public void CanCRUDApplication() { using (var context = FluentMockContext.Start(GetType().FullName)) { IGraphRbacManager manager = TestHelper.CreateGraphRbacManager(); String name = SdkContext.RandomResourceName("javasdkapp", 20); IActiveDirectoryApplication application = null; try { application = manager.Applications.Define(name) .WithSignOnUrl("http://easycreate.azure.com/" + name) .DefinePasswordCredential("passwd") .WithPasswordValue("P@ssw0rd") .WithDuration(TimeSpan.FromDays(100)) .Attach() .DefineCertificateCredential("cert") .WithAsymmetricX509Certificate() .WithPublicKey(File.ReadAllBytes("Assets/myTest.cer")) .WithDuration(TimeSpan.FromDays(100)) .Attach() .DefineCertificateCredential("cert") .WithAsymmetricX509Certificate() .WithPublicKey(File.ReadAllBytes("Assets/myTest2.cer")) .WithDuration(TimeSpan.FromDays(80)) .Attach() .Create(); Console.WriteLine(application.Id + " - " + application.ApplicationId); Assert.NotNull(application.Id); Assert.NotNull(application.ApplicationId); Assert.Equal(name, application.Name); Assert.Equal(2, application.CertificateCredentials.Count); Assert.Equal(1, application.PasswordCredentials.Count); Assert.Equal(1, application.ReplyUrls.Count); Assert.Equal(1, application.IdentifierUris.Count); Assert.Equal("http://easycreate.azure.com/" + name, application.SignOnUrl.ToString()); application.Update() .WithoutCredential("passwd") .Apply(); Console.WriteLine(application.Id + " - " + application.ApplicationId); Assert.Equal(0, application.PasswordCredentials.Count); } finally { if (application != null) { manager.Applications.DeleteById(application.Id); } } } }
private static void UpdateApplication(Azure.IAuthenticated authenticated, IActiveDirectoryApplication activeDirectoryApplication) { Utilities.Log("Updating Active Directory application..."); activeDirectoryApplication.Update() // add another password credentials .DefinePasswordCredential("password-1") .WithPasswordValue("P@ssw0rd-1") .WithDuration(TimeSpan.FromDays(700)) .Attach() // add a reply url .WithReplyUrl("http://localhost:8080") .Apply(); }
public async Task RemoveExpiredKeys(IActiveDirectoryApplication application) { Log.LogDebug($"Remove expired keys of application with Id '{application.Id}'"); try { var expiredCredentials = application .PasswordCredentials .Where(s => s.Value.EndDate < DateTime.UtcNow) .ToList(); if (expiredCredentials.Any()) { foreach (var expiredCredential in expiredCredentials) { string keyName = expiredCredential.Value.Name; await application .Update() .WithoutCredential(keyName) .ApplyAsync(); Log.LogInformation($"Removed the expired key '{keyName}' of application with id '{application.Id}'"); } } else { Log.LogInformation($"No expired keys to remove for application with id '{application.Id}'"); } Log.LogDebug($"Removed all expired keys of application with id '{application.Id}'"); } catch (GraphErrorException ex) { if (ex.Response.StatusCode == HttpStatusCode.Forbidden) { Log.LogError($"Forbidden to remove expired keys of active directory application with id '{application.Id}'"); Log.LogDebug($"Extra info for application with id '{application.Id}': '{ex.Response.Content}'."); } else { Log.LogError(ex.Response.Content); } } }
public async Task AddSecretToActiveDirectoryApplication(IActiveDirectoryApplication application, string keyName, string key, int keyDurationInMinutes) { Log.LogDebug($"Add new secret to application with Id '{application.Id}'"); string availableKeyName = GetAvailableKeyName(application, keyName, 1); if (keyDurationInMinutes < 1) { keyDurationInMinutes = Convert.ToInt32(Environment.GetEnvironmentVariable("KeyDurationInMinutes", EnvironmentVariableTarget.Process)); Log.LogDebug($"No custom keyduration so use default keyduration of '{keyName}' minutes"); } var duration = new TimeSpan(0, keyDurationInMinutes, 0); DateTime utcNow = DateTime.UtcNow; try { await application .Update() .DefinePasswordCredential(availableKeyName) .WithPasswordValue(key) .WithStartDate(utcNow) .WithDuration(duration) .Attach() .ApplyAsync(); Log.LogInformation($"Added new key with name '{availableKeyName}' to application with id '{application.Id}' that is valid from UTC '{utcNow}' with a duraction of '{keyDurationInMinutes}' minutes"); } catch (GraphErrorException ex) { if (ex.Response.StatusCode == HttpStatusCode.Forbidden) { Log.LogError($"Forbidden to set key for active directory application with id '{application.Id}'"); Log.LogDebug($"Extra info for application with id '{application.Id}': '{ex.Response.Content}'."); } else { Log.LogError(ex.Response.Content); } } }
