private async Task <ServicePrincipalResponse> CreateAzureADApplicationIfNotExists(string displayName, string appIdUri, string tenantId)
{
try
{
var isNewApp = false;
var appCreated = default(IApplication);
ServicePrincipalResponse spr = new ServicePrincipalResponse();
// First check if the App exists, already
var appFilter = adClient.Applications.Where(app => app.IdentifierUris.Any(iduri => iduri == appIdUri));
var foundApp = await appFilter.ExecuteAsync();
if (foundApp.CurrentPage.Count == 0)
{
var newApp = new Application()
{
DisplayName = displayName,
};
newApp.IdentifierUris.Add(appIdUri);
newApp.PasswordCredentials.Add(
new PasswordCredential
{
StartDate = DateTime.UtcNow,
EndDate = DateTime.UtcNow.AddYears(2),
Value = CreateRandomClientSecretKey(),
KeyId = Guid.NewGuid(),
}
);
// set Application permissions like Azure Active Directory signin and read
var permissions = GetActiveDirectoryPermissions();
newApp.RequiredResourceAccess.Add(permissions);
spr.AppClientSecret = newApp.PasswordCredentials.First().Value;
var jsonstr = JsonConvert.SerializeObject(newApp);
await adClient.Applications.AddApplicationAsync(newApp);
appCreated = newApp;
isNewApp = true;
}
else
{
appCreated = foundApp.CurrentPage.FirstOrDefault();
// update the Password key
var updateAppPasswordCreds = new UpdateApplicationPasswordCredentials()
{
StartDate = DateTime.UtcNow,
EndDate = DateTime.UtcNow.AddYears(2),
Value = CreateRandomClientSecretKey(),
KeyId = Guid.NewGuid()
};
var passwordList = new List <UpdateApplicationPasswordCredentials>();
passwordList.Add(updateAppPasswordCreds);
var updateAppPasswordReq = new UpdateApplicationPasswordCredsRequest()
{
UpdateApplicationPasswordCreds = passwordList
};
await UpdateAzureADApplicationPasswordCredentialsRest(appCreated.ObjectId, updateAppPasswordReq, tenantId);
spr.AppClientSecret = updateAppPasswordCreds.Value;
}
spr.App = appCreated;
spr.IsNewApp = isNewApp;
return(spr);
}
catch (Exception ex)
{
logger.LogError(ex, "Create Azure AD Application {error}", ex.Message);
throw;
}
}
public async Task update_azureAD_Application_PasswordCreds()
{
var appUri = string.Format("https://{0}/{1}", tenantId, "unittestmsiot");
var repo = new ServicePrincipalRepository(activeDirectoryClient, logger);
var app = await repo.CreateAppAndServicePrincipal("unittestmsiot",
appUri,
"msiot123",
tenantId);
Assert.Equal("unittestmsiot", app.App.DisplayName);
var updateModel = new UpdateApplicationRequest
{
Homepage = "https://localhostunitest",
ReplyUrls = new List <string>
{
"https://localhostunitest"
}
};
await repo.UpdateAzureADApplication(app.App.ObjectId,
updateModel,
tenantId);
app = await repo.CreateAppAndServicePrincipal("unittestmsiot",
appUri,
"msiot123",
tenantId);
Assert.Equal(updateModel.Homepage, app.App.Homepage);
Assert.True(app.App.ReplyUrls.Contains("https://localhostunitest"));
// now update the password credentials object
UpdateApplicationPasswordCredentials updateAppPasswordCreds =
new UpdateApplicationPasswordCredentials
{
StartDate = DateTime.UtcNow,
EndDate = DateTime.UtcNow.AddYears(1),
Value = CreateRandomClientSecretKey(),
KeyId = Guid.NewGuid()
};
var passwordList = new List <UpdateApplicationPasswordCredentials>();
passwordList.Add(updateAppPasswordCreds);
var updateAppPasswordReq = new UpdateApplicationPasswordCredsRequest
{
UpdateApplicationPasswordCreds = passwordList
};
await repo.UpdateAzureADApplicationPasswordCredentials(app.App.ObjectId,
updateAppPasswordReq,
tenantId);
app = await repo.CreateAppAndServicePrincipal("unittestmsiot",
appUri,
"msiot123",
tenantId);
Assert.Equal(updateAppPasswordCreds.StartDate,
app.App.PasswordCredentials[0]
.StartDate);
Assert.Equal(updateAppPasswordCreds.EndDate,
app.App.PasswordCredentials[0]
.EndDate);
}
