private static async Task LoadThemesFromTenant(ProvisioningActionModel model, string tokenId, string graphAccessToken)
{
// Determine the URL of the root SPO site for the current tenant
var rootSiteJson = HttpHelper.MakeGetRequestForString("https://graph.microsoft.com/v1.0/sites/root", graphAccessToken);
SharePointSite rootSite = JsonConvert.DeserializeObject <SharePointSite>(rootSiteJson);
// Store the SPO Root Site URL in the Model
model.SPORootSiteUrl = rootSite.WebUrl;
// Retrieve the SPO URL for the Admin Site
var adminSiteUrl = rootSite.WebUrl.Replace(".sharepoint.com", "-admin.sharepoint.com");
// Retrieve the SPO Access Token
var spoAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, adminSiteUrl,
ConfigurationManager.AppSettings["ida:ClientId"],
ConfigurationManager.AppSettings["ida:ClientSecret"],
ConfigurationManager.AppSettings["ida:AppUrl"]);
// Connect to SPO and retrieve the list of available Themes
AuthenticationManager authManager = new AuthenticationManager();
using (ClientContext spoContext = authManager.GetAzureADAccessTokenAuthenticatedContext(adminSiteUrl, spoAccessToken))
{
TenantAdmin.Tenant tenant = new TenantAdmin.Tenant(spoContext);
var themes = tenant.GetAllTenantThemes();
spoContext.Load(themes);
spoContext.ExecuteQueryRetry();
model.Themes = themes.Select(t => t.Name).ToList();
}
}
public void CreateNewSiteCollection(string title, string name, string owner)
{
var url = string.Format("https://{0}-admin.sharepoint.com", _generatorDefinition.TenantName);
using (ClientContext context = new ClientContext(url))
{
context.Credentials = new SharePointOnlineCredentials(_generatorDefinition.Username, Utilities.Common.StringToSecureString(_generatorDefinition.Password));
var officeTenant = new Microsoft.Online.SharePoint.TenantAdministration.Tenant(context);
var newSiteProperties = new SiteCreationProperties()
{
Url = string.Format("https://{0}.sharepoint.com/sites/{1}", _generatorDefinition.TenantName, name),
Owner = _generatorDefinition.SiteCollOwnerLogin,
Template = "STS#0",
};
var spo= officeTenant.CreateSite(newSiteProperties);
context.Load(spo, i => i.IsComplete);
context.ExecuteQuery();
while (!spo.IsComplete)
{
System.Threading.Thread.Sleep(10000);
spo.RefreshLoad();
context.ExecuteQuery();
}
}
}
public void CreateNewSiteCollection(string title, string name, string owner)
{
var url = string.Format("https://{0}-admin.sharepoint.com", _generatorDefinition.TenantName);
using (ClientContext context = new ClientContext(url))
{
context.Credentials = new SharePointOnlineCredentials(_generatorDefinition.Username, Utils.StringToSecureString(_generatorDefinition.Password));
var officeTenant = new Microsoft.Online.SharePoint.TenantAdministration.Tenant(context);
var newSiteProperties = new SiteCreationProperties()
{
Url = string.Format("https://{0}.sharepoint.com/sites/{1}", _generatorDefinition.TenantName, name),
Owner = _generatorDefinition.SiteCollOwnerLogin,
Template = "STS#0",
};
var spo = officeTenant.CreateSite(newSiteProperties);
context.Load(spo, i => i.IsComplete);
context.ExecuteQuery();
while (!spo.IsComplete)
{
System.Threading.Thread.Sleep(10000);
spo.RefreshLoad();
context.ExecuteQuery();
}
}
}
private static async Task LoadThemesFromTenant(ProvisioningActionModel model, string tokenId, SharePointSite rootSite, string graphAccessToken)
{
// Retrieve the SPO URL for the Admin Site
var adminSiteUrl = rootSite.WebUrl.Replace(".sharepoint.com", "-admin.sharepoint.com");
// Retrieve the SPO Access Token
var spoAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, adminSiteUrl,
ConfigurationManager.AppSettings["ida:ClientId"],
ConfigurationManager.AppSettings["ida:ClientSecret"],
ConfigurationManager.AppSettings["ida:AppUrl"]);
// Connect to SPO and retrieve the list of available Themes
AuthenticationManager authManager = new AuthenticationManager();
using (ClientContext spoContext = authManager.GetAzureADAccessTokenAuthenticatedContext(adminSiteUrl, spoAccessToken))
{
TenantAdmin.Tenant tenant = new TenantAdmin.Tenant(spoContext);
var themes = tenant.GetAllTenantThemes();
spoContext.Load(themes);
spoContext.ExecuteQueryRetry();
model.Themes = themes.Select(t => t.Name).ToList();
}
}
public void CreateNewSiteCollection(string title, string siteCollectionUrl, string owner)
{
bool isSiteCollectionExists = false;
var url = string.Format("https://{0}-admin.sharepoint.com", _generatorDefinition.TenantName);
