public async ValueTask <Response <ServicePrincipal> > CreateAsync(ServicePrincipalCreateParameters parameters, CancellationToken cancellationToken = default)
{
if (parameters == null)
{
throw new ArgumentNullException(nameof(parameters));
}
using var message = CreateCreateRequest(parameters);
await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false);
switch (message.Response.Status)
{
case 201:
{
ServicePrincipal value = default;
using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false);
if (document.RootElement.ValueKind == JsonValueKind.Null)
{
value = null;
}
else
{
value = ServicePrincipal.DeserializeServicePrincipal(document.RootElement);
}
return(Response.FromValue(value, message.Response));
}
public PSADServicePrincipal CreateServicePrincipal(CreatePSServicePrincipalParameters createParameters)
{
ServicePrincipalCreateParameters graphParameters = new ServicePrincipalCreateParameters
{
AppId = createParameters.ApplicationId.ToString(),
AccountEnabled = createParameters.AccountEnabled
};
try
{
return(GraphClient.ServicePrincipal.Create(graphParameters).ServicePrincipal.ToPSADServicePrincipal());
}
catch (CloudException ce)
{
if (ce.Response.StatusCode == HttpStatusCode.Forbidden)
{
GetCurrentUserResult currentUser = GraphClient.Objects.GetCurrentUser();
if (currentUser.AADObject != null && string.Equals(currentUser.AADObject.UserType, "Guest", StringComparison.InvariantCultureIgnoreCase))
{
throw new InvalidOperationException(ProjectResources.CreateServicePrincipalNotAllowedGuestUser);
}
}
throw;
}
}
public PSADServicePrincipal CreateServicePrincipal(CreatePSServicePrincipalParameters createParameters)
{
ServicePrincipalCreateParameters graphParameters = new ServicePrincipalCreateParameters
{
AppId = createParameters.ApplicationId.ToString(),
AccountEnabled = createParameters.AccountEnabled
};
return(GraphClient.ServicePrincipal.Create(graphParameters).ServicePrincipal.ToPSADServicePrincipal());
}
public ServicePrincipal CreateServicePrincipal(string appId)
{
var parameters = new ServicePrincipalCreateParameters
{
AccountEnabled = true,
AppId = appId
};
return(GraphClient.ServicePrincipal.Create(parameters).ServicePrincipal);
}
private ServicePrincipal CreateNewAdServicePrincipal(KeyVaultManagementController controllerAdmin, string appId)
{
var spParam = new ServicePrincipalCreateParameters
{
AppId = appId,
AccountEnabled = true
};
return(controllerAdmin.GraphClient.ServicePrincipals.Create(spParam));
}
public ServicePrincipal CreateServicePrincipal(MockContext context, string appId)
{
var parameters = new ServicePrincipalCreateParameters
{
AccountEnabled = true,
AppId = appId
};
return(GetGraphClient(context).ServicePrincipals.Create(parameters));
}
private ServicePrincipal CreateNewAdServicePrincipal(ResourcesController controllerAdmin, string appId)
{
var spParam = new ServicePrincipalCreateParameters
{
AppId = appId,
AccountEnabled = true
};
return(controllerAdmin.GraphClient.ServicePrincipal.Create(spParam).ServicePrincipal);
}
private static ServicePrincipalGetResult CreateServicePrincipal(ApplicationGetResult app, GraphRbacManagementClient graphClient)
{
var parameters = new ServicePrincipalCreateParameters
{
AccountEnabled = true,
AppId = app.Application.AppId
};
var servicePrincipal = graphClient.ServicePrincipal.Create(parameters);
return(servicePrincipal);
}
public virtual async Task <Response <ServicePrincipal> > CreateAsync(ServicePrincipalCreateParameters parameters, CancellationToken cancellationToken = default)
{
using var scope = _clientDiagnostics.CreateScope("ServicePrincipalsOperations.Create");
scope.Start();
try
{
return(await RestClient.CreateAsync(parameters, cancellationToken).ConfigureAwait(false));
}
catch (Exception e)
{
scope.Failed(e);
throw;
}
}
public virtual Response <ServicePrincipal> Create(ServicePrincipalCreateParameters parameters, CancellationToken cancellationToken = default)
{
using var scope = _clientDiagnostics.CreateScope("ServicePrincipalsOperations.Create");
scope.Start();
try
{
return(RestClient.Create(parameters, cancellationToken));
}
catch (Exception e)
{
scope.Failed(e);
throw;
}
}
internal ServicePrincipalImpl(ServicePrincipalInner innerObject, GraphRbacManager manager)
: base(innerObject.DisplayName, innerObject)
{
this.manager = manager;
this.createParameters = new ServicePrincipalCreateParameters
{
AccountEnabled = true
};
this.cachedRoleAssignments = new Dictionary <string, IRoleAssignment>();
this.rolesToCreate = new Dictionary <string, BuiltInRole>();
this.rolesToDelete = new HashSet <string>();
this.cachedCertificateCredentials = new Dictionary <string, ICertificateCredential>();
this.cachedPasswordCredentials = new Dictionary <string, IPasswordCredential>();
this.certificateCredentialsToCreate = new List <ICertificateCredential>();
this.passwordCredentialsToCreate = new List <IPasswordCredential>();
this.certificateCredentialsToDelete = new HashSet <string>();
this.passwordCredentialsToDelete = new HashSet <string>();
}
private AcsServicePrincipal BuildServicePrincipal(string name, string url, string clientSecret)
{
