Config Refactor Part 2 - Change Opt Param Names & Set File Expiry

src/ApiService/ApiService/Functions/Config.cs

@@ -24,7 +24,8 @@ public async Async.Task<HttpResponseData> Get(HttpRequestData req) {
         var endpointParams = new ConfigResponse(
                 Authority: _context.ServiceConfiguration.Authority,
                 ClientId: _context.ServiceConfiguration.CliAppId,
-                TenantDomain: _context.ServiceConfiguration.TenantDomain);
+                TenantDomain: _context.ServiceConfiguration.TenantDomain,
+                MultiTenantDomain: _context.ServiceConfiguration.MultiTenantDomain);
 
         var response = req.CreateResponse(HttpStatusCode.OK);
         await response.WriteAsJsonAsync(endpointParams);

src/ApiService/ApiService/OneFuzzTypes/Responses.cs

@@ -162,7 +162,8 @@ public static ScalesetResponse ForScaleset(Scaleset s, bool includeAuth)
 public record ConfigResponse(
     string? Authority,
     string? ClientId,
-    string? TenantDomain
+    string? TenantDomain,
+    string? MultiTenantDomain
 ) : BaseResponse();
 
 public class BaseResponseConverter : JsonConverter<BaseResponse> {

src/cli/onefuzz/api.py

@@ -1892,10 +1892,10 @@ def login(self) -> str:
     def config(
         self,
         endpoint: Optional[str] = None,
-        authority: Optional[str] = None,
-        client_id: Optional[str] = None,
+        authority_override: Optional[str] = None,
+        client_id_override: Optional[str] = None,
+        tenant_domain_override: Optional[str] = None,
         enable_feature: Optional[PreviewFeature] = None,
-        tenant_domain: Optional[str] = None,
         reset: Optional[bool] = None,
     ) -> BackendConfig:
         """Configure onefuzz CLI"""
@@ -1920,14 +1920,14 @@ def config(
                     "Missing HTTP Authentication"
                 )
             self._backend.config.endpoint = endpoint
-        if authority is not None:
-            self._backend.config.authority = authority
-        if client_id is not None:
-            self._backend.config.client_id = client_id
+        if authority_override is not None:
+            self._backend.config.authority = authority_override
+        if client_id_override is not None:
+            self._backend.config.client_id = client_id_override
         if enable_feature:
             self._backend.enable_feature(enable_feature.name)
-        if tenant_domain is not None:
-            self._backend.config.tenant_domain = tenant_domain
+        if tenant_domain_override is not None:
+            self._backend.config.tenant_domain = tenant_domain_override
         self._backend.app = None
         self._backend.save_config()
 

src/cli/onefuzz/backend.py

@@ -27,7 +27,7 @@
 )
 from urllib.parse import urlparse, urlunparse
 from uuid import UUID
-
+from datetime import datetime, timedelta
 import msal
 import requests
 from azure.storage.blob import ContainerClient
@@ -97,6 +97,7 @@ class BackendConfig(BaseModel):
     endpoint: Optional[str]
     features: Set[str] = Field(default_factory=set)
     tenant_domain: str
+    expires_on: Optional[datetime] = datetime.utcnow() + timedelta(hours=24)
 
     def get_multi_tenant_domain(self) -> Optional[str]:
         if "https://login.microsoftonline.com/common" in self.authority:
@@ -133,12 +134,14 @@ def is_feature_enabled(self, name: str) -> bool:
         return name in self.config.features
 
     def load_config(self) -> None:
+
         if os.path.exists(self.config_path):
             with open(self.config_path, "r") as handle:
                 data = json.load(handle)
             self.config = BackendConfig.parse_obj(data)
 
     def save_config(self) -> None:
+
         os.makedirs(os.path.dirname(self.config_path), exist_ok=True)
         with open(self.config_path, "w") as handle:
             handle.write(self.config.json(indent=4, exclude_none=True))
@@ -326,7 +329,6 @@ def config_params(
 
         response = self.session.request("GET", endpoint + "/api/config")
 
-        logging.debug(response.json())
         endpoint_params = responses.Config.parse_obj(response.json())
 
         # Will override values in storage w/ provided values for SP use
@@ -352,6 +354,13 @@ def request(
         if not endpoint:
             raise Exception("endpoint not configured")
 
+        # If file expires, remove and force user to reset
+        if datetime.utcnow() > self.config.expires_on:
+            os.remove(self.config_path)
+            self.config = BackendConfig(
+                endpoint=endpoint, authority="", client_id="", tenant_domain=""
+            )
+
         url = endpoint + "/api/" + path
 
         if self.config.client_id == "" or (

src/deployment/config.json

@@ -1,8 +1,8 @@
 {
-    "tenant_id": "72f988bf-86f1-41af-91ab-2d7cd011db47",
-    "tenant_domain": "azurewebsites.net",
+    "tenant_id": "",
+    "tenant_domain": "",
     "multi_tenant_domain": "",
-    "cli_client_id": "72f1562a-8c0c-41ea-beb9-fa2b71c80134",
+    "cli_client_id": "",
     "proxy_nsg_config": {
         "allowed_ips": [
             "*"

src/deployment/deploy.py

@@ -190,9 +190,11 @@ def __init__(
 
         self.rules: List[NsgRule] = []
 
+        self.cli_app_id = ""
+        self.authority = ""
         self.tenant_id = ""
         self.tenant_domain = ""
-        self.authority = ""
+        self.multi_tenant_domain = ""
 
         self.cli_config: Dict[str, Union[str, UUID]] = {
             "client_id": "",
@@ -1268,12 +1270,6 @@ def main() -> None:
         action="store_true",
         help="enable appinsight log export",
     )
-    parser.add_argument(
-        "--multi_tenant_domain",
-        type=str,
-        default="",
-        help="enable multi-tenant authentication with this tenant domain",
-    )
     parser.add_argument(
         "--subscription_id",
         type=str,
@@ -1295,12 +1291,6 @@ def main() -> None:
         nargs="*",
         help="Set additional AAD tenants beyond the tenant the app is deployed in",
     )
-    parser.add_argument(
-        "--cli_app_id",
-        type=str,
-        default="",
-        help="CLI App Registration to be used during deployment.",
-    )
     parser.add_argument(
         "--auto_create_cli_app",
         action="store_true",
@@ -1348,12 +1338,10 @@ def main() -> None:
         create_registration=args.create_pool_registration,
         migrations=args.apply_migrations,
         export_appinsights=args.export_appinsights,
-        multi_tenant_domain=args.multi_tenant_domain,
         upgrade=args.upgrade,
         subscription_id=args.subscription_id,
         admins=args.set_admins,
         allowed_aad_tenants=args.allowed_aad_tenants or [],
-        cli_app_id=args.cli_app_id,
         auto_create_cli_app=args.auto_create_cli_app,
         host_dotnet_on_windows=args.host_dotnet_on_windows,
         enable_profiler=args.enable_profiler,

src/pytypes/onefuzztypes/responses.py

@@ -56,6 +56,7 @@ class Config(BaseResponse):
     authority: str
     client_id: str
     tenant_domain: str
+    multi_tenant_domain: Optional[str]
 
 
 class ContainerInfoBase(BaseResponse):