A Tiny Project to renew Microsoft 365 E5 Developer accounts with features:
- Utilizes GitHub Actions to renew Microsoft 365 E5 Developer accounts.
- 100% Free for use.
- Security is ensured by using GitHub Secrets, no need to worry about the account being stolen.
@WangZiYingWen
:https://github.com/wangziyingwen/TippeColee
:https://github.com/TippeColee/
- Hide all the secrets required for the project in GitHub Secrets.
- Rename the files to make it easier to understand.
- Simplify the code in
auto_renew_e5.py
. - Optimize the workflow
How to fork a repository: https://docs.github.com/en/github/getting-started-with-github/fork-a-repo
Login to your Azure Portal, and click Azure Active Directory
in the top sidebar.
In the left sidebar, click App registrations
, and then click New registration
.
Select Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
as the supported account type.
Then in the Redirect URI
section, select Web
and fill in http://localhost:53682/
as the redirect URI.
Click Register
to finish the registration.
Please save your new application's Application (client) ID
as Value[1]
and Client secret
as Value[2]
for later use.
Click your new application's name in the App registrations
page, and then click Certificates & secrets
in the left sidebar.
Click New client secret
and fill in a description for your new client secret.
Please save your new client secret
as Value [3]
for later use.
Then click Authentication
in the left sidebar. In Implicit grant and hybrid flows
, select ID tokens
and Access tokens
. The click Save
to finish the Authentication
configuration.
Then, click API permissions
in the left sidebar. Click Add a permission
, and then select Microsoft Graph
in the APIs my organization uses
section.
Add all the permissions listed below, and click Add permissions
to finish the API permissions
configuration:
files.read.all
files.readwrite.all
sites.read.all
sites.readwriter.all
user.read.all
user.readwrite.all
directory.read.all
directory.readwrite.all
mail.read
mail.readwrite
mailboxsetting.read
mailboxsetting.readwrite
To be honest, not all of the permissions are required. It depends on the API list in auto_renew_e5.py
. You can remove the permissions if you don't need.
Finally, click Grant admin consent for <your tenant name>
to grant the permissions to your tenant.
Install rclone
on your computer, and then run the following command to get your first refresh token.
- For windows users, you can download
rclone
from here, or usechoco install rclone
to install it. - For Linux and macOS users, please refer to this article.
For more information, please refer to this article. It will take you about 5 minutes to finish the registration.
When you are done, please run the following command to get your first refresh token.
rclone authorize "onedrive" "<Application (client) ID>" "<Value>"
Note:
Client secret
is not required.
After you run the command, a browser window will pop up, and you will be asked to log in to your E5 account. After you log in, you will be asked to grant the permissions to your new application. Please click Accept
to finish the authorization.
Then rclone
will return a JSON string:
{
"access_token": "eyJ0eXAiOi*****************",
"token_type": "Bearer",
"refresh_token": "0.AVY******************",
"expiry": "2023-03-20T23:06:01.8800926+08:00"
}
And the refresh_token
is what we need.
Login to your GitHub account, and click your profile picture in the top right corner, and then click Settings
.
In the end of left sidebar, click Developer settings
, and then click Personal access tokens
.
Select Fine-grained permissions
, and then click Generate new token
.
Fill in a description for your new token, set the expiration date to 1 year. In Repository access
section, select Only select repositories
, and then select your forked repository. In Repository access
section, select Secrets
, Metadata
and Actions
, set the permission to Read & write
. Finally, click Generate token
to finish the token creation.
Please save your new fine-grained token
as Value[5]
for later use.
Now, all the prerequisites are ready. Let's add the secrets to your repository.
Go back to your new forked repository, click Settings
in the end of left sidebar, and then click Secrets and variables
in the left sidebar.
Click Actions
, then choose the Secrets
tab, and then click New repository secret
.
Please add 4 secrets to your repository:
CONFIG_ID
:SaveApplication (client) ID
as the value. -->Value[1]
CONFIG_KEY
:SaveValue [3]
as the value. -->Value[3]
CONFIG_REFRESH
:Saverefresh_token
as the value. -->Value[4]
E5_API
:Savefine-grained token
as the value. -->Value[5]
Now everything is ready. You leave the rest to GitHub Actions.
This project is for educational and experimental purposes only. I am not responsible for any damage caused by this project. Please use it at your own risk.
As Github will disable inactive projects' action, we could add count here to activate it.
- 1