-
Notifications
You must be signed in to change notification settings - Fork 2
/
sso-register-client.ps1
53 lines (42 loc) · 1.98 KB
/
sso-register-client.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
[CmdletBinding()]
param(
[parameter()] [uri] $Uri = "https://login.example.ubidemo.com",
[parameter()] [uri] $ManageUri = "https://manage.example.ubidemo.com",
[parameter()] [uri] $RedirectUri = "http://localhost:19282/signin-oidc"
)
Import-Module "oauth2"
Import-Module "sso-api-v2"
$public_client_config = @"
{
"redirect_uris": [
"http://localhost/public",
"http://localhost/spa.html"
],
"grant_types": [
"authorization_code"
],
"client_id": "public",
"client_secret": "public"
}
"@
New-OAuthClientConfig -Json $public_client_config | New-SSOLogon -Uri $Uri -ManageUri $ManageUri -Browser "default"
Get-OAuthMetadata -Authority ([uri]::new($Uri, "/uas")) | ConvertTo-Json | Set-Content -Path "openid-configuration.json" -Force
$password1 = Get-SSOObject -Type "method" "password.1" -ErrorAction Stop
$sms1 = Get-SSOObject -Type "method" "sms.1" -ErrorAction Stop
$smtp1 = Get-SSOObject -Type "method" "smtp.1" -ErrorAction Stop
$allusers = Get-SSOObject -Type "group" "System","Authenticated Users" -ErrorAction Stop
$site = Set-SSOObject -Type "site" "AspNetCoreSample"
$password1,$sms1,$smtp1 | Set-SSOLink -Link $site | Out-Null
$users = $site | Set-SSOChild -ChildType "group" "users"
$users | Set-SSOLink -LinkName "member" -Link $allusers | Out-Null
$sms1,$smtp1 | Set-SSOLink -Link $users | Out-Null
$policy = $site | Set-SSOChild -ChildType "policy" "policy"
$app = $site | Set-SSOChild -ChildType "application" "application" -Enabled
$app | Set-SSOLink -LinkName "allowedTo" -Link $users | Out-Null
$app | Set-SSOLink -Link $policy | Out-Null
$password1,$sms1,$smtp1 | Set-SSOLink -Link $app -Enabled | Out-Null
$request = @{
"redirect_uris"=@($RedirectUri)
} | ConvertTo-Json
$response = $app | Set-SSOAttribute -Name "metadata" -ContentType "application/json" -Body $request
$response | ConvertTo-Json | Set-Content -Path "client-config.json" -Force