- ❓ How to use?
- ⚙️ Installation
- 📝 Variables
- 🕹 Deployment
- 🌐 Routes
- ⏰ Cron-Job
- ⛑️ Need help!
- ❤️ Credits & Thanks
By following the steps given below, you can use the public instance without deploying your own server or requiring any setup.
Important
- The generation of new refresh tokens using the public instance's default authorization client is now disabled.
- Old refresh tokens will continue to work until they are invalidated 90 days from the date of their issue.
- It is now mandatory to use your own authorization client with the public instance to maximize the probability of renewing your subscription.
- Below is the comprehensive guide on how to use your own authorization client with the public instance.
-
Acquire your client ID and secret as given here.
-
Redirect URL should be:
https://e5.thecaduceus.eu.org/auth
-
-
Provide your client ID and secret to server as URL paramters as given below and acquire your refresh token.
-
Your client ID and secret will be securely stored in your browser in an encrypted form to complete the authorization process. Once you close your browser, they will be erased.
https://e5.thecaduceus.eu.org/auth?client_id=YourClientID&client_secret=YourClientSecret
-
Tip
- To increase the chances of getting your subscription renewed, configure the tool for your subscription’s admin accounts first, and then for non-admin accounts.
- All refresh tokens issued by the server have a validity period of 90 days from the date of issue. You can acquire a new refresh token by logging in using the same URL (bookmark it!).
- Now create a cron-job here or any other service of your choice with following configuration:
-
URL:
https://e5.thecaduceus.eu.org/call
-
Interval: 1 - 8 hours.
-
Note
A too-small interval can lead to Microsoft API flooding issues.
-
Headers:
{"Content-Type":"application/json"}
-
Request Method: POST
-
Request Body:
{ "refresh_token": "YourRefreshTokenHere", "client_id": "YourClientID", "client_secret": "YourClientSecret" }
-
You did it!🎉
1.Install Python & Git:
-
For Windows:
winget install Python.Python.3.12 winget install Git.Git
-
For Linux:
sudo apt-get update && sudo apt-get install -y python3.12 git pip
-
For macOS:
brew install python@3.12 git
-
For Termux:
pkg install python -y pkg install git -y
2.Download repository:
git clone https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal.git
3.Change Directory:
cd Microsoft-E5-Auto-Renewal
4.Install requirements:
pip install -r requirements.txt
The variables provided below should either be completed within the config.py file or configured as environment variables.
CLIENT_ID
|E5_CLIENT_ID
: ID of your Azure Active Directory app.str
- Create an app in Azure Active Directory.
- Choose application type as 'Web' & set Redirect URL to
http://localhost:53682/
orhttps://e5.thecaduceus.eu.org/auth
in case you are creating one to use with public instance. - Copy the Application (client) ID.
CLIENT_SECRET
|E5_CLIENT_SECRET
: Secret of your Azure Active Directory app.str
- In your Azure Active Directory app overview, navigate to Client credentials and create secret.
REFRESH_TOKEN
|E5_REFRESH_TOKEN
: Refresh token for your admin account.str
-
In CLI, run:
python auth.py YourClientID YourClientSecret
-
Follow on-screen instructions.
-
From output, copy the value of
refresh_token
key.
-
Note
All refresh tokens issued by the authorization client have a validity period of 90 days from the date of issue.
WEB_APP_PASSWORD
|E5_WEB_APP_PASSWORD
: Strong password to protect critical routes of your web server.str
- Keep it strong and don't share it.
WEB_APP_HOST
|E5_WEB_APP_HOST
: Bind address of web server.str
- By default
0.0.0.0
to run on all possible addresses.
- By default
WEB_APP_PORT
|PORT
: Port for web server to listen to.int
- By default
8080
.
- By default
TIME_DELAY
|E5_TIME_DELAY
: Time (in seconds) to wait before calling another endpoint.int
- By default 3 seconds.
1.Running locally: (Best for testing)
python main.py
2.Using Docker: (Recommended)
- Build own Docker image:
docker build -t msft-e5-renewal .
- Run the Docker container:
docker run -p 8080:8080 msft-e5-renewal
-
/ - GET
Retrieve server statistics in JSON format, including the server version, total received requests, total successful requests, and the total number of errors encountered thus far.
-
Headers:
- None.
-
Parameters:
- None.
-
Example:
curl http://127.0.0.1:8080/
-
-
/call - POST
Command server to call Microsoft APIs on behalf of a user account.
-
Headers:
{"Content-Type":"application/json"}
-
Parameters: (as JSON)
password
(required) - The web app password.client_id
(optional) - ID of your Azure Active Directory app. By default provided client ID in config.py.client_secret
(optional) - Secret of your Azure Active Directory app. By default provided client secret in config.py.refresh_token
(optional) - The refresh token of user account to act behalf of. By default provided refresh token in config.py.
-
Example:
curl -X POST -H "Content-Type: application/json" -d '{"password":"RequiredPassword", "refresh_token": "OptionalRefreshToken"}' "http://127.0.0.1:8080/call"
-
-
/logs - GET
Generate download request for current log file.
-
Headers:
- None.
-
Parameters: (in URL)
password
(required) - The web app password.as_file
(optional) - By default, this parameter is set to False, allowing you to choose whether to send logs as a file with options True or False.
-
Example
curl -o "event-log.txt" "http://127.0.0.1:8080/logs?password=1234&as_file=True"
-
The Cron-Job will instruct our web server to invoke Microsoft APIs at regular intervals. To ensure proper functionality, the configuration of the cron-job must align with the following settings:
-
URL: Server address, can be an FQDN or an IP address followed by
/call
.-
In case of local deployment (private IP), you must setup cron-job on the same local network or reverse DNS.
https://example.com/call http://127.0.0.1:8080/call
-
-
Interval: 1 - 8 hours.
Warning
A too-small interval can lead to Microsoft API flooding issues.
-
Header:
{"Content-Type":"application/json"}
-
Request Method:
POST
-
Parameters: (as JSON)
password
(required) - The web app password.
For all other optional parameters, refer to here.
{ "password": "RequiredPassword", "refresh_token": "OptionalRefreshToken" }
- Ask questions or doubts here.
Dr.Caduceus: Owner & developer of Microsoft E5 Auto Renewal Tool.