public async Task <HttpResponseMessage> PatchConditionalAccessPolicyAsync(ConditionalAccessPolicy conditionalAccessPolicy, string clientId = null) { conditionalAccessPolicy.createdDateTime = null; conditionalAccessPolicy.modifiedDateTime = null; string requestUrl = graphEndpoint + $"/identity/conditionalAccess/policies/{conditionalAccessPolicy.id}"; HttpRequestMessage hrm = new HttpRequestMessage(new HttpMethod("PATCH"), requestUrl) { Content = new StringContent(JsonConvert.SerializeObject(conditionalAccessPolicy), Encoding.UTF8, "application/json") }; // Authenticate (add access token) our HttpRequestMessage await graphServiceClient.AuthenticationProvider.AuthenticateRequestAsync(hrm); signalRMessage.sendMessage($"{hrm.Method}: {requestUrl}"); // Send the request and get the response. HttpResponseMessage response = await graphServiceClient.HttpProvider.SendAsync(hrm); if (response.IsSuccessStatusCode) { signalRMessage.sendMessage($"Success: updated CA policy: {conditionalAccessPolicy.displayName} ({conditionalAccessPolicy.id})"); } return(response); }
public static async Task <ModernWorkplaceConcierge.Helpers.ConditionalAccessPolicy> AddConditionalAccessPolicyAsync(string conditionalAccessPolicy, string clientId = null) { var graphClient = GetAuthenticatedClient(); string requestUrl = graphEndpoint + "/identity/conditionalAccess/policies"; HttpRequestMessage hrm = new HttpRequestMessage(HttpMethod.Post, requestUrl) { Content = new StringContent(conditionalAccessPolicy, Encoding.UTF8, "application/json") }; // Authenticate (add access token) our HttpRequestMessage await graphClient.AuthenticationProvider.AuthenticateRequestAsync(hrm); if (!string.IsNullOrEmpty(clientId)) { var hubContext = GlobalHost.ConnectionManager.GetHubContext <MwHub>(); hubContext.Clients.Client(clientId).addMessage("POST: " + requestUrl); } // Send the request and get the response. HttpResponseMessage response = await graphClient.HttpProvider.SendAsync(hrm); ModernWorkplaceConcierge.Helpers.ConditionalAccessPolicy conditionalAccessPolicyResult = JsonConvert.DeserializeObject <ModernWorkplaceConcierge.Helpers.ConditionalAccessPolicy>(await response.Content.ReadAsStringAsync()); return(conditionalAccessPolicyResult); }
public async Task <ConditionalAccessPolicy> AddConditionalAccessPolicyAsync(ConditionalAccessPolicy conditionalAccessPolicy) { // Following properties need to be disabled for successful POST conditionalAccessPolicy.id = null; conditionalAccessPolicy.state = "disabled"; conditionalAccessPolicy.createdDateTime = null; conditionalAccessPolicy.modifiedDateTime = null; string requestUrl = graphEndpoint + "/identity/conditionalAccess/policies"; HttpRequestMessage hrm = new HttpRequestMessage(HttpMethod.Post, requestUrl) { Content = new StringContent(JsonConvert.SerializeObject(conditionalAccessPolicy, new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore, Formatting = Formatting.Indented }), Encoding.UTF8, "application/json") }; if (conditionalAccessPolicy.sessionControls != null && conditionalAccessPolicy.sessionControls.applicationEnforcedRestrictions != null) { signalRMessage.sendMessage("Warning you need to configure Exchange online and SharePoint online for app enforced restrictions!"); } // Authenticate (add access token) our HttpRequestMessage await this.graphServiceClient.AuthenticationProvider.AuthenticateRequestAsync(hrm); signalRMessage.sendMessage($"{hrm.Method}: {requestUrl}"); // Send the request and get the response. HttpResponseMessage response = await graphServiceClient.HttpProvider.SendAsync(hrm); ConditionalAccessPolicy conditionalAccessPolicyResult = JsonConvert.DeserializeObject <ConditionalAccessPolicy>(await response.Content.ReadAsStringAsync()); if (response.IsSuccessStatusCode) { signalRMessage.sendMessage($"Success: created CA policy: '{conditionalAccessPolicyResult.displayName}' ({conditionalAccessPolicyResult.id})"); } return(conditionalAccessPolicyResult); }
