public void CanCRUDApplication()
        {
            using (var context = FluentMockContext.Start(GetType().FullName))
            {
                IGraphRbacManager manager = TestHelper.CreateGraphRbacManager();
                String            name    = SdkContext.RandomResourceName("javasdkapp", 20);

                IActiveDirectoryApplication application = null;
                try
                {
                    application = manager.Applications.Define(name)
                                  .WithSignOnUrl("http://easycreate.azure.com/" + name)
                                  .DefinePasswordCredential("passwd")
                                  .WithPasswordValue("P@ssw0rd")
                                  .WithDuration(TimeSpan.FromDays(100))
                                  .Attach()
                                  .DefineCertificateCredential("cert")
                                  .WithAsymmetricX509Certificate()
                                  .WithPublicKey(File.ReadAllBytes("Assets/myTest.cer"))
                                  .WithDuration(TimeSpan.FromDays(100))
                                  .Attach()
                                  .DefineCertificateCredential("cert")
                                  .WithAsymmetricX509Certificate()
                                  .WithPublicKey(File.ReadAllBytes("Assets/myTest2.cer"))
                                  .WithDuration(TimeSpan.FromDays(80))
                                  .Attach()
                                  .Create();
                    Console.WriteLine(application.Id + " - " + application.ApplicationId);
                    Assert.NotNull(application.Id);
                    Assert.NotNull(application.ApplicationId);
                    Assert.Equal(name, application.Name);
                    Assert.Equal(2, application.CertificateCredentials.Count);
                    Assert.Equal(1, application.PasswordCredentials.Count);
                    Assert.Equal(1, application.ReplyUrls.Count);
                    Assert.Equal(1, application.IdentifierUris.Count);
                    Assert.Equal("http://easycreate.azure.com/" + name, application.SignOnUrl.ToString());

                    application.Update()
                    .WithoutCredential("passwd")
                    .Apply();
                    Console.WriteLine(application.Id + " - " + application.ApplicationId);
                    Assert.Equal(0, application.PasswordCredentials.Count);
                }
                finally
                {
                    if (application != null)
                    {
                        manager.Applications.DeleteById(application.Id);
                    }
                }
            }
        }
 private static void UpdateApplication(Azure.IAuthenticated authenticated, IActiveDirectoryApplication activeDirectoryApplication)
 {
     Utilities.Log("Updating Active Directory application...");
     activeDirectoryApplication.Update()
     // add another password credentials
     .DefinePasswordCredential("password-1")
     .WithPasswordValue("P@ssw0rd-1")
     .WithDuration(TimeSpan.FromDays(700))
     .Attach()
     // add a reply url
     .WithReplyUrl("http://localhost:8080")
     .Apply();
 }
Exemple #3
0
        public async Task RemoveExpiredKeys(IActiveDirectoryApplication application)
        {
            Log.LogDebug($"Remove expired keys of application with Id '{application.Id}'");

            try
            {
                var expiredCredentials = application
                                         .PasswordCredentials
                                         .Where(s => s.Value.EndDate < DateTime.UtcNow)
                                         .ToList();

                if (expiredCredentials.Any())
                {
                    foreach (var expiredCredential in expiredCredentials)
                    {
                        string keyName = expiredCredential.Value.Name;

                        await application
                        .Update()
                        .WithoutCredential(keyName)
                        .ApplyAsync();

                        Log.LogInformation($"Removed the expired key '{keyName}' of application with id '{application.Id}'");
                    }
                }
                else
                {
                    Log.LogInformation($"No expired keys to remove for application with id '{application.Id}'");
                }

                Log.LogDebug($"Removed all expired keys of application with id '{application.Id}'");
            }
            catch (GraphErrorException ex)
            {
                if (ex.Response.StatusCode == HttpStatusCode.Forbidden)
                {
                    Log.LogError($"Forbidden to remove expired keys of active directory application with id '{application.Id}'");
                    Log.LogDebug($"Extra info for application with id '{application.Id}': '{ex.Response.Content}'.");
                }
                else
                {
                    Log.LogError(ex.Response.Content);
                }
            }
        }
Exemple #4
0
        public async Task AddSecretToActiveDirectoryApplication(IActiveDirectoryApplication application, string keyName, string key, int keyDurationInMinutes)
        {
            Log.LogDebug($"Add new secret to application with Id '{application.Id}'");

            string availableKeyName = GetAvailableKeyName(application, keyName, 1);

            if (keyDurationInMinutes < 1)
            {
                keyDurationInMinutes = Convert.ToInt32(Environment.GetEnvironmentVariable("KeyDurationInMinutes", EnvironmentVariableTarget.Process));
                Log.LogDebug($"No custom keyduration so use default keyduration of '{keyName}' minutes");
            }
            var      duration = new TimeSpan(0, keyDurationInMinutes, 0);
            DateTime utcNow   = DateTime.UtcNow;

            try
            {
                await application
                .Update()
                .DefinePasswordCredential(availableKeyName)
                .WithPasswordValue(key)
                .WithStartDate(utcNow)
                .WithDuration(duration)
                .Attach()
                .ApplyAsync();

