search

Gerenios / AADInternals

AADInternals PowerShell module for administering Azure AD and Office 365
http://aadinternals.com/aadinternals
MIT License
1.2k stars 210 forks source link

Get-AADIntAccessToken not working anymore #89

Closed marcottedan closed 2 months ago

marcottedan commented 2 months ago

Reproduction steps:

Environment: Windows VM 10 Pro 22H2

You cannot call a method on a null-valued expression.
At C:\Program Files\WindowsPowerShell\Modules\AADInternals\0.9.3\AccessToken_utils.ps1:2715 char:24
+                     if($config.urlPost.startsWith("/"))
+                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

AADSTS90100: ctx parameter is empty or not valid.
At C:\Program Files\WindowsPowerShell\Modules\AADInternals\0.9.3\AccessToken_utils.ps1:2861 char:33
+ ...                              throw $config.strServiceExceptionMessage
+                                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (AADSTS90100: ct...y or not valid.:String) [], RuntimeException
    + FullyQualifiedErrorId : AADSTS90100: ctx parameter is empty or not valid.

Another example from Macos running the Powershell docker image: 

Get-AADIntAccessToken -ClientId "fb78d390-0c51-40cd-8e17-fdbfab77341b" -Resource "https://outlook.office365.com"
Logging in to Microsoft Services                                                                                        
Enter email, phone, or Skype: <redacted>
Password: *****************
Password: *****************  <don't know why it asks the pwd twice>
InvalidOperation: /root/.local/share/powershell/Modules/AADInternals/0.9.3/AccessToken_utils.ps1:2715
Line |
2715 |                      if($config.urlPost.startsWith("/"))
     |                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | You cannot call a method on a null-valued expression.
Exception: /root/.local/share/powershell/Modules/AADInternals/0.9.3/AccessToken_utils.ps1:2861                          
Line |
2861 |  …                              throw $config.strServiceExceptionMessage
     |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | AADSTS90100: ctx parameter is empty or not valid.
marcottedan commented 2 months ago

Turns out we need to add this flag now: -UseDeviceCode $true

Get-AADIntAccessToken -ClientId "fb78d390-0c51-40cd-8e17-fdbfab77341b" -Resource "https://outlook.office365.com" -UseDeviceCode $true