# Re-usable functions for Azure Active Directory

In [5]:
%run /common/keyvault-functions {"kvLinkedService": "keyvault01"}

In [6]:
tenandIdSecret = "<Azure Key Vault Secret for TenantID>"
servicePrincipalIdSecret = "<Azure Key Vault Secret for Service Principal ID>"
servicePrincipalSecret = "<Azure Key Vault Secret for Service Principal secret>"
authUrl = "https://login.windows.net"
resourceUrl = "https://database.windows.net/"

In [7]:
import adal



# getBearerToken()

In [9]:
def getBearerToken():
    ############################################################################
    # getBearerToken
    # Returns a bearer token for a service principal AAD authentication
    #
    # Parameters:
    #       None
    #
    # Returns:
    #     Bearer Token  
    ############################################################################

    tenantId = getSecret(tenandIdSecret)
    servicePrincipalId = getSecret(servicePrincipalIdSecret)
    secret = getSecret(servicePrincipalSecret)

    assert tenantId is not None, "tenantId not specified"
    assert servicePrincipalId is not None, "servicePrincipalId not specified"
    assert secret is not None, "secret not specified"
    assert authUrl is not None, "authUrl not specified"
    assert resourceUrl is not None, "resourceUrl not specified"

    authority = authUrl + "/" + tenantId
    try:
        context = adal.AuthenticationContext(authority)
        token = context.acquire_token_with_client_credentials(resourceUrl, servicePrincipalId, secret)
        accessToken = token["accessToken"]
    except Exception as e:
        print("getBearerToken failed with exception:")
        raise e
    return accessToken