-
Notifications
You must be signed in to change notification settings - Fork 0
/
SetAADAuthWebApp.ps1
44 lines (34 loc) · 1.58 KB
/
SetAADAuthWebApp.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
param(
# Parameter help description
[Parameter(Mandatory=$true,Position=1)]
[string]$ResourceGroupName,
[Parameter(Mandatory=$true,Position=2)]
[string]$WebAppName,
[Parameter(Mandatory=$true,Position=3)]
[string]$ClientId,
[Parameter(Mandatory=$true,Position=4)]
[string]$ClientSecret,
[Parameter(Mandatory=$true,Position=4)]
[string]$IssuerUrl,
[Parameter(Mandatory=$false,Position=5)]
[ValidateSet("AzureCloud","AzureUsGovernment","AzureGermanCloud","AzureChinaCloud")]
[String]$Environment = "AzureCloud"
)
$azcontext = Get-AzureRmContext
if ([string]::IsNullOrEmpty($azcontext.Account) -or
!($azcontext.Environment.Name -eq $Environment))
{
Login-AzureRmAccount -Environment $Environment
}
$azcontext = Get-AzureRmContext
$authResourceName = $WebAppName + "/authsettings"
$auth = Invoke-AzureRmResourceAction -ResourceGroupName $ResourceGroupName -ResourceType Microsoft.Web/sites/config -ResourceName $authResourceName -Action list -ApiVersion 2016-08-01 -Force
$auth.properties.enabled = "True"
$auth.properties.unauthenticatedClientAction = "RedirectToLoginPage"
$auth.properties.tokenStoreEnabled = "True"
$auth.properties.defaultProvider = "AzureActiveDirectory"
$auth.properties.isAadAutoProvisioned = "False"
$auth.properties.clientId = $ClientId
$auth.properties.clientSecret = $ClientSecret
$auth.properties.issuer = $IssuerUrl
New-AzureRmResource -PropertyObject $auth.properties -ResourceGroupName $ResourceGroupName -ResourceType Microsoft.Web/sites/config -ResourceName $authResourceName -ApiVersion 2016-08-01 -Force