Skip to content

Commit

Permalink
Fix Azure IMDS auth for Arc-enabled servers running PowerShell 7 (#562)
Browse files Browse the repository at this point in the history
  • Loading branch information
rmbolger committed Aug 23, 2024
1 parent 4fc61a5 commit 8255674
Showing 1 changed file with 12 additions and 1 deletion.
13 changes: 12 additions & 1 deletion Posh-ACME/Plugins/Azure.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -500,7 +500,18 @@ function Connect-AZTenant {
} catch {
# Arc-enabled servers will send a 401 response prompting to retry with Basic auth using the contents
# of a local file specified in the WWW-Authenticate header.
if (401 -eq $_.Exception.Response.StatusCode -and ($authHeader = $_.Exception.Response.Headers['WWW-Authenticate'])) {
# But the way we access the headers in the response is different between PowerShell 5.1 and 7+ because
# the .NET types are significantly different.
if ($_.Exception.Response -and 401 -eq $_.Exception.Response.StatusCode) {
$exHeaders = $_.Exception.Response.Headers
if ('WwwAuthenticate' -in $exHeaders.PSObject.Properties.Name) {
$authHeader = $exHeaders.WwwAuthenticate.Parameter
} elseif ('WWW-Authenticate' -in $exHeaders) {
$authHeader = $exHeaders['WWW-Authenticate']
} else {
Write-Debug "No WWW-Authenticate header found. Re-throwing exception"
throw
}
# parse the file name and get the contents
Write-Debug "WWW-Authenticate header: $authHeader"
$keyFile = $authHeader.Split('=')[1]
Expand Down

0 comments on commit 8255674

Please sign in to comment.