Closed lmvdz closed 2 years ago
import requests
import os
from dotenv import load_dotenv, find_dotenv
load_dotenv(find_dotenv())
mgraphSecret = os.getenv('GRAPH_SECRET')
mgraphAppID = os.getenv('GRAPH_APP_ID')
mgraphTenant = os.getenv('TENANT_ID')
api_url = "https://login.microsoftonline.com/" + mgraphTenant + "/oauth2/token"
data = {
'resource': 'https://adnotifications.windowsazure.com/StrongAuthenticationService.svc/Connector',
'client_id': mgraphAppID,
'scope': 'openid',
'client_secret': mgraphSecret,
'grant_type': 'client_credentials',
}
response = requests.post(url=api_url, data=data)
response_data = response.json()
access_token = response_data['access_token']
emailAddressToPush = "emailaddress@email.com"
xml = '<BeginTwoWayAuthenticationRequest> \
<Version>1.0</Version>\
<UserPrincipalName>' + emailAddressToPush + '</UserPrincipalName>\
<Lcid>en-us</Lcid> \
<AuthenticationMethodProperties xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"> \
<a:KeyValueOfstringstring> \
<a:Key>OverrideVoiceOtp</a:Key> \
<a:Value>true</a:Value> \
</a:KeyValueOfstringstring> \
</AuthenticationMethodProperties> \
<ContextId>69ff05bf-eb61-47f7-a70e-e7d77b6d47d0</ContextId> \
<SyncCall>true</SyncCall> \
<RequireUserMatch>true</RequireUserMatch> \
<CallerName>Pritunl Authy</CallerName> \
<CallerIP>UNKNOWN:</CallerIP> \
</BeginTwoWayAuthenticationRequest>'
response = requests.post(url="https://adnotifications.windowsazure.com/StrongAuthenticationService.svc/Connector//BeginTwoWayAuthentication", headers={"Authorization": "Bearer " + access_token, "Content-Type": "application/xml"}, data = xml)
print(response.content)
The server encountered an error processing the request. See server logs for more details.
i honestly have no clue. You seem to be missing a lot of code though, such as using the correct spn and generating password.
But, this is a powershell solution, not a python solution. Im not really sure why you are asking for help here.
As they say on the internet, Sir, this is a wendys
Can you confirm that the powershell script is still working?
Yup
Where does the RefreshToken and Genpass token come from? I have an AppID and AppSecret
Also what does spn stand for?
You can check out the docs here https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
Here is a version I made which only uses graph requests which might be easier to convert https://github.com/lwhitelock/AzValidate-1 and here is an improved version I tweaked for CIPP https://github.com/KelvinTegelaar/CIPP-API/blob/master/ExecSendPush/run.ps1
Hi, is there something I need to do to get this working in python?