using (ClientContext siteContext = new ClientContext(siteCollectionUrl))
{
try
{
var site = siteContext.Site;
siteContext.Load(site);
siteContext.ExecuteQuery();
isSiteCollectionExists = true;
}
catch (Exception ex)
{
isSiteCollectionExists = false;
}
}
if (!isSiteCollectionExists)
{
using (ClientContext context = new ClientContext(url))
{
context.Credentials = new SharePointOnlineCredentials(_generatorDefinition.Username,
Utils.StringToSecureString(_generatorDefinition.Password));
var officeTenant = new Microsoft.Online.SharePoint.TenantAdministration.Tenant(context);
var newSiteProperties = new SiteCreationProperties()
{
Url = siteCollectionUrl,
Owner = _generatorDefinition.SiteCollOwnerLogin,
Template = "STS#0"
};
var spo = officeTenant.CreateSite(newSiteProperties);
context.Load(spo, i => i.IsComplete);
context.ExecuteQuery();
while (!spo.IsComplete)
{
System.Threading.Thread.Sleep(10000);
spo.RefreshLoad();
context.ExecuteQuery();
}
CreateCustomPermissionLevels(siteCollectionUrl);
}
}
}
private static bool IsTenantAdminSite(ClientContext clientContext)
{
try
{
var tenant = new Microsoft.Online.SharePoint.TenantAdministration.Tenant(clientContext);
clientContext.ExecuteQueryRetry();
return(true);
}
catch (ClientRequestException)
{
return(false);
}
catch (ServerException)
{
return(false);
}
}
public override void ValidateCredentials()
{
try
{
var url = string.Format("https://{0}-admin.sharepoint.com", _generatorDefinition.TenantName);
using (ClientContext context = new ClientContext(url))
{
context.Credentials = new SharePointOnlineCredentials(_generatorDefinition.Username, Utils.StringToSecureString(_generatorDefinition.Password));
var officeTenant = new Microsoft.Online.SharePoint.TenantAdministration.Tenant(context);
context.Load(officeTenant);
context.ExecuteQuery();
}
}
catch (Exception ex)
{
Errors.Log(ex);
throw new CredentialValidationException(ex.Message);
}
}
/// <summary>
/// Initializes the ClientContext.
/// </summary>
public void InitClientContext()
{
try
{
LogUtil.LogMessage("Initializing tenant (ClientContext) for {0}.", this.AdminUrl);
// Set client context
this.ClientContext = new SPClient.ClientContext(this.AdminUrl);
this.ClientContext.ApplicationName = ProductUtil.GetProductName();
// Set authentication mode and credentials
LogUtil.LogMessage("Using SharePoint Online credentials for user '{0}'.", this.UserName);
this.ClientContext.AuthenticationMode = ClientAuthenticationMode.Default;
this.ClientContext.Credentials = new SharePointOnlineCredentials(this.UserName, this.Password.GetSecureString());
// Try connection, to ensure site is available
LogUtil.LogMessage("Retrieving (execute) the ClientContext.");
SPOnline.Tenant tenant = new SPOnline.Tenant(this.ClientContext);
this.ClientContext.Load(tenant);
this.ClientContext.ExecuteQuery();
// After succes set variables
this.IsLoaded = true;
this.LoadDate = DateTime.Now;
this.RootSiteUrl = new Uri(tenant.RootSiteUrl);
LogUtil.LogMessage("ClientContext successful loaded.");
LogUtil.LogMessage("ClientContext technical data. ServerVersion: {0}. ServerSchemaVersion: {1}. ServerLibraryVersion: {2}. RequestSchemaVersion: {3}. TraceCorrelationId: {4}",
this.ClientContext.ServerVersion,
this.ClientContext.ServerSchemaVersion,
this.ClientContext.ServerLibraryVersion,
this.ClientContext.RequestSchemaVersion,
this.ClientContext.TraceCorrelationId);
}
catch (FileNotFoundException ex)
{
LogUtil.LogException(string.Format("File '{0}' not found, check log file {1} for detailed information.", ex.FileName, ex.FusionLog), ex);
throw;
}
}
public override IEnumerable <string> GetAllSiteCollections(Guid webApplicationId)
{
try
{
var url = string.Format("https://{0}-admin.sharepoint.com", _generatorDefinition.TenantName);
using (ClientContext context = new ClientContext(url))
{
context.Credentials = new SharePointOnlineCredentials(_generatorDefinition.Username, Utils.StringToSecureString(_generatorDefinition.Password));
var officeTenant = new Microsoft.Online.SharePoint.TenantAdministration.Tenant(context);
var siteProperties = officeTenant.GetSiteProperties(0, true);
context.Load(siteProperties);
context.ExecuteQuery();
return(siteProperties.Select(x => x.Url).ToList());
}
}
catch (Exception ex)
{
Errors.Log(ex);
}
return(new List <string>());
}
public List<string> GetAllSiteCollections()
{
try
{
var url = string.Format("https://{0}-admin.sharepoint.com", _generatorDefinition.TenantName);
