fix for az cli signed-in-user issue

doherty100 · Aug 26, 2022 · edd546f · edd546f
1 parent 0ca40cd
commit edd546f
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -157,6 +157,18 @@ Windows 10 users can use [WSL](https://docs.microsoft.com/en-us/windows/wsl/abou
       ```powershell
       ./configure-powershell.ps1
       ```
+
+  * Install [pip3](https://pip.pypa.io/en/stable/) Python library package manager on Ubuntu 20.04 LTS (Focal Fossa)
+
+    ```bash
+    sudo apt install python3-pip
+    ```
+
+  * Install [PyJWT](https://pyjwt.readthedocs.io/en/latest/) Python library
+
+    ```bash
+    pip3 install --upgrade pyjwt
+    ```
 
   * VS Code extensions for WSL
     * [Remote - WSL](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-wsl)

diff --git a/terraform-azurerm-vnet-shared/bootstrap.sh b/terraform-azurerm-vnet-shared/bootstrap.sh
@@ -11,10 +11,16 @@ usage() {
 # Get runtime defaults
 printf "Retrieving runtime defaults ...\n"
 
-upn=$(az ad signed-in-user show --query userPrincipalName --output tsv)
-default_aad_tenant_id=$(az account list --query "[? isDefault]|[0].tenantId" --only-show-errors --output tsv)
-default_owner_object_id=$(az ad user show --id $upn --query id --output tsv)
-default_subscription_id=$(az account list --query "[? isDefault]|[0].id" --only-show-errors --output tsv)
+default_subscription_id=$(az account list --only-show-errors --query "[? isDefault]|[0].id" --output tsv)
+
+if [ -z $default_subscription_id ]
+then
+  printf "Unable to retrieve Azure subscription details. Please run 'az login' first.\n"
+  usage
+fi
+
+default_owner_object_id=$(az account get-access-token --query accessToken --output tsv | tr -d '\n' | python3 -c "import jwt, sys; print(jwt.decode(sys.stdin.read(), algorithms=['RS256'], options={'verify_signature': False})['oid'])")
+default_aad_tenant_id=$(az account show --query tenantId --output tsv)
 
 # Initialize constants
 admin_certificate_name='admincert'
@@ -118,7 +124,14 @@ if [ -n "$subscription_name" ]
 then 
   printf "Found subscription '$subscription_name'...\n"
 else
-  printf "Invalid subscription id '$subscription_id'...\n"
+  printf "Invalid subscription id '$subscription_id'.\n"
+  usage
+fi
+
+# Validate object id of Azure CLI signed in user
+if [ -z "$owner_object_id" ]
+then
+  printf "Object id for Azure CLI signed in user (owner_object_id) not provided.\n"
   usage
 fi