var pwCreds = new PasswordCredential(
value: clientSecret,
startDate: DateTime.UtcNow,
endDate: DateTime.UtcNow.AddYears(2));
var app = GraphClient.Applications.Create(new ApplicationCreateParameters(
false,
name,
new List <string> {
url
},
url,
passwordCredentials: new List <PasswordCredential> {
pwCreds
}));
ServicePrincipal sp = null;
var success = RetryAction(() =>
{
var spCreateParams = new ServicePrincipalCreateParameters(
app.AppId,
true,
passwordCredentials: new List <PasswordCredential> {
pwCreds
});
sp = GraphClient.ServicePrincipals.Create(spCreateParams);
}, Resources.ServicePrincipalCreate);
if (!success)
{
throw new AzPSInvalidOperationException(
Resources.CouldNotCreateAServicePrincipalWithTheRightPermissionsAreYouAnOwner,
desensitizedMessage: Resources.CouldNotCreateAServicePrincipalWithTheRightPermissionsAreYouAnOwner);
}
AddSubscriptionRoleAssignment("Contributor", sp.ObjectId);
return(new AcsServicePrincipal {
SpId = app.AppId, ClientSecret = clientSecret, ObjectId = app.ObjectId
});
}
internal HttpMessage CreateCreateRequest(ServicePrincipalCreateParameters parameters)
{
var message = _pipeline.CreateMessage();
var request = message.Request;
request.Method = RequestMethod.Post;
var uri = new RawRequestUriBuilder();
uri.Reset(endpoint);
uri.AppendPath("/", false);
uri.AppendPath(tenantID, true);
uri.AppendPath("/servicePrincipals", false);
uri.AppendQuery("api-version", apiVersion, true);
request.Uri = uri;
request.Headers.Add("Content-Type", "application/json");
using var content = new Utf8JsonRequestContent();
content.JsonWriter.WriteObjectValue(parameters);
request.Content = content;
return(message);
}
public PSADServicePrincipal CreateServicePrincipal(CreatePSServicePrincipalParameters createParameters)
{
IList <PasswordCredential> passwordCredentials = createParameters.PasswordCredentials != null
? createParameters.PasswordCredentials.Select(psCredential => psCredential.ToGraphPasswordCredential()).ToList()
: null;
IList <KeyCredential> keyCredentials = createParameters.KeyCredentials != null
? createParameters.KeyCredentials.Select(psCredential => psCredential.ToGraphKeyCredential()).ToList()
: null;
ServicePrincipalCreateParameters graphParameters = new ServicePrincipalCreateParameters
{
AppId = createParameters.ApplicationId.ToString(),
AccountEnabled = createParameters.AccountEnabled,
KeyCredentials = keyCredentials,
PasswordCredentials = passwordCredentials
};
try
{
return(GraphClient.ServicePrincipals.Create(graphParameters).ToPSADServicePrincipal());
}
catch (GraphErrorException ce)
{
if (ce.Response.StatusCode == HttpStatusCode.Forbidden)
{
AADObject currentUser = GraphClient.Objects.GetCurrentUser();
if (currentUser != null && string.Equals(currentUser.UserType, "Guest", StringComparison.InvariantCultureIgnoreCase))
{
throw new InvalidOperationException(ProjectResources.CreateServicePrincipalNotAllowedGuestUser);
}
}
throw;
}
}
/// <summary>
/// Creates a service principal in the directory.
/// </summary>
/// <param name='operations'>
/// Reference to the
/// Microsoft.Azure.Graph.RBAC.IServicePrincipalOperations.
/// </param>
/// <param name='parameters'>
/// Required. Parameters to create a service principal.
/// </param>
/// <returns>
/// Server response for service principal information API call
/// </returns>
public static Task <ServicePrincipalGetResult> CreateAsync(this IServicePrincipalOperations operations, ServicePrincipalCreateParameters parameters)
{
return(operations.CreateAsync(parameters, CancellationToken.None));
}
/// <summary>
/// Creates a service principal in the directory.
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='parameters'>
/// Parameters to create a service principal.
/// </param>
public static ServicePrincipal Create(this IServicePrincipalsOperations operations, ServicePrincipalCreateParameters parameters)
{
return(Task.Factory.StartNew(s => ((IServicePrincipalsOperations)s).CreateAsync(parameters), operations, CancellationToken.None, TaskCreationOptions.None, TaskScheduler.Default).Unwrap().GetAwaiter().GetResult());
}
/// <summary>
/// Creates a service principal in the directory.
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='parameters'>
/// Parameters to create a service principal.
/// </param>
public static ServicePrincipal Create(this IServicePrincipalsOperations operations, ServicePrincipalCreateParameters parameters)
{
return(operations.CreateAsync(parameters).GetAwaiter().GetResult());
}
/// <summary>
/// Creates a service principal in the directory.
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='parameters'>
/// Parameters to create a service principal.
/// </param>
/// <param name='cancellationToken'>
/// The cancellation token.
/// </param>
public static async Task <ServicePrincipal> CreateAsync(this IServicePrincipalsOperations operations, ServicePrincipalCreateParameters parameters, CancellationToken cancellationToken = default(CancellationToken))
{
using (var _result = await operations.CreateWithHttpMessagesAsync(parameters, null, cancellationToken).ConfigureAwait(false))
{
return(_result.Body);
}
}