using (ClientContext context = new ClientContext(url))
{
context.Credentials = new SharePointOnlineCredentials(_generatorDefinition.Username, Utilities.Common.StringToSecureString(_generatorDefinition.Password));
var officeTenant = new Microsoft.Online.SharePoint.TenantAdministration.Tenant(context);
var siteProperties = officeTenant.GetSiteProperties(0, true);
context.Load(siteProperties);
context.ExecuteQuery();
return siteProperties.Select(x => x.Url).ToList();
}
}
catch (Exception ex)
{
Errors.Log(ex);
}
return new List<string>();
}
private async Task <CanProvisionResult> CanProvisionInternal(CanProvisionModel model)
{
var canProvisionResult = new CanProvisionResult();
String provisioningScope = ConfigurationManager.AppSettings["SPPA:ProvisioningScope"];
String provisioningEnvironment = ConfigurationManager.AppSettings["SPPA:ProvisioningEnvironment"];
var tokenId = $"{model.TenantId}-{model.UserPrincipalName.ToLower().GetHashCode()}-{provisioningScope}-{provisioningEnvironment}";
var graphAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, "https://graph.microsoft.com/");
// Retrieve the provisioning package from the database and from the Blob Storage
var context = dbContext;
DomainModel.Package package = null;
// Get the package
if (ProvisioningAppManager.IsTestingEnvironment)
{
// Process all packages in the test environment
package = context.Packages.FirstOrDefault(p => p.Id == new Guid(model.PackageId));
}
else
{
// Process not-preview packages in the production environment
package = context.Packages.FirstOrDefault(p => p.Id == new Guid(model.PackageId) && p.Preview == false);
}
if (package != null)
{
// Retrieve parameters from the package/template definition
var packageFileUrl = new Uri(package.PackageUrl);
var packageLocalFolder = packageFileUrl.AbsolutePath.Substring(1,
packageFileUrl.AbsolutePath.LastIndexOf('/') - 1);
var packageFileName = packageFileUrl.AbsolutePath.Substring(packageLocalFolder.Length + 2);
ProvisioningHierarchy hierarchy = GetHierarchyFromStorage(packageLocalFolder, packageFileName);
// If we have the hierarchy
if (hierarchy != null)
{
var accessTokens = new Dictionary <String, String>();
AuthenticationManager authManager = new AuthenticationManager();
var ptai = new ProvisioningTemplateApplyingInformation();
// Retrieve the SPO URL for the Admin Site
var rootSiteUrl = model.SPORootSiteUrl;
// Retrieve the SPO Access Token for SPO
var spoAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, rootSiteUrl,
ConfigurationManager.AppSettings["ida:ClientId"],
ConfigurationManager.AppSettings["ida:ClientSecret"],
ConfigurationManager.AppSettings["ida:AppUrl"]);
// Store the SPO Access Token for any further context cloning
accessTokens.Add(new Uri(rootSiteUrl).Authority, spoAccessToken);
// Define a PnPProvisioningContext scope to share the security context across calls
using (var pnpProvisioningContext = new PnPProvisioningContext(async(r, s) =>
{
if (accessTokens.ContainsKey(r))
{
// In this scenario we just use the dictionary of access tokens
// in fact the overall operation for sure will take less than 1 hour
// (in fact, it's a matter of few seconds)
return(await Task.FromResult(accessTokens[r]));
}
else
{
// Try to get a fresh new Access Token
var token = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, $"https://{r}",
ConfigurationManager.AppSettings["ida:ClientId"],
ConfigurationManager.AppSettings["ida:ClientSecret"],
ConfigurationManager.AppSettings["ida:AppUrl"]);
accessTokens.Add(r, token);
return(token);
}
}))
{
// If the user is an admin (SPO or Tenant) we run the Tenant level CanProvision rules
if (model.UserIsSPOAdmin || model.UserIsTenantAdmin)
{
// Retrieve the SPO URL for the Admin Site
var adminSiteUrl = model.SPORootSiteUrl.Replace(".sharepoint.com", "-admin.sharepoint.com");
// Retrieve the SPO Access Token for the Admin Site
var spoAdminAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, adminSiteUrl,
ConfigurationManager.AppSettings["ida:ClientId"],
ConfigurationManager.AppSettings["ida:ClientSecret"],
ConfigurationManager.AppSettings["ida:AppUrl"]);
// Store the SPO Admin Access Token for any further context cloning
accessTokens.Add(new Uri(adminSiteUrl).Authority, spoAdminAccessToken);
// Connect to SPO Admin Site and evaluate the CanProvision rules for the hierarchy
using (var tenantContext = authManager.GetAzureADAccessTokenAuthenticatedContext(adminSiteUrl, spoAdminAccessToken))
