private ConditionalAccessPolicyModel BuildConditionlAccessPolicy(ConditionalAccessPolicyModel policy, IEnumerable <NamedLocation> locations) { if (policy.users.allUsers > 1 || policy.usersV2.allUsers > 1) { policy.isUsersGroupsV2Enabled = true; } else { policy.users = null; policy.usersV2 = null; } //Must to set isAllProtocolsEnabled = true for create and update operation if (policy.conditions.clientApps.applyCondition || policy.conditions.clientAppsV2.applyCondition) { policy.isAllProtocolsEnabled = true; } if (policy.conditions.namedNetworks.applyCondition) { if (policy.conditions.namedNetworks.includedNetworkIds.Any()) { var locationIds = locations.Where(l => policy.conditions.namedNetworks.includedNetworkIds.Contains(l.DisplayName)).Select(l => l.Id).ToList(); policy.conditions.namedNetworks.includedNetworkIds.Clear(); policy.conditions.namedNetworks.includedNetworkIds.AddRange(locationIds); } if (policy.conditions.namedNetworks.excludedNetworkIds.Any()) { var locationIds = locations.Where(l => policy.conditions.namedNetworks.excludedNetworkIds.Contains(l.DisplayName)).Select(l => l.Id).ToList(); policy.conditions.namedNetworks.excludedNetworkIds.Clear(); policy.conditions.namedNetworks.excludedNetworkIds.AddRange(locationIds); } } return(policy); }
public async Task UpdateConditionalAccessPolicy(string policyId, ConditionalAccessPolicyModel policy) { var graphClient = GraphClient.GetInstance("a7223375-8d73-437d-a391-1c30f50afd49", "dc293766-b44d-48e6-bc3d-a14569148567", "JQXW_GIhdb3_74-h8U7e_ABFuR5u9vK937"); var httpClient = HttpClientService.GetInstance("*****@*****.**", "OsiN20mhqA"); var locations = await graphClient.Identity.ConditionalAccess.NamedLocations.Request().GetAsync(); await UpdateConditionalAccessPolicy(httpClient, policyId, policy, locations); }
private async Task UpdateConditionalAccessPolicy(HttpClient httpClient, string policyId, ConditionalAccessPolicyModel policy, IEnumerable <NamedLocation> locations) { policy = BuildConditionlAccessPolicy(policy, locations); var content = JsonConvert.SerializeObject(policy, new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Include }); var httpContent = new StringContent(content, Encoding.UTF8, "application/json"); var validResponse = await httpClient.PostAsync($"https://main.iam.ad.ext.azure.com/api/Policies/Validate", httpContent); var response = await httpClient.PutAsync($"https://main.iam.ad.ext.azure.com/api/Policies/{policyId}", httpContent); if (response.IsSuccessStatusCode) { } else { } }
private async Task CreateConditionalAccessPolicy(GraphServiceClient graphClient, HttpClient httpClient, ConditionalAccessPolicyModel policy, IEnumerable <NamedLocation> locations) { try { policy = BuildConditionlAccessPolicy(policy, locations); var content = JsonConvert.SerializeObject(policy, new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore }); var httpContent = new StringContent(content, Encoding.UTF8, "application/json"); var response = await httpClient.PostAsync("https://main.iam.ad.ext.azure.com/api/Policies", httpContent); if (response.IsSuccessStatusCode) { } else { } } catch (Exception ex) { } }