private async Task AddSecretToActiveDirectoryApplication(IActiveDirectoryApplication application, string keyName, string key) { _log.Verbose($"Add new secret to application with Id '{application.Id}'"); string availableKeyName = GetAvailableKeyName(application, keyName, 1); int keyDurationInMinutes = 5; var duration = new TimeSpan(0, keyDurationInMinutes, 0); DateTime utcNow = DateTime.UtcNow; try { // Remove all existing keys... https://github.com/Azure/azure-libraries-for-net/issues/414 await application .Update() .DefinePasswordCredential(availableKeyName) .WithPasswordValue(key) .WithStartDate(utcNow) .WithDuration(duration) .Attach() .ApplyAsync(); _log.Info($"Added new key with name '{availableKeyName}' to application with id '{application.Id}' that is valid from UTC '{utcNow}' with a duraction of '{keyDurationInMinutes}' minutes"); } catch (GraphErrorException ex) { if (ex.Response.StatusCode == HttpStatusCode.Forbidden) { _log.Error($"Forbidden to set key for active directory application with id '{application.Id}'"); _log.Verbose($"Extra info for application with id '{application.Id}': '{ex.Response.Content}'."); } else { _log.Error(ex.Response.Content); } } }
public void CanCRUDApplication() { using (var context = FluentMockContext.Start(GetType().FullName)) { IGraphRbacManager manager = TestHelper.CreateGraphRbacManager(); String name = SdkContext.RandomResourceName("javasdkapp", 20); IActiveDirectoryApplication application = null; try { application = manager.Applications.Define(name) .WithSignOnUrl("http://easycreate.azure.com/" + name) .DefinePasswordCredential("passwd") .WithPasswordValue("P@ssw0rd") .WithDuration(TimeSpan.FromDays(100)) .Attach() .DefineCertificateCredential("cert") .WithAsymmetricX509Certificate() .WithPublicKey(File.ReadAllBytes("Assets/myTest.cer")) .WithDuration(TimeSpan.FromDays(100)) .Attach() .DefineCertificateCredential() .WithAsymmetricX509Certificate() .WithPublicKey(File.ReadAllBytes("Assets/myTest2.cer")) .WithDuration(TimeSpan.FromDays(80)) .Attach() .Create(); Console.WriteLine(application.Id + " - " + application.ApplicationId); Assert.NotNull(application.Id); Assert.NotNull(application.ApplicationId); Assert.Equal(name, application.Name); Assert.Equal(2, application.CertificateCredentials.Count); Assert.Equal(1, application.PasswordCredentials.Count); Assert.Equal(1, application.ReplyUrls.Count); Assert.Equal(1, application.IdentifierUris.Count); Assert.Equal("http://easycreate.azure.com/" + name, application.SignOnUrl.ToString()); // check thumbprint, the customKeyIdentifier would be thumbprint if not set var certificate = new X509Certificate("Assets/myTest2.cer"); var certificateCount = 0; foreach (var certificateCredential in application.CertificateCredentials.Values) { if (certificateCredential.Name != "cert") { certificateCount++; Assert.Equal(certificate.GetCertHashString(), certificateCredential.CustomKeyIdentifier); } } Assert.True(certificateCount > 0); application.Update() .DefinePasswordCredential("passwd2") .WithPasswordValue("StrongPass!12") .WithDuration(TimeSpan.FromDays(20)) .Attach() .DefineCertificateCredential("cert") .WithAsymmetricX509Certificate() .WithPublicKey(File.ReadAllBytes("Assets/myTest2.cer")) .WithDuration(TimeSpan.FromDays(1)) .Attach() .WithoutCredentialByIdentifier(certificate.GetCertHashString()) .Apply(); Console.WriteLine(application.Id + " - " + application.ApplicationId); Assert.Equal(2, application.PasswordCredentials.Count); Assert.Equal(2, application.CertificateCredentials.Count); application.Update() .WithoutCredential("passwd") .Apply(); Console.WriteLine(application.Id + " - " + application.ApplicationId); Assert.Equal(1, application.PasswordCredentials.Count); Assert.Equal("passwd2", application.PasswordCredentials.First().Value.Name); } finally { if (application != null) { manager.Applications.DeleteById(application.Id); } } } }