|
| 1 | +# CLAUDE.md |
| 2 | + |
| 3 | +This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. |
| 4 | + |
| 5 | +## Project Overview |
| 6 | + |
| 7 | +This is an Azure AD MFA Report generator written in Python. It uses Azure CLI authentication to connect to Azure AD/Microsoft Graph API and generates an Excel report showing MFA registration status for all users in a tenant. |
| 8 | + |
| 9 | +## Development Commands |
| 10 | + |
| 11 | +### Setup and Dependencies |
| 12 | +```bash |
| 13 | +# Install dependencies (requires Poetry) |
| 14 | +poetry install --no-dev |
| 15 | + |
| 16 | +# Install development dependencies |
| 17 | +poetry install |
| 18 | + |
| 19 | +# Select Python version if multiple installed |
| 20 | +poetry env use python3.9 |
| 21 | +``` |
| 22 | + |
| 23 | +### Running the Application |
| 24 | +```bash |
| 25 | +# Login to Azure CLI first |
| 26 | +az login |
| 27 | + |
| 28 | +# Run the MFA report generator |
| 29 | +poetry run mfa_report |
| 30 | +``` |
| 31 | + |
| 32 | +### Code Quality Tools |
| 33 | +```bash |
| 34 | +# Format code with Black |
| 35 | +poetry run fmt |
| 36 | + |
| 37 | +# Run linting with flake8 |
| 38 | +poetry run flake8 |
| 39 | + |
| 40 | +# Type checking with mypy |
| 41 | +poetry run mypy . |
| 42 | + |
| 43 | +# Run tests |
| 44 | +poetry run pytest |
| 45 | +``` |
| 46 | + |
| 47 | +## Architecture Overview |
| 48 | + |
| 49 | +### Core Components |
| 50 | + |
| 51 | +1. **main.py** - Entry point that orchestrates the entire MFA report generation: |
| 52 | + - Handles SSL certificate configuration |
| 53 | + - Authenticates using Azure CLI credentials |
| 54 | + - Retrieves MFA registration details from graph.windows.net |
| 55 | + - Fetches user account details from graph.microsoft.com |
| 56 | + - Merges data and generates Excel report |
| 57 | + |
| 58 | +2. **helpers.py** - Contains all utility functions: |
| 59 | + - `handle_custom_ssl()` - Injects custom CA certificates for SSL proxy environments |
| 60 | + - `get_azure_credentials()` - Gets Azure CLI credentials |
| 61 | + - `get_auth_user_details()` - Fetches MFA registration data |
| 62 | + - `get_aad_users()` - Async parallel fetching of user details |
| 63 | + - `xlsx_dict_prep()` - Prepares data for Excel export |
| 64 | + - `generate_xlsx()` - Creates the Excel report file |
| 65 | + |
| 66 | +### Key Technical Details |
| 67 | + |
| 68 | +- Uses two different Microsoft Graph endpoints: |
| 69 | + - `graph.windows.net` (beta API) for MFA registration details |
| 70 | + - `graph.microsoft.com` (beta API) for user account details |
| 71 | +- Implements async/parallel requests using aiohttp for performance |
| 72 | +- Handles Windows AD vs Azure AD accounts differently |
| 73 | +- Supports custom SSL certificates via certificate.pem file |
| 74 | +- Generates timestamped Excel reports with formatted tables |
| 75 | + |
| 76 | +### Dependencies |
| 77 | + |
| 78 | +- Azure CLI authentication via `azure-cli-core` |
| 79 | +- Async HTTP requests with `aiohttp` |
| 80 | +- Excel generation using `openpyxl` |
| 81 | +- SSL certificate handling through `certifi` |
0 commit comments