public async Task UpdateAzureADApplicationPasswordCredentials(string appObjectId,
UpdateApplicationPasswordCredsRequest updateReq, string tenantId, string token)
{
try
{
await UpdateAzureADApplicationPasswordCredentialsRest(appObjectId,
updateReq, tenantId, token);
}
catch (Exception ex)
{
Log.Error("Update Azure AD Application {@error}", ex.Message);
throw ex;
}
}
private static async Task UpdateAzureADApplicationPasswordCredentialsRest(string appObjectId,
UpdateApplicationPasswordCredsRequest updateReq, string tenantId, string token)
{
try
{
var client = new RestClient(_graphUrl);
var endPoint = String.Format("/{0}/applications/{1}/passwordCredentials", tenantId, appObjectId);
var request = new RestRequest(endPoint, Method.PATCH);
request.AddQueryParameter("api-version", "1.6");
request.AddHeader("Authorization", "Bearer " + token);
request.AddHeader("Content-Type", "application/json");
var body = JsonConvert.SerializeObject(updateReq);
request.AddParameter("application/json", body, ParameterType.RequestBody);
await client.ExecuteTaskAsync(request);
}
catch (Exception ex)
{
Log.Error("Update Azure AD Application {@error}", ex.Message);
throw ex;
}
}
private async Task <ServicePrincipalResponse> CreateAzureADApplicationIfNotExists(string displayName, string appIdUri, string tenantId)
{
try
{
var isNewApp = false;
var appCreated = default(IApplication);
ServicePrincipalResponse spr = new ServicePrincipalResponse();
// First check if the App exists, already
var appFilter = adClient.Applications.Where(app => app.IdentifierUris.Any(iduri => iduri == appIdUri));
var foundApp = await appFilter.ExecuteAsync();
if (foundApp.CurrentPage.Count == 0)
{
var newApp = new Application()
{
DisplayName = displayName,
};
newApp.IdentifierUris.Add(appIdUri);
newApp.PasswordCredentials.Add(
new PasswordCredential
{
StartDate = DateTime.UtcNow,
EndDate = DateTime.UtcNow.AddYears(2),
Value = CreateRandomClientSecretKey(),
KeyId = Guid.NewGuid(),
}
);
// set Application permissions like Azure Active Directory signin and read
var permissions = GetActiveDirectoryPermissions();
newApp.RequiredResourceAccess.Add(permissions);
spr.AppClientSecret = newApp.PasswordCredentials.First().Value;
var jsonstr = JsonConvert.SerializeObject(newApp);
await adClient.Applications.AddApplicationAsync(newApp);
appCreated = newApp;
isNewApp = true;
}
else
{
appCreated = foundApp.CurrentPage.FirstOrDefault();
// update the Password key
var updateAppPasswordCreds = new UpdateApplicationPasswordCredentials()
{
StartDate = DateTime.UtcNow,
EndDate = DateTime.UtcNow.AddYears(2),
Value = CreateRandomClientSecretKey(),
KeyId = Guid.NewGuid()
};
var passwordList = new List <UpdateApplicationPasswordCredentials>();
passwordList.Add(updateAppPasswordCreds);
var updateAppPasswordReq = new UpdateApplicationPasswordCredsRequest()
{
UpdateApplicationPasswordCreds = passwordList
};
await UpdateAzureADApplicationPasswordCredentialsRest(appCreated.ObjectId, updateAppPasswordReq, tenantId);
spr.AppClientSecret = updateAppPasswordCreds.Value;
}
spr.App = appCreated;
spr.IsNewApp = isNewApp;
return(spr);
}
catch (Exception ex)
{
logger.LogError(ex, "Create Azure AD Application {error}", ex.Message);
throw;
}
}
private async Task UpdateAzureADApplicationPasswordCredentialsRest(string appObjectId, UpdateApplicationPasswordCredsRequest updateReq, string tenantId)
{
try
{
var adApp = await adClient.Applications.GetByObjectId(appObjectId).ExecuteAsync();
adApp.PasswordCredentials.Clear();
foreach (var req in updateReq.UpdateApplicationPasswordCreds)
{
adApp.PasswordCredentials.Add(new PasswordCredential
{
Value = req.Value,
KeyId = req.KeyId,
StartDate = req.StartDate,
EndDate = req.EndDate
});
}
await adApp.UpdateAsync();
}
catch (Exception ex)
{
logger.LogError(ex, "Update Azure AD Application {error}", ex.Message);
throw;
}
}
public async Task UpdateAzureADApplicationPasswordCredentials(string appObjectId, UpdateApplicationPasswordCredsRequest updateReq, string tenantId)
{
try
{
await UpdateAzureADApplicationPasswordCredentialsRest(appObjectId, updateReq, tenantId);
}
catch (Exception ex)
{
logger.LogError(ex, "Update Azure AD Application {error}", ex.Message);
throw;
}
}
public async Task update_azureAD_Application_PasswordCreds()
{
var appUri = string.Format("https://{0}/{1}", tenantId, "unittestmsiot");
var repo = new ServicePrincipalRepository(activeDirectoryClient, logger);
var app = await repo.CreateAppAndServicePrincipal("unittestmsiot",
appUri,
"msiot123",
tenantId);
Assert.Equal("unittestmsiot", app.App.DisplayName);
var updateModel = new UpdateApplicationRequest
{
Homepage = "https://localhostunitest",
ReplyUrls = new List <string>
{
"https://localhostunitest"
}
};
await repo.UpdateAzureADApplication(app.App.ObjectId,
updateModel,
tenantId);
app = await repo.CreateAppAndServicePrincipal("unittestmsiot",
appUri,
"msiot123",
tenantId);
Assert.Equal(updateModel.Homepage, app.App.Homepage);
Assert.True(app.App.ReplyUrls.Contains("https://localhostunitest"));
// now update the password credentials object
UpdateApplicationPasswordCredentials updateAppPasswordCreds =
new UpdateApplicationPasswordCredentials
{
StartDate = DateTime.UtcNow,
EndDate = DateTime.UtcNow.AddYears(1),
Value = CreateRandomClientSecretKey(),
KeyId = Guid.NewGuid()
};
var passwordList = new List <UpdateApplicationPasswordCredentials>();
passwordList.Add(updateAppPasswordCreds);
var updateAppPasswordReq = new UpdateApplicationPasswordCredsRequest
{
UpdateApplicationPasswordCreds = passwordList
};
await repo.UpdateAzureADApplicationPasswordCredentials(app.App.ObjectId,
updateAppPasswordReq,
tenantId);
app = await repo.CreateAppAndServicePrincipal("unittestmsiot",
appUri,
"msiot123",
tenantId);
Assert.Equal(updateAppPasswordCreds.StartDate,
app.App.PasswordCredentials[0]
.StartDate);
Assert.Equal(updateAppPasswordCreds.EndDate,
app.App.PasswordCredentials[0]
.EndDate);
}
