Hello world

Author: rcobb-scwx

README.md

@@ -0,0 +1,32 @@
+@startuml
+
+skinparam linetype polyline
+'skinparam sequenceMessageAlign left
+skinparam nodesep 75
+skinparam ranksep 45
+
+' Azure
+!define AzurePuml https://raw.githubusercontent.com/plantuml-stdlib/Azure-PlantUML/master/dist
+!includeurl AzurePuml/AzureCommon.puml
+!includeurl AzurePuml/AzureSimplified.puml
+!includeurl AzurePuml/Identity/AzureActiveDirectoryUser.puml
+!includeurl AzurePuml/Identity/AzureEnterpriseApplication.puml
+!includeurl AzurePuml/Identity/AzureActiveDirectory.puml
+!includeurl AzurePuml/Analytics/AzureAnalysisServices.puml
+
+skinparam MaxMessageSize 1500
+skinparam MaxAsciiMessageLength 1500
+
+AzureActiveDirectoryUser(resourceowner, "\nResource Owner\n(End-User)", "Global")
+AzureEnterpriseApplication(clientapp, "\nClient Application\n(Third-Party OAuth Apps)", "Global")
+AzureActiveDirectory(aad, "\nAuthorization Server\n(Azure Active Directory)", "Global")
+AzureAnalysisServices(resourceserver, "\nResource Server\n(Microsoft Graph)", "Global")
+
+resourceserver -[dotted]l---> aad: "Exposes API as scope"
+resourceserver <---d- clientapp: "   Bears tokens "
+clientapp -l---> resourceowner: "Requests consent   "
+resourceowner -u---> aad: "   Grants consent\n  to client for scope"
+aad ---> clientapp: "Issues Tokens"
+
+@endumls
+

atte22.md

@@ -0,0 +1,46 @@
+@startuml
+
+'skinparam linetype polyline
+skinparam sequenceMessageAlign left
+skinparam nodesep 40
+'skinparam ranksep 10
+
+
+' Azure
+!define AzurePuml https://raw.githubusercontent.com/plantuml-stdlib/Azure-PlantUML/master/dist
+!includeurl AzurePuml/AzureCommon.puml
+!includeurl AzurePuml/AzureSimplified.puml
+!includeurl AzurePuml/Identity/AzureActiveDirectoryUser.puml
+!includeurl AzurePuml/Identity/AzureEnterpriseApplication.puml
+!includeurl AzurePuml/Identity/AzureActiveDirectory.puml
+!includeurl AzurePuml/Analytics/AzureAnalysisServices.puml
+
+skinparam sequence {
+    ParticipantBorderColor #666666
+    ParticipantBackgroundColor AZURE_BG_COLOR
+    ParticipantPadding 50
+}
+
+skinparam SequenceLifeLineBorderColor AZURE_BORDER_COLOR
+skinparam MaxMessageSize 1500
+skinparam MaxAsciiMessageLength 1500
+
+participant user as "<$AzureActiveDirectoryUser,color=#0072C6>\nResource Owner\n(End-User)"
+participant client as "<$AzureEnterpriseApplication,color=#0072C6>\nClient Application\n(Azure CLI)"
+participant resource as "<$AzureAnalysisServices,color=#0072C6>\nResource Server\n(Microsoft Graph)"
+participant aad as "<$AzureActiveDirectory,color=#0072C6>\nAuthorization Server\n(Azure Active Directory)"
+
+autonumber
+user -> client: Uses client application
+|||
+client -> user: Initiates auth flow
+|||
+user -> aad: Interactively signs-in
+|||
+aad -> client: Returns access token & refresh token
+|||
+client -> resource: Bears access token in HTTP header
+|||
+
+@endumls
+

diagrams/consent.puml

@@ -0,0 +1,44 @@
+@startuml
+
+'skinparam linetype polyline
+skinparam sequenceMessageAlign left
+skinparam nodesep 40
+'skinparam ranksep 10
+
+
+' Azure
+!define AzurePuml https://raw.githubusercontent.com/plantuml-stdlib/Azure-PlantUML/master/dist
+!includeurl AzurePuml/AzureCommon.puml
+!includeurl AzurePuml/AzureSimplified.puml
+!includeurl AzurePuml/Identity/AzureActiveDirectoryUser.puml
+!includeurl AzurePuml/Identity/AzureEnterpriseApplication.puml
+!includeurl AzurePuml/Identity/AzureActiveDirectory.puml
+!includeurl AzurePuml/Analytics/AzureAnalysisServices.puml
+
+skinparam sequence {
+    ParticipantBorderColor #666666
+    ParticipantBackgroundColor AZURE_BG_COLOR
+    ParticipantPadding 50
+}
+
+skinparam SequenceLifeLineBorderColor AZURE_BORDER_COLOR
+skinparam MaxMessageSize 1500
+skinparam MaxAsciiMessageLength 1500
+
+
+participant user as "<$AzureActiveDirectoryUser,color=#0072C6>\nResource Owner\n(End-User)"
+participant client as "<$AzureEnterpriseApplication,color=#0072C6>\nClient Application\n(Azure CLI)"
+participant resource as "<$AzureAnalysisServices,color=#0072C6>\nResource Server\n(Microsoft Graph)"
+participant aad as "<$AzureActiveDirectory,color=#0072C6>\nAuthorization Server\n(Azure Active Directory)"
+
+autonumber
+client -x resource: Access token expires
+|||
+client -> aad: Redeems refresh token
+|||
+aad -> client: Returns new\naccess token & refresh token
+|||
+client -> resource: Bears access token in HTTP header
+
+@endumls
+

diagrams/obtains-tokens.puml

@@ -0,0 +1,16 @@
+client_id,application_name
+00b41c95-dab0-4487-9791-b9d2c32c80f2,Office 365 Management
+04b07795-8ddb-461a-bbee-02f9e1bf7b46,Microsoft Azure CLI
+1950a258-227b-4e31-a9cf-717495945fc2,Microsoft Azure PowerShell
+1fec8e78-bce4-4aaf-ab1b-5451cc387264,Microsoft Teams
+26a7ee05-5602-4d76-a7ba-eae8b7b67941,Windows Search
+27922004-5251-4030-b22d-91ecd9a37ea4,Outlook Mobile
+4813382a-8fa7-425e-ab75-3b753aab3abb,Microsoft Authenticator App
+ab9b8c07-8f02-4f72-87fa-80105867a763,OneDrive SyncEngine
+d3590ed6-52b3-4102-aeff-aad2292ab01c,Microsoft Office
+872cd9fa-d31f-45e0-9eab-6e460a02d1f1,Visual Studio
+af124e86-4e96-495a-b70a-90f90ab96707,OneDrive iOS App
+2d7f3606-b07d-41d1-b9d2-0d0c9296a6e8,Microsoft Bing Search for Microsoft Edge
+844cca35-0656-46ce-b636-13f48b0eecbd,Microsoft Stream Mobile Native
+87749df4-7ccf-48f8-aa87-704bad0e0e16,Microsoft Teams - Device Admin Agent
+cf36b471-5b44-428c-9ce7-313bf84528de,Microsoft Bing Search

diagrams/refresh-tokens.puml

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+set -e
+
+jupyter nbextension install --py jupytext --user
+jupytext --to notebook README.md
+jupytext --to notebook atte22.md

images/consent.svg

@@ -0,0 +1,5 @@
+msal
+pyjwt
+requests
+jupytext
+pandas

images/device-code.png

@@ -0,0 +1 @@
+python-3.9