{
using (var pnpTenantContext = PnPClientContext.ConvertFrom(tenantContext))
{
// Creat the Tenant object for the current SPO Admin Site context
TenantAdmin.Tenant tenant = new TenantAdmin.Tenant(pnpTenantContext);
// Run the CanProvision rules against the current tenant
canProvisionResult = CanProvisionRulesManager.CanProvision(tenant, hierarchy, null, ptai);
}
}
}
else
{
// Otherwise we run the Site level CanProvision rules
// Connect to SPO Root Site and evaluate the CanProvision rules for the hierarchy
using (var clientContext = authManager.GetAzureADAccessTokenAuthenticatedContext(rootSiteUrl, spoAccessToken))
{
using (var pnpContext = PnPClientContext.ConvertFrom(clientContext))
{
// Run the CanProvision rules against the root site
canProvisionResult = CanProvisionRulesManager.CanProvision(pnpContext.Web, hierarchy.Templates[0], ptai);
}
}
}
}
}
}
else
{
throw new ApplicationException("Invalid request, the requested package/template is not available!");
}
return(canProvisionResult);
}
public static async Task RunAsync([QueueTrigger("actions")] ProvisioningActionModel action, TextWriter log)
{
var startProvisioning = DateTime.Now;
String provisioningEnvironment = ConfigurationManager.AppSettings["SPPA:ProvisioningEnvironment"];
log.WriteLine($"Processing queue trigger function for tenant {action.TenantId}");
log.WriteLine($"PnP Correlation ID: {action.CorrelationId.ToString()}");
// Instantiate and use the telemetry model
TelemetryUtility telemetry = new TelemetryUtility((s) => {
log.WriteLine(s);
});
Dictionary <string, string> telemetryProperties = new Dictionary <string, string>();
// Configure telemetry properties
// telemetryProperties.Add("UserPrincipalName", action.UserPrincipalName);
telemetryProperties.Add("TenantId", action.TenantId);
telemetryProperties.Add("PnPCorrelationId", action.CorrelationId.ToString());
telemetryProperties.Add("TargetSiteAlreadyExists", action.TargetSiteAlreadyExists.ToString());
telemetryProperties.Add("TargetSiteBaseTemplateId", action.TargetSiteBaseTemplateId);
// Get a reference to the data context
ProvisioningAppDBContext dbContext = new ProvisioningAppDBContext();
try
{
// Log telemetry event
telemetry?.LogEvent("ProvisioningFunction.Start");
if (CheckIfActionIsAlreadyRunning(action, dbContext))
{
throw new ConcurrentProvisioningException("The requested package is currently provisioning in the selected target tenant and cannot be applied in parallel. Please wait for the previous provisioning action to complete.");
}
var tokenId = $"{action.TenantId}-{action.UserPrincipalName.ToLower().GetHashCode()}-{action.ActionType.ToString().ToLower()}-{provisioningEnvironment}";
// Retrieve the SPO target tenant via Microsoft Graph
var graphAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, "https://graph.microsoft.com/",
ConfigurationManager.AppSettings[$"{action.ActionType}:ClientId"],
ConfigurationManager.AppSettings[$"{action.ActionType}:ClientSecret"],
ConfigurationManager.AppSettings[$"{action.ActionType}:AppUrl"]);
log.WriteLine($"Retrieved target Microsoft Graph Access Token.");
if (!String.IsNullOrEmpty(graphAccessToken))
{
#region Get current context data (User, SPO Tenant, SPO Access Token)
// Get the currently connected user name and email (UPN)
var jwtAccessToken = new System.IdentityModel.Tokens.Jwt.JwtSecurityToken(graphAccessToken);
String delegatedUPN = String.Empty;
var upnClaim = jwtAccessToken.Claims.FirstOrDefault(c => c.Type == "upn");
if (upnClaim != null && !String.IsNullOrEmpty(upnClaim.Value))
{
delegatedUPN = upnClaim.Value;
}
String delegatedUserName = String.Empty;
var nameClaim = jwtAccessToken.Claims.FirstOrDefault(c => c.Type == "name");
if (nameClaim != null && !String.IsNullOrEmpty(nameClaim.Value))
{
delegatedUserName = nameClaim.Value;
}
// Determine the URL of the root SPO site for the current tenant
var rootSiteJson = HttpHelper.MakeGetRequestForString("https://graph.microsoft.com/v1.0/sites/root", graphAccessToken);
SharePointSite rootSite = JsonConvert.DeserializeObject <SharePointSite>(rootSiteJson);
String spoTenant = rootSite.WebUrl;
log.WriteLine($"Target SharePoint Online Tenant: {spoTenant}");
// Configure telemetry properties
telemetryProperties.Add("SPOTenant", spoTenant);
// Retrieve the SPO Access Token
var spoAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, rootSite.WebUrl,
