diff --git a/CHANGELOG.md b/CHANGELOG.md index f9dfc1e..b424497 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ The format is based on and uses the types of changes according to [Keep a Change ## [Unreleased] +### Changed + +- `-TenantId` parameter is now called `-Tenant`, but `-TenantId` alias is still supported #99 + ## [2.4.0] - 2024-12-12 ### Added diff --git a/docs/help/Get-AzToken.md b/docs/help/Get-AzToken.md index 37affb2..d0e1054 100644 --- a/docs/help/Get-AzToken.md +++ b/docs/help/Get-AzToken.md @@ -15,70 +15,67 @@ Gets a new Azure access token. ### NonInteractive (Default) ``` -Get-AzToken [[-Resource] ] [[-Scope] ] [-TenantId ] [-Claim ] +Get-AzToken [[-Resource] ] [[-Scope] ] [-Tenant ] [-Claim ] [-ClientId ] [-TimeoutSeconds ] [-CredentialPrecedence ] [-Force] [] ``` ### Cache ``` -Get-AzToken [[-Resource] ] [[-Scope] ] [-TenantId ] [-Claim ] +Get-AzToken [[-Resource] ] [[-Scope] ] [-Tenant ] [-Claim ] [-ClientId ] -TokenCache -Username [] ``` ### Interactive ``` -Get-AzToken [[-Resource] ] [[-Scope] ] [-TenantId ] [-Claim ] +Get-AzToken [[-Resource] ] [[-Scope] ] [-Tenant ] [-Claim ] [-ClientId ] [-TokenCache ] [-TimeoutSeconds ] [-Interactive] [-Force] [] ``` ### Broker ``` -Get-AzToken [[-Resource] ] [[-Scope] ] [-TenantId ] [-Claim ] +Get-AzToken [[-Resource] ] [[-Scope] ] [-Tenant ] [-Claim ] [-ClientId ] [-Broker] [] ``` ### DeviceCode ``` -Get-AzToken [[-Resource] ] [[-Scope] ] [-TenantId ] [-Claim ] +Get-AzToken [[-Resource] ] [[-Scope] ] [-Tenant ] [-Claim ] [-ClientId ] [-TokenCache ] [-TimeoutSeconds ] [-DeviceCode] [-Force] [] ``` ### ManagedIdentity ``` -Get-AzToken [[-Resource] ] [[-Scope] ] [-TenantId ] [-Claim ] +Get-AzToken [[-Resource] ] [[-Scope] ] [-Tenant ] [-Claim ] [-ClientId ] [-TimeoutSeconds ] [-ManagedIdentity] [-Force] [] ``` ### WorkloadIdentity ``` -Get-AzToken [[-Resource] ] [[-Scope] ] -TenantId [-Claim ] - -ClientId [-WorkloadIdentity] -ExternalToken [-Force] - [] +Get-AzToken [[-Resource] ] [[-Scope] ] -Tenant [-Claim ] -ClientId + [-WorkloadIdentity] -ExternalToken [-Force] [] ``` ### ClientSecret ``` -Get-AzToken [[-Resource] ] [[-Scope] ] -TenantId [-Claim ] - -ClientId -ClientSecret [-Force] [] +Get-AzToken [[-Resource] ] [[-Scope] ] -Tenant [-Claim ] -ClientId + -ClientSecret [-Force] [] ``` ### ClientCertificate ``` -Get-AzToken [[-Resource] ] [[-Scope] ] -TenantId [-Claim ] - -ClientId -ClientCertificate [-Force] - [] +Get-AzToken [[-Resource] ] [[-Scope] ] -Tenant [-Claim ] -ClientId + -ClientCertificate [-Force] [] ``` ### ClientCertificatePath ``` -Get-AzToken [[-Resource] ] [[-Scope] ] -TenantId [-Claim ] - -ClientId -ClientCertificatePath [-Force] - [] +Get-AzToken [[-Resource] ] [[-Scope] ] -Tenant [-Claim ] -ClientId + -ClientCertificatePath [-Force] [] ``` ## DESCRIPTION @@ -416,14 +413,13 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -TenantId - -The id of the tenant that the token should be valid for. +### -Tenant +The id or name of the tenant that the token should be valid for. ```yaml Type: String Parameter Sets: NonInteractive, Cache, Interactive, Broker, DeviceCode, ManagedIdentity -Aliases: +Aliases: TenantId Required: False Position: Named @@ -435,7 +431,7 @@ Accept wildcard characters: False ```yaml Type: String Parameter Sets: WorkloadIdentity, ClientSecret, ClientCertificate, ClientCertificatePath -Aliases: +Aliases: TenantId Required: True Position: Named diff --git a/source/AzAuth.PS/Cmdlets/GetAzToken.cs b/source/AzAuth.PS/Cmdlets/GetAzToken.cs index 89b4b2b..e4de085 100644 --- a/source/AzAuth.PS/Cmdlets/GetAzToken.cs +++ b/source/AzAuth.PS/Cmdlets/GetAzToken.cs @@ -47,7 +47,8 @@ public class GetAzToken : PSLoggerCmdletBase [Parameter(ParameterSetName = "ClientCertificate", Mandatory = true)] [Parameter(ParameterSetName = "ClientCertificatePath", Mandatory = true)] [ValidateNotNullOrEmpty] - public string TenantId { get; set; } + [Alias("TenantId")] + public string Tenant { get; set; } [Parameter(ParameterSetName = "NonInteractive")] [Parameter(ParameterSetName = "Cache")] @@ -190,17 +191,17 @@ should be WriteVerbose(@$"Looking for a token from the following sources: {string.Join(Environment.NewLine, CredentialPrecedence.Select(cred => $"{cred} ({TokenManager.GetCredentialDocumentationUrl(cred)})"))}"); - WriteObject(TokenManager.GetTokenNonInteractive(Resource, Scope, Claim, TenantId, CredentialPrecedence, noninteractiveTimeoutSeconds, managedIdentityTimeoutSeconds, stopProcessing.Token)); + WriteObject(TokenManager.GetTokenNonInteractive(Resource, Scope, Claim, Tenant, CredentialPrecedence, noninteractiveTimeoutSeconds, managedIdentityTimeoutSeconds, stopProcessing.Token)); } else if (ParameterSetName == "Cache") { WriteVerbose($"Getting token from token cache named \"{TokenCache}\"."); - WriteObject(TokenManager.GetTokenFromCache(Resource, Scope, Claim, ClientId, TenantId, TokenCache!, Username, stopProcessing.Token)); + WriteObject(TokenManager.GetTokenFromCache(Resource, Scope, Claim, ClientId, Tenant, TokenCache!, Username, stopProcessing.Token)); } else if (Interactive.IsPresent) { WriteVerbose("Getting token interactively using the default browser."); - WriteObject(TokenManager.GetTokenInteractive(Resource, Scope, Claim, ClientId, TenantId, TokenCache, TimeoutSeconds, stopProcessing.Token)); + WriteObject(TokenManager.GetTokenInteractive(Resource, Scope, Claim, ClientId, Tenant, TokenCache, TimeoutSeconds, stopProcessing.Token)); } else if (Broker.IsPresent) { @@ -209,7 +210,7 @@ should be { throw new PlatformNotSupportedException("The WAM broker authentication is only supported on Windows."); } - WriteObject(TokenManager.GetTokenInteractiveBroker(Resource, Scope, Claim, ClientId, TenantId, TimeoutSeconds, stopProcessing.Token)); + WriteObject(TokenManager.GetTokenInteractiveBroker(Resource, Scope, Claim, ClientId, Tenant, TimeoutSeconds, stopProcessing.Token)); } else if (DeviceCode.IsPresent) { @@ -218,7 +219,7 @@ should be // Set up a BlockingCollection to use for logging device code message BlockingCollection loggingQueue = new(); // Start device code flow and save task - var tokenTask = joinableTaskFactory.RunAsync(() => TokenManager.GetTokenDeviceCodeAsync(Resource, Scope, Claim, ClientId, TenantId, TokenCache, TimeoutSeconds, loggingQueue, stopProcessing.Token)); + var