesamlphp.org/
-
-and including the base install underneath the root directory such as:
-
-%ROOT/simplesamlphp
-
-
-
-Enjoy!
-
View
67 ...harp/code/libraries/powershell/Microsoft.Samples.Waad.PS/Microsoft.Samples.Waad.PS.csproj
@@ -1,67 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
- <PropertyGroup>
- <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
- <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
- <ProductVersion>8.0.30703</ProductVersion>
- <SchemaVersion>2.0</SchemaVersion>
- <ProjectGuid>{86F6679C-7D26-4E36-BB85-C42FA25F30CA}</ProjectGuid>
- <OutputType>Library</OutputType>
- <AppDesignerFolder>Properties</AppDesignerFolder>
- <RootNamespace>Microsoft.Samples.Waad.PS</RootNamespace>
- <AssemblyName>Microsoft.Samples.Waad.PS</AssemblyName>
- <TargetFrameworkVersion>v2.0</TargetFrameworkVersion>
- <FileAlignment>512</FileAlignment>
- <TargetFrameworkProfile />
- </PropertyGroup>
- <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
- <DebugSymbols>true</DebugSymbols>
- <DebugType>full</DebugType>
- <Optimize>false</Optimize>
- <OutputPath>bin\Debug\</OutputPath>
- <DefineConstants>DEBUG;TRACE</DefineConstants>
- <ErrorReport>prompt</ErrorReport>
- <WarningLevel>4</WarningLevel>
- <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
- </PropertyGroup>
- <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
- <DebugType>pdbonly</DebugType>
- <Optimize>true</Optimize>
- <OutputPath>bin\Release\</OutputPath>
- <DefineConstants>TRACE</DefineConstants>
- <ErrorReport>prompt</ErrorReport>
- <WarningLevel>4</WarningLevel>
- </PropertyGroup>
- <ItemGroup>
- <Reference Include="System" />
- <Reference Include="System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
- <SpecificVersion>False</SpecificVersion>
- <HintPath>C:\Program Files\Reference Assemblies\Microsoft\WindowsPowerShell\v1.0\System.Management.Automation.dll</HintPath>
- </Reference>
- <Reference Include="System.Xml" />
- </ItemGroup>
- <ItemGroup>
- <Compile Include="GetOrgIdSpn.cs" />
- <Compile Include="GetOrgIdSpnResult.cs" />
- <Compile Include="Properties\AssemblyInfo.cs" />
- </ItemGroup>
- <ItemGroup>
- <None Include="Microsoft.Samples.Waad.PS.lnk" />
- </ItemGroup>
- <ItemGroup>
- <MySourceFiles Include="bin\Debug\Microsoft.Samples.Waad.PS.dll"/>
- </ItemGroup>
- <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
- <!-- To modify your build process, add your task inside one of the targets below and uncomment it.
- Other similar extension points exist, see Microsoft.Common.targets.
- <Target Name="BeforeBuild">
- </Target>
- -->
- <Target Name="AfterBuild">
- <Copy
- SourceFiles="@(MySourceFiles)"
- DestinationFolder="..\..\..\..\..\php\scripts"
- />
- </Target>
-
-</Project>
View
105 WAAD.WebSSO.PHP/php/scripts/CreateServicePrincipal.ps1
@@ -0,0 +1,105 @@
+#
+# this is a PS1 script that creates a service principal for webSSO and
+# accessing the Windows Azure Active Directory Graph API
+#
+
+
+# add a warning/disclaimer about creation of service principals
+""
+"--------------------------------------------------------------------"
+"WARNING: you are about to create a service principal that allows for this application to access your Azure Active Directory tenant. This includes access to your entire Address Book, staff heirarchy, and license information. Please proceed only if you understand what you are doing and are an Administrator for the account you wish to use"
+"-------------------------------------------------------------------"
+" "
+"NOTE: Once created, you can always view the Service Principals you have created by using the Get-MsolServicePrincipal cmdlet from this PowerShell window. For a full list of commands available, including removing Service Principals, run get-help *-msolserviceprincipal* after this script is complete. "
+""
+
+$accept = Read-Host "Do you still wish to proceed? (Y/N)"
+# fill in logic to look for Y,N, Yes, No, or nothing (default is to exit if no resonse)
+
+#ask the user for the Service Principal Name he wants to use. This ensures that during multiple runs we don't run in to conflicts
+""
+"--------------- Service Principal Name -------------------- "
+" "
+"Please enter a descriptive name for the Service Principal you wish to create."
+""
+"If you've created a Service Principal for this account before, you should use a new name or you will get an error that it already exists in this tenant."
+""
+"Example: IdentityDemo"
+""
+$servicePrincipalName = Read-Host "Enter a Service Principal Name"
+
+
+# prompt for Tenant Admin credentials, then connect to the Azure AD tenant, enable PowerShell
+# commandlets to support Service prinicpal managementy
+#
+" "
+"--------------- Get Ready To Provide Your Administrator Credentials -------------------"
+""
+"You will need your Administrator account information for the next step. You will be prompted with a login screen that you will enter these credentials in to."
