github/azure-sdk-for-cpp
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add -TestAuth flag to verify Bearer token authentication

Browse Source
This commit is contained in:
Alitzel Mendez 2025-12-08 10:31:46 -08:00 committed by azure-sdk
parent 377d7094f5
commit e528dc9c10
1 changed files with 64 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
eng/common/scripts/Create-APIReview.ps1
View File

@ -2,7 +2,7 @@
Param ( Param (
[Parameter(Mandatory=$False)] [Parameter(Mandatory=$False)]
[array] $ArtifactList, [array] $ArtifactList,
[Parameter(Mandatory=$True)] [Parameter(Mandatory=$False)]
[string] $ArtifactPath, [string] $ArtifactPath,
[Parameter(Mandatory=$False)] [Parameter(Mandatory=$False)]
[string] $APIKey, [string] $APIKey,
@ -17,10 +17,72 @@ Param (
[bool] $MarkPackageAsShipped = $false, [bool] $MarkPackageAsShipped = $false,
[Parameter(Mandatory=$False)] [Parameter(Mandatory=$False)]
[array] $PackageInfoFiles, [array] $PackageInfoFiles,
[string] $APIViewAudience = "api://apiview" [string] $APIViewAudience = "api://apiview",
[switch] $TestAuth
) )
Set-StrictMode -Version 3 Set-StrictMode -Version 3
# Test authentication mode - just verify Bearer token works and exit
if ($TestAuth) {
Write-Host "=== APIView Authentication Test Mode ===" -ForegroundColor Cyan
Write-Host "Testing Bearer token authentication against APIView..."
Write-Host ""
try {
Write-Host "Step 1: Acquiring access token for audience: $APIViewAudience"
$tokenResponse = az account get-access-token --resource $APIViewAudience --output json 2>&1
if ($LASTEXITCODE -ne 0) {
Write-Host "FAILED: Could not acquire token. Error: $tokenResponse" -ForegroundColor Red
Write-Host "Make sure you are logged in with 'az login'" -ForegroundColor Yellow
exit 1
}
$parsed = $tokenResponse | ConvertFrom-Json
Write-Host "SUCCESS: Token acquired! Expires: $($parsed.expiresOn)" -ForegroundColor Green
Write-Host ""
Write-Host "Step 2: Testing authenticated request to APIView..."
$headers = @{
"Authorization" = "Bearer $($parsed.accessToken)"
}
# Make a simple GET request to verify the token is accepted
# Using the reviews endpoint which should return 200 or redirect if auth works
$testUri = "https://apiview.dev/api/reviews"
Write-Host "Calling: GET $testUri"
try {
$response = Invoke-WebRequest -Uri $testUri -Headers $headers -Method GET -MaximumRedirection 0 -ErrorAction Stop
Write-Host "SUCCESS: API responded with status $($response.StatusCode)" -ForegroundColor Green
}
catch {
$statusCode = $_.Exception.Response.StatusCode.Value__
if ($statusCode -eq 401 -or $statusCode -eq 403) {
Write-Host "FAILED: Authentication rejected (HTTP $statusCode)" -ForegroundColor Red
Write-Host "The token was acquired but APIView rejected it." -ForegroundColor Yellow
Write-Host "This may indicate the service principal doesn't have access." -ForegroundColor Yellow
exit 1
}
elseif ($statusCode -ge 200 -and $statusCode -lt 400) {
Write-Host "SUCCESS: API responded with status $statusCode" -ForegroundColor Green
}
else {
Write-Host "WARNING: API responded with status $statusCode" -ForegroundColor Yellow
Write-Host "This may be expected depending on the endpoint. Auth likely worked." -ForegroundColor Yellow
}
}
Write-Host ""
Write-Host "=== Authentication Test Complete ===" -ForegroundColor Cyan
Write-Host "Bearer token authentication is working!" -ForegroundColor Green
exit 0
}
catch {
Write-Host "FAILED: Unexpected error: $($_.Exception.Message)" -ForegroundColor Red
exit 1
}
}
. (Join-Path $PSScriptRoot common.ps1) . (Join-Path $PSScriptRoot common.ps1)
. (Join-Path $PSScriptRoot Helpers ApiView-Helpers.ps1) . (Join-Path $PSScriptRoot Helpers ApiView-Helpers.ps1)