Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def get_aad_token(endpoint, no_verify):
#pylint: disable-msg=too-many-locals
"""Get AAD token"""
auth = ClientCertAuthentication(None, None, no_verify)
client = ServiceFabricClientAPIs(auth, base_url=endpoint)
aad_metadata = client.get_aad_metadata()
if aad_metadata.type != "aad":
raise CLIError("Not AAD cluster")
aad_resource = aad_metadata.metadata
tenant_id = aad_resource.tenant
authority_uri = aad_resource.login + '/' + tenant_id
context = adal.AuthenticationContext(authority_uri,
api_version=None)
cluster_id = aad_resource.cluster
client_id = aad_resource.client
:param pem: See select command in this file
:param cert: See select command in this file
:param key: See select command in this file
:param ca: See select command in this file
:param no_verify: See select command in this file
:return: ClientCertAuthentication
"""
client_cert = None
if pem:
client_cert = pem
elif cert:
client_cert = (cert, key)
return ClientCertAuthentication(client_cert, ca, no_verify)
if not endpoint:
raise CLIError('Connection endpoint not found. '
'Before running sfctl commands, connect to a cluster using '
'the "sfctl cluster select" command. '
'If you are seeing this message on Linux after already selecting a cluster, '
'you may need to run the command with sudo.')
no_verify = no_verify_setting()
if security_type() == 'aad':
auth = AdalAuthentication(no_verify)
else:
cert = cert_info()
ca_cert = ca_cert_info()
auth = ClientCertAuthentication(cert, ca_cert, no_verify)
client = ServiceFabricClientAPIs(auth, base_url=endpoint)
# client.config.retry_policy has type msrest.pipeline.ClientRetryPolicy
client.config.retry_policy.total = False
client.config.retry_policy.policy.total = False
# msrest defines ClientRetryPolicy in pipline.py.
# ClientRetryPolicy.__init__ defines values for status_forcelist
# which is passed to urllib3.util.retry.Retry
client.config.retry_policy.policy.status_forcelist = None
return client