public async Task <ConditionalAccessPolicy> TryAddConditionalAccessPolicyAsync(ConditionalAccessPolicy conditionalAccessPolicy) { try { var response = await AddConditionalAccessPolicyAsync(conditionalAccessPolicy); return(response); } catch { signalRMessage.sendMessage("Discarding tenant specific information for CA policy: '" + conditionalAccessPolicy.displayName + "'"); // remove Id's conditionalAccessPolicy.conditions.users.includeUsers = new string[] { "none" }; conditionalAccessPolicy.conditions.users.excludeUsers = null; conditionalAccessPolicy.conditions.users.includeGroups = null; conditionalAccessPolicy.conditions.users.excludeGroups = null; conditionalAccessPolicy.conditions.users.includeRoles = null; conditionalAccessPolicy.conditions.users.excludeRoles = null; conditionalAccessPolicy.conditions.applications.includeApplications = new string[] { "none" }; conditionalAccessPolicy.conditions.applications.excludeApplications = null; var response = await AddConditionalAccessPolicyAsync(conditionalAccessPolicy); return(response); } }
public static async Task <bool> ImportCaConfig(string policy, string clientId = null) { SignalRMessage signalR = new SignalRMessage(); signalR.clientId = clientId; ModernWorkplaceConcierge.Helpers.ConditionalAccessPolicy conditionalAccessPolicy = JsonConvert.DeserializeObject <ModernWorkplaceConcierge.Helpers.ConditionalAccessPolicy>(policy); conditionalAccessPolicy.id = null; conditionalAccessPolicy.state = "disabled"; conditionalAccessPolicy.createdDateTime = null; conditionalAccessPolicy.modifiedDateTime = null; // Check for device state and display warning (API issue) if (conditionalAccessPolicy.conditions.deviceStates != null) { signalR.sendMessage("Warning device states are currently not imported by the Graph API, you need to enable them manually on the policy!"); } if (conditionalAccessPolicy.sessionControls != null && conditionalAccessPolicy.sessionControls.applicationEnforcedRestrictions != null) { signalR.sendMessage("Warning you need to enable Exchange online and SharePoint online for app enforced restrictions!"); } try { string requestContent = JsonConvert.SerializeObject(conditionalAccessPolicy, new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore, Formatting = Formatting.Indented }); var success = await GraphHelper.AddConditionalAccessPolicyAsync(requestContent, clientId); signalR.sendMessage("Success: imported CA policy: '" + success.displayName + "'"); return(true); } catch { signalR.sendMessage("Discarding tenant specific information for CA policy: '" + conditionalAccessPolicy.displayName + "'"); // remove Id's conditionalAccessPolicy.conditions.users.includeUsers = new string[] { "none" }; conditionalAccessPolicy.conditions.users.excludeUsers = null; conditionalAccessPolicy.conditions.users.includeGroups = null; conditionalAccessPolicy.conditions.users.excludeGroups = null; conditionalAccessPolicy.conditions.users.includeRoles = null; conditionalAccessPolicy.conditions.users.excludeRoles = null; conditionalAccessPolicy.conditions.applications.includeApplications = new string[] { "none" }; conditionalAccessPolicy.conditions.applications.excludeApplications = null; string requestContent = JsonConvert.SerializeObject(conditionalAccessPolicy, new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore, Formatting = Formatting.Indented }); var success = await GraphHelper.AddConditionalAccessPolicyAsync(requestContent, clientId); signalR.sendMessage("Success: imported CA policy: '" + success.displayName + "'"); return(true); } }