ConfigurationManager.AppSettings[$"{action.ActionType}:ClientId"],
ConfigurationManager.AppSettings[$"{action.ActionType}:ClientSecret"],
ConfigurationManager.AppSettings[$"{action.ActionType}:AppUrl"]);
log.WriteLine($"Retrieved target SharePoint Online Access Token.");
#endregion
// Connect to SPO, create and provision site
AuthenticationManager authManager = new AuthenticationManager();
using (ClientContext context = authManager.GetAzureADAccessTokenAuthenticatedContext(spoTenant, spoAccessToken))
{
// Telemetry and startup
var web = context.Web;
context.ClientTag = $"SPDev:ProvisioningPortal-{provisioningEnvironment}";
context.Load(web, w => w.Title, w => w.Id);
await context.ExecuteQueryAsync();
// Save the current SPO Correlation ID
telemetryProperties.Add("SPOCorrelationId", context.TraceCorrelationId);
log.WriteLine($"SharePoint Online Root Site Collection title: {web.Title}");
#region Store the main site URL in KeyVault
// Store the main site URL in the vault
var vault = ProvisioningAppManager.SecurityTokensServiceProvider;
// Read any existing properties for the current tenantId
var properties = await vault.GetAsync(tokenId);
if (properties == null)
{
// If there are no properties, create a new dictionary
properties = new Dictionary <String, String>();
}
// Set/Update the RefreshToken value
properties["SPORootSite"] = spoTenant;
// Add or Update the Key Vault accordingly
await vault.AddOrUpdateAsync(tokenId, properties);
#endregion
#region Provision the package
var package = dbContext.Packages.FirstOrDefault(p => p.Id == new Guid(action.PackageId));
if (package != null)
{
// Update the Popularity of the package
package.TimesApplied++;
dbContext.SaveChanges();
#region Get the Provisioning Hierarchy file
// Determine reference path variables
var blobConnectionString = ConfigurationManager.AppSettings["BlobTemplatesProvider:ConnectionString"];
var blobContainerName = ConfigurationManager.AppSettings["BlobTemplatesProvider:ContainerName"];
var packageFileName = package.PackageUrl.Substring(package.PackageUrl.LastIndexOf('/') + 1);
var packageFileUri = new Uri(package.PackageUrl);
var packageFileRelativePath = packageFileUri.AbsolutePath.Substring(2 + blobContainerName.Length);
var packageFileRelativeFolder = packageFileRelativePath.Substring(0, packageFileRelativePath.LastIndexOf('/'));
// Configure telemetry properties
telemetryProperties.Add("PackageFileName", packageFileName);
telemetryProperties.Add("PackageFileUri", packageFileUri.ToString());
// Read the main provisioning file from the Blob Storage
CloudStorageAccount csa;
if (!CloudStorageAccount.TryParse(blobConnectionString, out csa))
{
throw new ArgumentException("Cannot create cloud storage account from given connection string.");
}
CloudBlobClient blobClient = csa.CreateCloudBlobClient();
CloudBlobContainer blobContainer = blobClient.GetContainerReference(blobContainerName);
var blockBlob = blobContainer.GetBlockBlobReference(packageFileRelativePath);
// Crate an in-memory copy of the source stream
MemoryStream mem = new MemoryStream();
await blockBlob.DownloadToStreamAsync(mem);
mem.Position = 0;
// Prepare the output hierarchy
ProvisioningHierarchy hierarchy = null;
if (packageFileName.EndsWith(".xml", StringComparison.InvariantCultureIgnoreCase))
{
// That's an XML Provisioning Template file
XDocument xml = XDocument.Load(mem);
mem.Position = 0;
// Deserialize the stream into a provisioning hierarchy reading any
// dependecy with the Azure Blob Storage connector
var formatter = XMLPnPSchemaFormatter.GetSpecificFormatter(xml.Root.Name.NamespaceName);
var templateLocalFolder = $"{blobContainerName}/{packageFileRelativeFolder}";
var provider = new XMLAzureStorageTemplateProvider(
blobConnectionString,
templateLocalFolder);
formatter.Initialize(provider);
// Get the full hierarchy
hierarchy = ((IProvisioningHierarchyFormatter)formatter).ToProvisioningHierarchy(mem);
hierarchy.Connector = provider.Connector;
}
else if (packageFileName.EndsWith(".pnp", StringComparison.InvariantCultureIgnoreCase))
{
// That's a PnP Package file
// Get a provider based on the in-memory .PNP Open XML file
OpenXMLConnector openXmlConnector = new OpenXMLConnector(mem);
XMLTemplateProvider provider = new XMLOpenXMLTemplateProvider(
openXmlConnector);
// Get the .xml provisioning template file name
var xmlTemplateFileName = openXmlConnector.Info?.Properties?.TemplateFileName ??
