Draft: Samba Azure AD Join code
This contains WIP Rust integration code, as well as some WIP AAD (Entra ID) enrollment code.
How enrollment works:
The calling code first authenticates using MSAL against the Broker application id and requesting the DRS service in the scope (see my WIP documentation for more details). This MSAL code still needs to be implemented. The authentication mechanism obtains the necessary information to perform the auth (such as tenant_id and authority_host) from a call to request_federation_provider.
Next, the calling code discovers services by calling discover_enrollment_services and passing the access token received during authentication along with the domain name.
Finally, the calling code generates two pairs of RSA2048 keys. The first key is used to generate a CSR, and the second key is the transport key. The register_device function is passed the discovered services, the public portion of the transport key, the csr, the access token, and the domain being joined. I should probably also make the machine name configurable here (right now it just uses the current hostname). The out parameter response is an Enrollment struct containing the signed certificate and device id (which represents the device joined in AAD).
The Certificate and transport key are used later for authenticating a user.
Checklist
-
Commits have Signed-off-by:with name/author being identical to the commit author -
(optional) This MR is just one part towards a larger feature. -
(optional, if backport required) Bugzilla bug filed and BUG:tag added -
Test suite updated with functionality tests -
Test suite updated with negative tests -
Documentation updated -
CI timeout is 3h or higher (see Settings/CICD/General pipelines/ Timeout)
Reviewer's checklist:
-
There is a test suite reasonably covering new functionality or modifications -
Function naming, parameters, return values, types, etc., are consistent and according to README.Coding.md -
This feature/change has adequate documentation added -
No obvious mistakes in the code