tokenTask = joinableTaskFactory.RunAsync(() => TokenManager.GetTokenDeviceCodeAsync(Resource, Scope, Claim, ClientId, Tenant, TokenCache, TimeoutSeconds, loggingQueue, stopProcessing.Token)); // Loop through messages and log them to warning stream (verbose is silent by default) try @@ -241,27 +242,27 @@ should be TimeoutSeconds = 1; } WriteVerbose("Getting token using a managed identity (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.managedidentitycredential)."); - WriteObject(TokenManager.GetTokenManagedIdentity(Resource, Scope, Claim, ClientId, TenantId, TimeoutSeconds, stopProcessing.Token)); + WriteObject(TokenManager.GetTokenManagedIdentity(Resource, Scope, Claim, ClientId, Tenant, TimeoutSeconds, stopProcessing.Token)); } else if (WorkloadIdentity.IsPresent) { WriteVerbose($"Getting token using workload identity federation (using client assertion) for client \"{ClientId}\" (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.clientassertioncredential)."); - WriteObject(TokenManager.GetTokenWorkloadIdentity(Resource, Scope, Claim, ClientId, TenantId, ExternalToken, stopProcessing.Token)); + WriteObject(TokenManager.GetTokenWorkloadIdentity(Resource, Scope, Claim, ClientId, Tenant, ExternalToken, stopProcessing.Token)); } else if (ParameterSetName == "ClientSecret") { WriteVerbose($"Getting token using client secret for client \"{ClientId}\" (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.clientsecretcredential)."); - WriteObject(TokenManager.GetTokenClientSecret(Resource, Scope, Claim, ClientId, TenantId, ClientSecret, stopProcessing.Token)); + WriteObject(TokenManager.GetTokenClientSecret(Resource, Scope, Claim, ClientId, Tenant, ClientSecret, stopProcessing.Token)); } else if (ParameterSetName == "ClientCertificate") { WriteVerbose($"Getting token using client certificate for client \"{ClientId}\" (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.clientcertificatecredential)."); - WriteObject(TokenManager.GetTokenClientCertificate(Resource, Scope, Claim, ClientId, TenantId, ClientCertificate, stopProcessing.Token)); + WriteObject(TokenManager.GetTokenClientCertificate(Resource, Scope, Claim, ClientId, Tenant, ClientCertificate, stopProcessing.Token)); } else if (ParameterSetName == "ClientCertificatePath") { WriteVerbose($"Getting token using client certificate for client \"{ClientId}\" (https://learn.microsoft.com/en-us/dotnet/api/azure.identity.clientcertificatecredential)."); - WriteObject(TokenManager.GetTokenClientCertificate(Resource, Scope, Claim, ClientId, TenantId, ClientCertificatePath, stopProcessing.Token)); + WriteObject(TokenManager.GetTokenClientCertificate(Resource, Scope, Claim, ClientId, Tenant, ClientCertificatePath, stopProcessing.Token)); } else { diff --git a/tests/Get-AzToken.Tests.ps1 b/tests/Get-AzToken.Tests.ps1 index 6cd3552..4e6dd1f 100644 --- a/tests/Get-AzToken.Tests.ps1 +++ b/tests/Get-AzToken.Tests.ps1 @@ -33,7 +33,7 @@ BeforeDiscovery { ) } @{ - Name = 'TenantId' + Name = 'Tenant' Type = 'string' ParameterSets = @( @{ Name = 'NonInteractive'; Mandatory = $false }