Microsoft E5 Auto Renewal
An open-source Python program made using Quart & Uvicorn for automatic renewal of Microsoft's Developer E5 subscription.
## ** INDEX**
* [** How to use?**](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#how-to-use)
* [** Installation**](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#installation)
* [Python & Git](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#i-1)
* [Download](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#i-2)
* [Requirements](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#i-3)
* [** Variables**](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#variables)
* [** Deployment**](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#deployment)
* [Locally](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#d-1)
* [Docker](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#d-2)
* [** Routes**](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#routes)
* [** Cron-Job**](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#cron-job)
* [** Need help!**](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#help)
* [** Credits & Thanks**](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#credits)
## How to use?
**By following the steps given below, you can use the public instance without deploying your own server or requiring any setup.**
**1.Using default Authorization Client:** *(for newbies)*
* Open below [URL](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/https://e5.thecaduceus.eu.org/auth) and get your refresh token.
```
https://e5.thecaduceus.eu.org/auth
```
**2.Using own Authorization Client:** *(Recommended)*
* Acquire your client id and secret as given [here](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#variables).
* Redirect URL should be:
```
https://e5.thecaduceus.eu.org/auth
```
* Provide your client ID and client secret to server as URL paramters as given below and acquire your refresh token.
* Your client ID and client secret will be securely stored in your browser in an encrypted form to complete the authorization process. Once you close your browser, they will be erased.
```
https://e5.thecaduceus.eu.org/auth?client_id=YourClientID&client_secret=YourClientSecret
```
> [!NOTE]
> * To prevent cross-site request forgery (CSRF) attacks, the server will automatically add a 32-character-long CSRF token.
> * To increase the chances of getting your subscription renewed, configure the tool for your subscription’s admin accounts first, and then for non-admin accounts.
> * All refresh tokens issued by the server have a validity period of 90 days from the date of issue. You can acquire a new refresh token by logging in using the same URL.
* Now create a cron-job [here](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/https://cron-job.org) or any other service of your choice with following configuration:
* **URL:**
```
https://e5.thecaduceus.eu.org/call
```
* **Interval**: 1 - 8 hours.
> [!NOTE]
> A too-small interval can lead to Microsoft API flooding issues.
* **Headers:**
```json
{"Content-Type":"application/json"}
```
* **Request Method:** POST
* **Request Body:**
> [!NOTE]
> If you are using your own Authorization Client, you should also pass the values of *client_id* and *client_secret*.
```json
{"refresh_token": "YourRefreshTokenHere"}
```
* You did it!
## Installation
**1.Install Python & Git:**
For Windows:
```
winget install Python.Python.3.12
winget install Git.Git
```
For Linux:
```
sudo apt-get update && sudo apt-get install -y python3.12 git pip
```
For macOS:
```
brew install python@3.12 git
```
For Termux:
```
pkg install python -y
pkg install git -y
```
**2.Download repository:**
```
git clone https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal.git
```
**3.Change Directory:**
```
cd Microsoft-E5-Auto-Renewal
```
**4.Install requirements:**
```
pip install -r requirements.txt
```
## Variables
**The variables provided below should either be completed within the config.py file or configured as environment variables.**
* `CLIENT_ID`|`E5_CLIENT_ID`: ID of your Azure Active Directory app. `str`
* Create an app in [Azure Active Directory](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps).
* Choose application type as 'Web' & set Redirect URL to `http://localhost:53682/` or `https://e5.thecaduceus.eu.org/auth` in case you are creating one to use with public instance.
* Copy the Application (client) ID.
* `CLIENT_SECRET`|`E5_CLIENT_SECRET`: Secret of your Azure Active Directory app. `str`
* In your Azure Active Directory app overview, navigate to Client credentials and create secret.
* `REFRESH_TOKEN`|`E5_REFRESH_TOKEN`: Refresh token for your admin account. `str`
> [!NOTE]
> All refresh tokens issued by the authorization client have a validity period of 90 days from the date of issue.
* In CLI, run:
```
python auth.py YourClientID YourClientSecret
```
* Follow on-screen instructions.
* From output, copy the value of `refresh_token` key.
* `WEB_APP_PASSWORD`|`E5_WEB_APP_PASSWORD`: Strong password to protect critical routes of your web server. `str`
* Keep it strong and don't share it.
* `WEB_APP_HOST`|`E5_WEB_APP_HOST`: Bind address of web server. `str`
* By default `0.0.0.0` to run on all possible addresses.
* `WEB_APP_PORT`|`PORT`: Port for web server to listen to. `int`
* By default `8080`.
* `TIME_DELAY`|`E5_TIME_DELAY`: Time (in seconds) to wait before calling another endpoint. `int`
* By default 3 seconds.
## Deployment
**1.Running locally:** *(Best for testing)*
```
python main.py
```
**2.Using Docker:** *(Recommended)*
* Build own Docker image:
```
docker build -t msft-e5-renewal .
```
* Run the Docker container:
```
docker run -p 8080:8080 msft-e5-renewal
```
## Routes
* **/** - GET
Retrieve server statistics in JSON format, including the server version, total received requests, total successful requests, and the total number of errors encountered thus far.
* **Headers:**
* None.
* **Parameters:**
* None.
* **Example:**
```shell
curl http://127.0.0.1:8080/
```
* **/call** - POST
Command server to call Microsoft APIs on behalf of a user account.
* **Headers:**
```json
{"Content-Type":"application/json"}
```
* **Parameters: (as JSON)**
* `password` (*required*) - The web app password.
* `client_id` (*optional*) - ID of your Azure Active Directory app. By default provided client ID in *config.py*.
* `client_secret` (*optional*) - Secret of your Azure Active Directory app. By default provided client secret in *config.py*.
* `refresh_token` (*optional*) - The refresh token of user account to act behalf of. By default provided refresh token in *config.py*.
* **Example:**
```shell
curl -X POST -H "Content-Type: application/json" -d '{"password":"RequiredPassword", "refresh_token": "OptionalRefreshToken"}' "http://127.0.0.1:8080/call"
```
* **/logs** - GET
Generate download request for current log file.
* **Headers:**
* None.
* **Parameters: (in URL)**
* `password` (*required*) - The web app password.
* `as_file` (*optional*) - By default, this parameter is set to False, allowing you to choose whether to send logs as a file with options True or False.
* **Example**
```shell
curl -o "event-log.txt" "http://127.0.0.1:8080/logs?password=1234&as_file=True"
```
## Cron-Job
**The Cron-Job will instruct our web server to invoke Microsoft APIs at regular intervals. To ensure proper functionality, the configuration of the cron-job must align with the following settings:**
* **URL**: Server address, can be an FQDN or an IP address followed by `/call`.
* In case of local deployment (private IP), you must setup cron-job on the same local network or reverse DNS.
```
https://example.com/call
http://127.0.0.1:8080/call
```
* **Interval**: 1 - 8 hours.
> [!NOTE]
> A too-small interval can lead to Microsoft API flooding issues.
* **Header**:
```json
{"Content-Type":"application/json"}
```
* **Request Method**: `POST`
* **Parameters: (as JSON)**
* `password` (*required*) - The web app password.
For all other optional parameters, refer to [here](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/#routes).
```json
{
"password": "RequiredPassword",
"refresh_token": "OptionalRefreshToken"
}
```
## Need help!
- Ask questions or doubts [here](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/https://t.me/DrDiscussion).
## Credits & Thanks
[**Dr.Caduceus**](https://github.com/TheCaduceus/Microsoft-E5-Auto-Renewal/blob/master/https://github.com/TheCaduceus): Owner & developer of Microsoft E5 Auto Renewal Tool.