C# application that reads Rapid7 Alert emails from a mailbox in Office 365, parses them and sends them to Slack as notifications.
Libraries used in the creation of this program:
- TopShelf - http://topshelf-project.com/
- Newtonsoft.Json - https://www.newtonsoft.com/json
- CredentialManagement - https://archive.codeplex.com/?p=credentialmanagement
- Html2Markdown - https://github.com/baynezy/Html2Markdown
- HtmlAgilityPack - http://html-agility-pack.net/
- NLog - http://nlog-project.org/
- RestSharp - http://restsharp.org/
A special thanks to the developers of these libraries for making the creation of small programs like these much much easier for people such as myself! :)
Steps needed to set up Azure AD Application so it can read specified mailbox securely.
- Go to Azure AD Admin Center - https://aad.portal.azure.com
- Open App Registrations
- Click New Application Registration
- Enter in the Name, select 'Native' as Application Type and type https://localhost for Redirect URI
- Click on the new app and select All Settings
- Click Required Permissions
- Remove any preconfigured APIs you do not need access to (such as Windows Azure Active Directory)
- Click Add
- Select the API scopes you wish to grant the application and save (in this case grant MS Graph API access with Read User mail and Read and Write User Mail delegate access)
- Click Grant Permissions along the top
- Click Enterprise Applications along the left
- Select All Applications
- Find the new application from the list and select it
- Click Properties
- After everything loads switch User Assignment Required? To Yes and Visible To Users? to No
- Create a new user account in Azure AD that will gain access to the app if one does not already exist. Ensure that the account has licensing in Office 365 so that a mailbox is generated for it.
- Open PowerShell
- Import the AzureAD module (https://docs.microsoft.com/en-us/powershell/azure/active-directory/install-adv2?view=azureadps-2.0)
- Connect to AzureAD using the Connect-AzureAD cmdlet (https://docs.microsoft.com/en-us/powershell/azure/active-directory/install-adv2?view=azureadps-2.0)
- Run the following commands (modify to what you need) $user = Get-AzureADUser -ObjectId username@domain.com $sp = Get-AzureADServicePrincipal -Filter "displayname eq '{New App's Name Goes Here}'" New-AzureADUserAppRoleAssignment -ObjectId $user.ObjectId -PrincipalId $user.ObjectId -ResourceId $sp.ObjectId -Id ([Guid]::Empty)
- Verify in the web GUI that the user shows up in the applications Overview as a tile
- Go back to the new Azure AD App and copy the Application ID (aka Client ID) and the Tenant ID (can be found in the endpoints list or in the tenant properties)
References: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-coreapps-assign-user-azure-portal
https://serverfault.com/questions/845293/how-to-assign-users-to-a-native-app-in-azure-ad