+""
+"Hit any key when ready"
+" "
+$null = Read-Host
+$cr=get-credential
+connect-msolservice -credential $cr
+Import-Module MSOnlineExtended
+
+# this section is used to create a service principal credential using a symmetric key
+" "
+"--------------- Symmetric Key ---------------------"
+""
+"Using a symmetric key to idenify you to Azure Active Directory. This is currently a default key for Demo purposes. You can change it in the PowerShell script."
+" "
+$credValue = "0guCAQnwLuTtpa+jWkam1Y/gcGsRzEOOOA2+Illt5bQ="
+$credType = "Symmetric"
+
+# replyURL is used to for configuring webSSO
+$replyHost = "aadexpensedemo.cloudapp.net"
+$replyAddress = "https://" + $replyHost + "/"
+$replyUrl = New-MsolServicePrincipalAddresses –Address $replyAddress
+" "
+" ----------------- the URL of the application we will return to after SSO -------------------"
+""
+"Using: $replyAddress as the application endpoint we will redirect to after sigle sign-on is complete."
+"This should be the location of the demo app. If this looks wrong you can change it in the PowerShell script."
+" "
+
+# creating service principal using
+" "
+"--------------- Creating the Service Principal inside of Azure --------------------"
+" "
+"We are ready to create the Service Principal for your tenant."
+""
+
+"Press any key when you are ready to proceed or Cntl-C to end."
+""
+$null = Read-Host
+""
+""
+"Creating the Service Principal inside your Azure Active Directory tenant"
+" "
+""
+$sp = New-MsolServicePrincipal -ServicePrincipalNames @("$servicePrincipalName/$replyHost") -DisplayName "$ServicePrincipalName" -Addresses $replyUrl -Type $credType -Value $credValue
+
+# grant the Client app calling the Graph, Read or Write permissions
+# add the Service Principal to a Role, to enable specific application permissions
+# Read-only => "Service Support Administrator"
+# Read & Write = > "Company Administrator"
+#
+$Read = "Service Support Administrator"
+$ReadWrite = "Company Administrator"
+
+" "
+"Setting permissions to allow the Service Principal to have Read Only access to your Azure Active Directory tenant. See the PowerShell script to see how this is done."
+" "
+Add-MsolRoleMember -RoleMemberType ServicePrincipal -RoleName $Read -RoleMemberObjectId $sp.objectid
+
+$tenantId = (get-msolcompanyinformation).objectId
+
+"--------------- Script is complete ----------------------"
+""
+"Company ID (you will need to put this in the portal): " + $tenantId
+"AppPrincipal ID(you will need to put this in the portal): " + $sp.AppPrincipalId
+if ($credType = "Asymmetric"){"App Principal Secret: " + $credValue}
+"Audience URI: " + $sp.AppPrincipalID + "@" + $tenantId
+""
View
35 WAAD.WebSSO.PHP/php/scripts/If your dll is missing-read this.txt
@@ -1,16 +1,33 @@
-IMPORTANT STEPS BEFORE USING THIS SAMPLE:
-In order to use this example correctly, you will need to built the PowerShell DLL to provide the correct
-loading of the Microsoft.Samples.Waad.PS link as referred to in the documentation.
+PRE-REQUISITES BEFORE USING THIS SAMPLE
-The source for this DLL is included under: %ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS
+*************************************************
-You may either load this in to Visual Studio 2008 / 2010 and build, or you may use the included script as follows:
+Step 1: Create the Microsoft.Samples.Waad.PS.dll
-%ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/buildWaadPS.bat
+*************************************************
-It's a simple MSBuild script that will run the default MSBuild with DEBUG configuration and copy the correct .dll in to the \php\
-scripts\ directory
+In order to use the PowerShell cmdlets provided under the %ROOT%/php/scripts/ directory, you will need to build the DLL that provides the WAAD functionality.
-Enjoy!
+We have included the source for building this DLL in this code for your convenience. It is located at:
+%ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/
+
+You have two options to build this DLL:
+
+1. Build using VS 2010 Tools Command Line and included batch file
+
+You can build this DLL easily by running:
+
+ %ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS/buildWaadPS.bat
+
+This will build the DLL and copy the DLL to the correct location under %ROOT%/php/scripts/
+
+2. Load the .csproj file and build under Visual Studio 2010 or higher
+
+This is located under %ROOT%/csharp/code/libraries/powershell/Microsoft.Samples.Waad.PS. You will need to ensure that the Microsoft.Samples.Waad.PS.dll file is moved to the correct location under %ROOT%/csharp/scripts/
+
+
+The rest of the setup instructions and walk-through are located at:
+
+http://www.windowsazure.com/en-us/develop/php/how-to-guides/web-sso/

0 comments on commit 246b6c5

Please sign in to comment.