packageFileName.Substring(packageFileName.LastIndexOf('/') + 1)
.ToLower().Replace(".pnp", ".xml");
// Get the full hierarchy
hierarchy = provider.GetHierarchy(xmlTemplateFileName);
hierarchy.Connector = provider.Connector;
}
#endregion
#region Apply the template
// Prepare variable to collect provisioned sites
var provisionedSites = new List <Tuple <String, String> >();
// If we have a hierarchy with at least one Sequence
if (hierarchy != null) // && hierarchy.Sequences != null && hierarchy.Sequences.Count > 0)
{
Console.WriteLine($"Provisioning hierarchy \"{hierarchy.DisplayName}\"");
var tenantUrl = UrlUtilities.GetTenantAdministrationUrl(context.Url);
// Retrieve the SPO Access Token
var spoAdminAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, tenantUrl,
ConfigurationManager.AppSettings[$"{action.ActionType}:ClientId"],
ConfigurationManager.AppSettings[$"{action.ActionType}:ClientSecret"],
ConfigurationManager.AppSettings[$"{action.ActionType}:AppUrl"]);
log.WriteLine($"Retrieved target SharePoint Online Admin Center Access Token.");
using (var tenantContext = authManager.GetAzureADAccessTokenAuthenticatedContext(tenantUrl, spoAdminAccessToken))
{
using (var pnpTenantContext = PnPClientContext.ConvertFrom(tenantContext))
{
var tenant = new Microsoft.Online.SharePoint.TenantAdministration.Tenant(pnpTenantContext);
// Prepare a dictionary to hold the access tokens
var accessTokens = new Dictionary <String, String>();
// Prepare logging for hierarchy application
var ptai = new ProvisioningTemplateApplyingInformation();
ptai.MessagesDelegate += delegate(string message, ProvisioningMessageType messageType)
{
log.WriteLine($"{messageType} - {message}");
};
ptai.ProgressDelegate += delegate(string message, int step, int total)
{
log.WriteLine($"{step:00}/{total:00} - {message}");
};
ptai.SiteProvisionedDelegate += delegate(string title, string url)
{
log.WriteLine($"Fully provisioned site '{title}' with URL: {url}");
var provisionedSite = new Tuple <string, string>(title, url);
if (!provisionedSites.Contains(provisionedSite))
{
provisionedSites.Add(provisionedSite);
}
};
//#if !DEBUG
// // Set the default delay for sites creations to 5 mins
// ptai.DelayAfterModernSiteCreation = 60 * 5;
//#endif
// Configure the OAuth Access Tokens for the client context
accessTokens.Add(new Uri(tenantUrl).Authority, spoAdminAccessToken);
accessTokens.Add(new Uri(spoTenant).Authority, spoAccessToken);
// Configure the OAuth Access Tokens for the PnPClientContext, too
pnpTenantContext.PropertyBag["AccessTokens"] = accessTokens;
ptai.AccessTokens = accessTokens;
#region Theme handling
// Process the graphical Theme
if (action.ApplyTheme)
{
// If we don't have any custom Theme
if (!action.ApplyCustomTheme)
{
// Associate the selected already existing Theme to all the sites of the hierarchy
foreach (var sc in hierarchy.Sequences[0].SiteCollections)
{
sc.Theme = action.SelectedTheme;
foreach (var s in sc.Sites)
{
UpdateChildrenSitesTheme(s, action.SelectedTheme);
}
}
}
}
#endregion
// Configure provisioning parameters
if (action.PackageProperties != null)
{
foreach (var key in action.PackageProperties.Keys)
{
if (hierarchy.Parameters.ContainsKey(key.ToString()))
{
hierarchy.Parameters[key.ToString()] = action.PackageProperties[key].ToString();
}
else
{
hierarchy.Parameters.Add(key.ToString(), action.PackageProperties[key].ToString());
}
// Configure telemetry properties
telemetryProperties.Add($"PackageProperty.{key}", action.PackageProperties[key].ToString());
}
}
// Log telemetry event
telemetry?.LogEvent("ProvisioningFunction.BeginProvisioning", telemetryProperties);
// Define a PnPProvisioningContext scope to share the security context across calls
