Azure DevOps Api not working with django-allauth azure

0
votes

I used django-allauth to make it possible for someone to link his microsoft account using azure provider and now I want to access Azure DevOps Api. I registered the app in Azure Active Directory and enabled Azure DevOps permission. When I'm trying to access https://dev.azure.com/{organization}/{project}/_apis/git/repositories?api-version=5.1 status code 203 is returned.

Looking at the docs (https://docs.microsoft.com/en-us/rest/api/azure/devops/git/repositories/list?view=azure-devops-rest-5.1#oauth2) I can see the token url needed for Azure DevOps authentication is: https://app.vssps.visualstudio.com/oauth2/token but django-allauth get it's token for azure from https://login.microsoftonline.com/common/oauth2/v2.0/token.

My question is: can I somehow link those 2 tokens? Something like making a request to https://app.vssps.visualstudio.com/oauth2/token with my existent token and getting a new one for Azure DevOps? If yes, how would I do it? Any help is welcomed

1
pythondjangoazure-devopsazure-active-directorydjango-allauth
What have you tried so far?Ben
not much tbh, i guess i'm gonna try to write my own providertronelo

1 Answers

0
votes

You cannot link tokens I'm afraid, token issuance in OAuth is done based on scopes. As the scopes are different you cannot use the token issued by one provider to access APIs on another endpoint.

One of two options will work for you I think, I have limited knowledge of django-allauth though I'm afraid.

First, you can create a new App Registration in Azure AD and then grant that application access to the Azure DevOps APIs through API Permissions in the portal. Secondly, you may need to extend django-allauth to then point to a different OAuth token endpoint so it can request the token from the right scope. Otherwise, I'm afraid you won't be able to get anywhere.