diff --git a/CHANGELOG.md b/CHANGELOG.md index 43d15e53a..49d0d1f92 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -107,6 +107,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). - Removed `-FileUrl` parameter from `Get-PnPSharingLink`. It was marked obsolete. - Removed `-WebLogin` parameter from `Connect-PnPOnline` cmdlet. It was marked obsolete and was a security risk. - Removed `Set-PnPMinimalDownloadStrategy` as it's not applicable anymore to SharePoint Online. If you need the functionality you can always turn on the feature with `Enable-PnPFeature -Id 87294c72-f260-42f3-a41b-981a2ffce37a` or turn it off with `Disable-PnPFeature -Id 87294c72-f260-42f3-a41b-981a2ffce37a` +- Removed `-SPOManagementShell` parameter from `Connect-PnPOnline` cmdlet. It reduces the risk of changes coming from Microsoft. Use your own Entra ID app instead. ### Contributors diff --git a/MIGRATE-2.0-to-3.0.md b/MIGRATE-2.0-to-3.0.md index bbbd5f5f4..d9097cefd 100644 --- a/MIGRATE-2.0-to-3.0.md +++ b/MIGRATE-2.0-to-3.0.md @@ -65,6 +65,7 @@ Recommend referring to these 2 links: | Register-PnPEntraIDApp | Removed `-LaunchBrowser`, `-NoPopup` and credential based auth. The default auth method is now Interactive.| | Register-PnPEntraIDAppForInteractiveLogin | Removed `-LaunchBrowser`, `-NoPopup` and credential based auth. The default auth method is now Interactive.| | Set-PnPMinimalDownloadStrategy | Removed cmdlet. If you need the functionality you can always turn on the feature with `Enable-PnPFeature -Id 87294c72-f260-42f3-a41b-981a2ffce37a` or turn it off with `Disable-PnPFeature -Id 87294c72-f260-42f3-a41b-981a2ffce37a` | +| Connect-PnPOnline | Removed `-SPOManagementShell` option for authentication. It reduces the risk of changes from Microsoft which can potentially break the scripts . Use your own Entra ID app instead via `-ClientId` parameter. | ## Other notable changes diff --git a/src/Commands/Base/ConnectOnline.cs b/src/Commands/Base/ConnectOnline.cs index 9c35243d3..557a3fdca 100644 --- a/src/Commands/Base/ConnectOnline.cs +++ b/src/Commands/Base/ConnectOnline.cs @@ -27,7 +27,6 @@ public class ConnectOnline : BasePSCmdlet private const string ParameterSet_ACSAPPONLY = "SharePoint ACS (Legacy) App Only"; private const string ParameterSet_APPONLYAADCERTIFICATE = "App-Only with Azure Active Directory"; private const string ParameterSet_APPONLYAADTHUMBPRINT = "App-Only with Azure Active Directory using a certificate from the Windows Certificate Management Store by thumbprint"; - private const string ParameterSet_SPOMANAGEMENT = "SPO Management Shell Credentials"; private const string ParameterSet_DEVICELOGIN = "PnP Management Shell / DeviceLogin"; private const string ParameterSet_ACCESSTOKEN = "Access Token"; private const string ParameterSet_SYSTEMASSIGNEDMANAGEDIDENTITY = "System Assigned Managed Identity"; @@ -39,14 +38,10 @@ public class ConnectOnline : BasePSCmdlet private const string ParameterSet_AZUREAD_WORKLOAD_IDENTITY = "Azure AD Workload Identity"; private const string ParameterSet_OSLOGIN = "OS login"; - private const string SPOManagementClientId = "9bc3ab49-b65d-410a-85ad-de819febfddc"; - private const string SPOManagementRedirectUri = "https://oauth.spops.microsoft.com/"; - [Parameter(Mandatory = false, ParameterSetName = ParameterSet_CREDENTIALS, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT, ValueFromPipeline = true)] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACCESSTOKEN, ValueFromPipeline = true)] @@ -63,7 +58,6 @@ public class ConnectOnline : BasePSCmdlet [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT, ValueFromPipeline = true)] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE, ValueFromPipeline = true)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACCESSTOKEN, ValueFromPipeline = true)] @@ -80,7 +74,6 @@ public class ConnectOnline : BasePSCmdlet [Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_ACSAPPONLY, ValueFromPipeline = true)] [Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE, ValueFromPipeline = true)] [Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT, ValueFromPipeline = true)] - [Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_SPOMANAGEMENT, ValueFromPipeline = true)] [Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_ACCESSTOKEN, ValueFromPipeline = true)] [Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_DEVICELOGIN, ValueFromPipeline = true)] [Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_INTERACTIVE, ValueFromPipeline = true)] @@ -97,7 +90,6 @@ public class ConnectOnline : BasePSCmdlet [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT)] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ENVIRONMENTVARIABLE)] @@ -106,11 +98,9 @@ public class ConnectOnline : BasePSCmdlet public PnPConnection Connection = PnPConnection.Current; [Parameter(Mandatory = false, ParameterSetName = ParameterSet_CREDENTIALS)] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)] public CredentialPipeBind Credentials; [Parameter(Mandatory = false, ParameterSetName = ParameterSet_CREDENTIALS)] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)] public SwitchParameter CurrentCredentials; [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)] @@ -124,7 +114,6 @@ public class ConnectOnline : BasePSCmdlet [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT)] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ENVIRONMENTVARIABLE)] @@ -135,16 +124,12 @@ public class ConnectOnline : BasePSCmdlet [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT)] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ENVIRONMENTVARIABLE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_OSLOGIN)] public string DriveName = "SPO"; - [Parameter(Mandatory = true, ParameterSetName = ParameterSet_SPOMANAGEMENT)] - public SwitchParameter SPOManagementShell; - [Parameter(Mandatory = true, ParameterSetName = ParameterSet_DEVICELOGIN)] public SwitchParameter DeviceLogin; @@ -206,10 +191,8 @@ public class ConnectOnline : BasePSCmdlet [Parameter(Mandatory = false, ParameterSetName = ParameterSet_CREDENTIALS)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)] - // [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYCLIENTIDCLIENTSECRETURL)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT)] - [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ENVIRONMENTVARIABLE)] [Parameter(Mandatory = false, ParameterSetName = ParameterSet_OSLOGIN)] @@ -351,9 +334,6 @@ protected void Connect(ref CancellationToken cancellationToken) // Connect using the used set parameters switch (ParameterSetName) { - case ParameterSet_SPOMANAGEMENT: - newConnection = ConnectSpoManagement(); - break; case ParameterSet_DEVICELOGIN: newConnection = ConnectDeviceLogin(); break; @@ -509,28 +489,13 @@ private PnPConnection ConnectACSAppOnly() return PnPConnection.CreateWithACSAppOnly(new Uri(Url), Realm, ClientId, ClientSecret, TenantAdminUrl, AzureEnvironment); } - /// - /// Connect using the parameter set SPOMANAGEMENT - /// - /// PnPConnection based on the parameters provided in the parameter set - private PnPConnection ConnectSpoManagement() - { - WriteVerbose("Connecting using the SharePoint Online Management Shell App Registration"); - WriteWarning("This option will be removed in release 3.2. Please register your own Entra ID App Registration use that client id to authenticate."); - ClientId = SPOManagementClientId; - RedirectUri = SPOManagementRedirectUri; - - WriteVerbose($"Using ClientID {ClientId}"); - - return ConnectCredentials(Credentials?.Credential, InitializationType.SPOManagementShell); - } /// /// Connect using the parameter set DEVICELOGIN /// /// PnPConnection based on the parameters provided in the parameter set private PnPConnection ConnectDeviceLogin() - { + { WriteVerbose("Connecting using Device Login"); var messageWriter = new CmdletMessageWriter(this); diff --git a/src/Commands/Enums/InitializationType.cs b/src/Commands/Enums/InitializationType.cs index b35f37056..b724f212d 100644 --- a/src/Commands/Enums/InitializationType.cs +++ b/src/Commands/Enums/InitializationType.cs @@ -13,7 +13,6 @@ public enum InitializationType DeviceLogin, Graph, GraphDeviceLogin, - SPOManagementShell, ManagedIdentity, EnvironmentVariable, AzureADWorkloadIdentity