using (var pnpProvisioningContext = new PnPProvisioningContext(async(r, s) =>
{
if (accessTokens.ContainsKey(r))
{
// In this scenario we just use the dictionary of access tokens
// in fact the overall operation for sure will take less than 1 hour
return(await Task.FromResult(accessTokens[r]));
}
else
{
// Try to get a fresh new Access Token
var token = await ProvisioningAppManager.AccessTokenProvider.GetAccessTokenAsync(
tokenId, $"https://{r}",
ConfigurationManager.AppSettings[$"{action.ActionType}:ClientId"],
ConfigurationManager.AppSettings[$"{action.ActionType}:ClientSecret"],
ConfigurationManager.AppSettings[$"{action.ActionType}:AppUrl"]);
accessTokens.Add(r, token);
return(token);
}
}))
{
// Configure the webhooks, if any
if (action.Webhooks != null && action.Webhooks.Count > 0)
{
foreach (var t in hierarchy.Templates)
{
foreach (var wh in action.Webhooks)
{
AddProvisioningTemplateWebhook(t, wh, ProvisioningTemplateWebhookKind.ProvisioningTemplateStarted);
AddProvisioningTemplateWebhook(t, wh, ProvisioningTemplateWebhookKind.ObjectHandlerProvisioningStarted);
AddProvisioningTemplateWebhook(t, wh, ProvisioningTemplateWebhookKind.ObjectHandlerProvisioningCompleted);
AddProvisioningTemplateWebhook(t, wh, ProvisioningTemplateWebhookKind.ProvisioningTemplateCompleted);
AddProvisioningTemplateWebhook(t, wh, ProvisioningTemplateWebhookKind.ExceptionOccurred);
}
}
foreach (var wh in action.Webhooks)
{
AddProvisioningWebhook(hierarchy, wh, ProvisioningTemplateWebhookKind.ProvisioningStarted);
AddProvisioningWebhook(hierarchy, wh, ProvisioningTemplateWebhookKind.ProvisioningCompleted);
AddProvisioningWebhook(hierarchy, wh, ProvisioningTemplateWebhookKind.ProvisioningExceptionOccurred);
}
}
// Apply the hierarchy
log.WriteLine($"Hierarchy Provisioning Started: {DateTime.Now:hh.mm.ss}");
tenant.ApplyProvisionHierarchy(hierarchy,
(hierarchy.Sequences != null && hierarchy.Sequences.Count > 0) ?
hierarchy.Sequences[0].ID : null,
ptai);
log.WriteLine($"Hierarchy Provisioning Completed: {DateTime.Now:hh.mm.ss}");
}
if (action.ApplyTheme && action.ApplyCustomTheme)
{
if (!String.IsNullOrEmpty(action.ThemePrimaryColor) &&
!String.IsNullOrEmpty(action.ThemeBodyTextColor) &&
!String.IsNullOrEmpty(action.ThemeBodyBackgroundColor))
{
log.WriteLine($"Applying custom Theme to provisioned sites");
#region Palette generation for Theme
var jsonPalette = ThemeUtility.GetThemeAsJSON(
action.ThemePrimaryColor,
action.ThemeBodyTextColor,
action.ThemeBodyBackgroundColor);
#endregion
// Apply the custom theme to all of the provisioned sites
foreach (var ps in provisionedSites)
{
using (var provisionedSiteContext = authManager.GetAzureADAccessTokenAuthenticatedContext(ps.Item2, spoAccessToken))
{
if (provisionedSiteContext.Web.ApplyTheme(jsonPalette))
{
log.WriteLine($"Custom Theme applied on site '{ps.Item1}' with URL: {ps.Item2}");
}
else
{
log.WriteLine($"Failed to apply custom Theme on site '{ps.Item1}' with URL: {ps.Item2}");
}
}
}
}
}
// Log telemetry event
telemetry?.LogEvent("ProvisioningFunction.EndProvisioning", telemetryProperties);
// Notify user about the provisioning outcome
if (!String.IsNullOrEmpty(action.NotificationEmail))
{
var appOnlyAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAppOnlyAccessTokenAsync(
"https://graph.microsoft.com/",
ConfigurationManager.AppSettings["OfficeDevPnP:TenantId"],
ConfigurationManager.AppSettings["OfficeDevPnP:ClientId"],
ConfigurationManager.AppSettings["OfficeDevPnP:ClientSecret"],
ConfigurationManager.AppSettings["OfficeDevPnP:AppUrl"]);
MailHandler.SendMailNotification(
"ProvisioningCompleted",
action.NotificationEmail,
null,
new
{
TemplateName = action.DisplayName,
ProvisionedSites = provisionedSites,
},
appOnlyAccessToken);
}
// Log reporting event (1 = Success)
