private async Task <ServicePrincipalResponse> CreateAzureADApplicationIfNotExists(string displayName, string appIdUri, string tenantId) { try { var isNewApp = false; var appCreated = default(IApplication); ServicePrincipalResponse spr = new ServicePrincipalResponse(); // First check if the App exists, already var appFilter = adClient.Applications.Where(app => app.IdentifierUris.Any(iduri => iduri == appIdUri)); var foundApp = await appFilter.ExecuteAsync(); if (foundApp.CurrentPage.Count == 0) { var newApp = new Application() { DisplayName = displayName, }; newApp.IdentifierUris.Add(appIdUri); newApp.PasswordCredentials.Add( new PasswordCredential { StartDate = DateTime.UtcNow, EndDate = DateTime.UtcNow.AddYears(2), Value = CreateRandomClientSecretKey(), KeyId = Guid.NewGuid(), } ); // set Application permissions like Azure Active Directory signin and read var permissions = GetActiveDirectoryPermissions(); newApp.RequiredResourceAccess.Add(permissions); spr.AppClientSecret = newApp.PasswordCredentials.First().Value; var jsonstr = JsonConvert.SerializeObject(newApp); await adClient.Applications.AddApplicationAsync(newApp); appCreated = newApp; isNewApp = true; } else { appCreated = foundApp.CurrentPage.FirstOrDefault(); // update the Password key var updateAppPasswordCreds = new UpdateApplicationPasswordCredentials() { StartDate = DateTime.UtcNow, EndDate = DateTime.UtcNow.AddYears(2), Value = CreateRandomClientSecretKey(), KeyId = Guid.NewGuid() }; var passwordList = new List <UpdateApplicationPasswordCredentials>(); passwordList.Add(updateAppPasswordCreds); var updateAppPasswordReq = new UpdateApplicationPasswordCredsRequest() { UpdateApplicationPasswordCreds = passwordList }; await UpdateAzureADApplicationPasswordCredentialsRest(appCreated.ObjectId, updateAppPasswordReq, tenantId); spr.AppClientSecret = updateAppPasswordCreds.Value; } spr.App = appCreated; spr.IsNewApp = isNewApp; return(spr); } catch (Exception ex) { logger.LogError(ex, "Create Azure AD Application {error}", ex.Message); throw; } }
public async Task update_azureAD_Application_PasswordCreds() { var appUri = string.Format("https://{0}/{1}", tenantId, "unittestmsiot"); var repo = new ServicePrincipalRepository(activeDirectoryClient, logger); var app = await repo.CreateAppAndServicePrincipal("unittestmsiot", appUri, "msiot123", tenantId); Assert.Equal("unittestmsiot", app.App.DisplayName); var updateModel = new UpdateApplicationRequest { Homepage = "https://localhostunitest", ReplyUrls = new List <string> { "https://localhostunitest" } }; await repo.UpdateAzureADApplication(app.App.ObjectId, updateModel, tenantId); app = await repo.CreateAppAndServicePrincipal("unittestmsiot", appUri, "msiot123", tenantId); Assert.Equal(updateModel.Homepage, app.App.Homepage); Assert.True(app.App.ReplyUrls.Contains("https://localhostunitest")); // now update the password credentials object UpdateApplicationPasswordCredentials updateAppPasswordCreds = new UpdateApplicationPasswordCredentials { StartDate = DateTime.UtcNow, EndDate = DateTime.UtcNow.AddYears(1), Value = CreateRandomClientSecretKey(), KeyId = Guid.NewGuid() }; var passwordList = new List <UpdateApplicationPasswordCredentials>(); passwordList.Add(updateAppPasswordCreds); var updateAppPasswordReq = new UpdateApplicationPasswordCredsRequest { UpdateApplicationPasswordCreds = passwordList }; await repo.UpdateAzureADApplicationPasswordCredentials(app.App.ObjectId, updateAppPasswordReq, tenantId); app = await repo.CreateAppAndServicePrincipal("unittestmsiot", appUri, "msiot123", tenantId); Assert.Equal(updateAppPasswordCreds.StartDate, app.App.PasswordCredentials[0] .StartDate); Assert.Equal(updateAppPasswordCreds.EndDate, app.App.PasswordCredentials[0] .EndDate); }