                Log.LogInformation($"Added new key with name '{availableKeyName}' to application with id '{application.Id}' that is valid from UTC '{utcNow}' with a duraction of '{keyDurationInMinutes}' minutes");
            }
            catch (GraphErrorException ex)
            {
                if (ex.Response.StatusCode == HttpStatusCode.Forbidden)
                {
                    Log.LogError($"Forbidden to set key for active directory application with id '{application.Id}'");
                    Log.LogDebug($"Extra info for application with id '{application.Id}': '{ex.Response.Content}'.");
                }
                else
                {
                    Log.LogError(ex.Response.Content);
                }
            }
        }
        private async Task AddSecretToActiveDirectoryApplication(IActiveDirectoryApplication application, string keyName, string key)
        {
            _log.Verbose($"Add new secret to application with Id '{application.Id}'");

            string   availableKeyName     = GetAvailableKeyName(application, keyName, 1);
            int      keyDurationInMinutes = 5;
            var      duration             = new TimeSpan(0, keyDurationInMinutes, 0);
            DateTime utcNow = DateTime.UtcNow;

            try
            {
                // Remove all existing keys... https://github.com/Azure/azure-libraries-for-net/issues/414
                await application
                .Update()
                .DefinePasswordCredential(availableKeyName)
                .WithPasswordValue(key)
                .WithStartDate(utcNow)
                .WithDuration(duration)
                .Attach()
                .ApplyAsync();

                _log.Info($"Added new key with name '{availableKeyName}' to application with id '{application.Id}' that is valid from UTC '{utcNow}' with a duraction of '{keyDurationInMinutes}' minutes");
            }
            catch (GraphErrorException ex)
            {
                if (ex.Response.StatusCode == HttpStatusCode.Forbidden)
                {
                    _log.Error($"Forbidden to set key for active directory application with id '{application.Id}'");
                    _log.Verbose($"Extra info for application with id '{application.Id}': '{ex.Response.Content}'.");
                }
                else
                {
                    _log.Error(ex.Response.Content);
                }
            }
        }
        public void CanCRUDApplication()
        {
            using (var context = FluentMockContext.Start(GetType().FullName))
            {
                IGraphRbacManager manager = TestHelper.CreateGraphRbacManager();
                String            name    = SdkContext.RandomResourceName("javasdkapp", 20);

                IActiveDirectoryApplication application = null;
                try
                {
                    application = manager.Applications.Define(name)
                                  .WithSignOnUrl("http://easycreate.azure.com/" + name)
                                  .DefinePasswordCredential("passwd")
                                  .WithPasswordValue("P@ssw0rd")
                                  .WithDuration(TimeSpan.FromDays(100))
                                  .Attach()
                                  .DefineCertificateCredential("cert")
                                  .WithAsymmetricX509Certificate()
                                  .WithPublicKey(File.ReadAllBytes("Assets/myTest.cer"))
                                  .WithDuration(TimeSpan.FromDays(100))
                                  .Attach()
                                  .DefineCertificateCredential()
                                  .WithAsymmetricX509Certificate()
                                  .WithPublicKey(File.ReadAllBytes("Assets/myTest2.cer"))
                                  .WithDuration(TimeSpan.FromDays(80))
                                  .Attach()
                                  .Create();
                    Console.WriteLine(application.Id + " - " + application.ApplicationId);
                    Assert.NotNull(application.Id);
                    Assert.NotNull(application.ApplicationId);
                    Assert.Equal(name, application.Name);
                    Assert.Equal(2, application.CertificateCredentials.Count);
                    Assert.Equal(1, application.PasswordCredentials.Count);
                    Assert.Equal(1, application.ReplyUrls.Count);
                    Assert.Equal(1, application.IdentifierUris.Count);
                    Assert.Equal("http://easycreate.azure.com/" + name, application.SignOnUrl.ToString());

                    // check thumbprint, the customKeyIdentifier would be thumbprint if not set
                    var certificate      = new X509Certificate("Assets/myTest2.cer");
                    var certificateCount = 0;
                    foreach (var certificateCredential in application.CertificateCredentials.Values)
                    {
                        if (certificateCredential.Name != "cert")
                        {
                            certificateCount++;
                            Assert.Equal(certificate.GetCertHashString(), certificateCredential.CustomKeyIdentifier);
                        }
                    }
                    Assert.True(certificateCount > 0);

                    application.Update()
                    .DefinePasswordCredential("passwd2")
                    .WithPasswordValue("StrongPass!12")
                    .WithDuration(TimeSpan.FromDays(20))
                    .Attach()
                    .DefineCertificateCredential("cert")
                    .WithAsymmetricX509Certificate()
                    .WithPublicKey(File.ReadAllBytes("Assets/myTest2.cer"))
                    .WithDuration(TimeSpan.FromDays(1))
                    .Attach()
                    .WithoutCredentialByIdentifier(certificate.GetCertHashString())
                    .Apply();

                    Console.WriteLine(application.Id + " - " + application.ApplicationId);
                    Assert.Equal(2, application.PasswordCredentials.Count);
                    Assert.Equal(2, application.CertificateCredentials.Count);

                    application.Update()
                    .WithoutCredential("passwd")
                    .Apply();
                    Console.WriteLine(application.Id + " - " + application.ApplicationId);
                    Assert.Equal(1, application.PasswordCredentials.Count);
                    Assert.Equal("passwd2", application.PasswordCredentials.First().Value.Name);
                }
                finally
                {
                    if (application != null)
                    {
                        manager.Applications.DeleteById(application.Id);
                    }
                }
            }
        }