LogReporting(action, provisioningEnvironment, startProvisioning, package, 1);
}
}
}
else
{
throw new ApplicationException($"The requested package does not contain a valid PnP Hierarchy!");
}
#endregion
}
else
{
throw new ApplicationException($"Cannot find the package with ID: {action.PackageId}");
}
#endregion
#region Process any children items
// If there are children items
if (action.ChildrenItems != null && action.ChildrenItems.Count > 0)
{
// Prepare any further child provisioning request
action.PackageId = action.ChildrenItems[0].PackageId;
action.PackageProperties = action.ChildrenItems[0].Parameters;
action.ChildrenItems.RemoveAt(0);
// Enqueue any further child provisioning request
await ProvisioningAppManager.EnqueueProvisioningRequest(action);
}
#endregion
log.WriteLine($"Function successfully executed!");
// Log telemetry event
telemetry?.LogEvent("ProvisioningFunction.End", telemetryProperties);
}
}
else
{
var noTokensErrorMessage = $"Cannot retrieve Refresh Token or Access Token for {action.CorrelationId} in tenant {action.TenantId}!";
log.WriteLine(noTokensErrorMessage);
throw new ApplicationException(noTokensErrorMessage);
}
}
catch (Exception ex)
{
// Skip logging exception for Recycled Site
if (ex is RecycledSiteException)
{
// rather log an event
telemetry?.LogEvent("ProvisioningFunction.RecycledSite", telemetryProperties);
// Log reporting event (3 = RecycledSite)
LogReporting(action, provisioningEnvironment, startProvisioning, null, 3, ex.ToDetailedString());
}
// Skip logging exception for Concurrent Provisioning
else if (ex is ConcurrentProvisioningException)
{
// rather log an event
telemetry?.LogEvent("ProvisioningFunction.ConcurrentProvisioning", telemetryProperties);
// Log reporting event (4 = ConcurrentProvisioningException)
LogReporting(action, provisioningEnvironment, startProvisioning, null, 4, ex.ToDetailedString());
}
else
{
// Log telemetry event
telemetry?.LogException(ex, "ProvisioningFunction.RunAsync", telemetryProperties);
// Log reporting event (2 = Failed)
LogReporting(action, provisioningEnvironment, startProvisioning, null, 2, ex.ToDetailedString());
}
if (!String.IsNullOrEmpty(action.NotificationEmail))
{
var appOnlyAccessToken = await ProvisioningAppManager.AccessTokenProvider.GetAppOnlyAccessTokenAsync(
"https://graph.microsoft.com/",
ConfigurationManager.AppSettings["OfficeDevPnP:TenantId"],
ConfigurationManager.AppSettings["OfficeDevPnP:ClientId"],
ConfigurationManager.AppSettings["OfficeDevPnP:ClientSecret"],
ConfigurationManager.AppSettings["OfficeDevPnP:AppUrl"]);
// Notify user about the provisioning outcome
MailHandler.SendMailNotification(
"ProvisioningFailed",
action.NotificationEmail,
null,
new
{
TemplateName = action.DisplayName,
ExceptionDetails = SimplifyException(ex),
PnPCorrelationId = action.CorrelationId.ToString(),
},
appOnlyAccessToken);
}
ProcessWebhooksExceptionNotification(action, ex);
// Track the failure in the local action log
MarkCurrentActionItemAsFailed(action, dbContext);
throw ex;
}
finally
{
// Try to cleanup the pending action item, if any
CleanupCurrentActionItem(action, dbContext);
telemetry?.Flush();
}
}
public override void ValidateCredentials()
{
try
{
var url = string.Format("https://{0}-admin.sharepoint.com", _generatorDefinition.TenantName);
using (ClientContext context = new ClientContext(url))
{
context.Credentials = new SharePointOnlineCredentials(_generatorDefinition.Username, Utils.StringToSecureString(_generatorDefinition.Password));
var officeTenant = new Microsoft.Online.SharePoint.TenantAdministration.Tenant(context);
context.Load(officeTenant);
context.ExecuteQuery();
}
}
catch (Exception ex)
{
Errors.Log(ex);
throw new CredentialValidationException(ex.Message);
}
}