From 91812345db3156b22b64e939c7e6bdfb419efc99 Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Tue, 25 Jan 2022 17:06:03 +0800 Subject: [PATCH 1/9] Add Easy Auth Config related APIs for ContainerApp --- .../2022-01-01-preview/CommonDefinitions.json | 26 + .../2022-01-01-preview/EasyAuthConfigs.json | 706 ++++++++++++++++++ .../examples/AuthConfig_CreateOrUpdate.json | 49 ++ .../examples/AuthConfig_Delete.json | 12 + .../examples/AuthConfigs_Get.json | 33 + .../examples/AuthConfigs_ListByContainer.json | 37 + 6 files changed, 863 insertions(+) create mode 100644 specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json create mode 100644 specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json create mode 100644 specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_Delete.json create mode 100644 specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json create mode 100644 specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/CommonDefinitions.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/CommonDefinitions.json index 920e6fb3bc9d..0f698792c407 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/CommonDefinitions.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/CommonDefinitions.json @@ -16,6 +16,32 @@ ], "paths": {}, "definitions": { + "ProxyOnlyResource": { + "description": "Azure proxy only resource. This resource is not tracked by Azure Resource Manager.", + "type": "object", + "properties": { + "id": { + "description": "Resource Id.", + "type": "string", + "readOnly": true + }, + "name": { + "description": "Resource Name.", + "type": "string", + "readOnly": true + }, + "kind": { + "description": "Kind of resource.", + "type": "string" + }, + "type": { + "description": "Resource type.", + "type": "string", + "readOnly": true + } + }, + "x-ms-azure-resource": true + }, "EnvironmentVar": { "description": "Container App container environment variable.", "type": "object", diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json new file mode 100644 index 000000000000..5e928b572da5 --- /dev/null +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json @@ -0,0 +1,706 @@ +{ + "swagger": "2.0", + "info": { + "version": "2022-01-01-preview", + "title": "ContainerApps API Client" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.App/containerApps/{containerAppName}/authConfigs": { + "get": { + "tags": [ + "ContainerAppsAuthConfigs" + ], + "summary": "Get the Container App AuthConfigs in a given resource group.", + "operationId": "ContainerAppsAuthConfigs_ListByContainerApp", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "name": "containerAppName", + "in": "path", + "description": "Name of the Container App.", + "required": true, + "type": "string" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AuthConfigCollection" + } + }, + "default": { + "description": "Common error response.", + "schema": { + "$ref": "./CommonDefinitions.json#/definitions/DefaultErrorResponse" + } + } + }, + "x-ms-examples": { + "List Auth Configs by Container Apps": { + "$ref": "./examples/AuthConfigs_ListByContainer.json" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.App/containerApps/{containerAppName}/authConfigs/{name}": { + "get": { + "tags": [ + "ContainerAppsAuthConfigs" + ], + "summary": "Get a AuthConfig of a Container App.", + "operationId": "ContainerAppsAuthConfigs_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "name": "containerAppName", + "in": "path", + "description": "Name of the Container App.", + "required": true, + "type": "string" + }, + { + "name": "name", + "in": "path", + "description": "Name of the Container App AuthConfig.", + "required": true, + "type": "string" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AuthConfig" + } + }, + "default": { + "description": "Common error response.", + "schema": { + "$ref": "./CommonDefinitions.json#/definitions/DefaultErrorResponse" + } + } + }, + "x-ms-examples": { + "Get Container App's AuthConfig": { + "$ref": "./examples/AuthConfigs_Get.json" + } + } + }, + "put": { + "tags": [ + "ContainerAppsAuthConfigs" + ], + "summary": "Create or update the AuthConfig for a Container App.", + "description": "Description for Create or update the AuthConfig for a Container App.", + "operationId": "ContainerAppsAuthConfigs_CreateOrUpdate", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "name": "containerAppName", + "in": "path", + "description": "Name of the Container App.", + "required": true, + "type": "string" + }, + { + "name": "name", + "in": "path", + "description": "Name of the Container App AuthConfig.", + "required": true, + "type": "string" + }, + { + "name": "authConfigEnvelope", + "in": "body", + "description": "Properties used to create a Container App AuthConfig", + "required": true, + "schema": { + "$ref": "#/definitions/AuthConfig" + } + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Ok", + "schema": { + "$ref": "#/definitions/AuthConfig" + } + }, + "default": { + "description": "Common error response.", + "schema": { + "$ref": "./CommonDefinitions.json#/definitions/DefaultErrorResponse" + } + } + }, + "x-ms-examples": { + "Create or Update Container App AuthConfig": { + "$ref": "./examples/AuthConfigs_CreateOrUpdate.json" + } + } + }, + "delete": { + "tags": [ + "ContainerAppsAuthConfigs" + ], + "summary": "Delete a Container App AuthConfig.", + "description": "Description for Delete a Container App AuthConfig.", + "operationId": "ContainerAppsAuthConfigs_Delete", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "name": "containerAppName", + "in": "path", + "description": "Name of the Container App.", + "required": true, + "type": "string" + }, + { + "name": "name", + "in": "path", + "description": "Name of the Container App AuthConfig.", + "required": true, + "type": "string" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Container App deleted successfully." + }, + "204": { + "description": "Container App AuthConfig does not exist." + }, + "default": { + "description": "Common error response.", + "schema": { + "$ref": "./CommonDefinitions.json#/definitions/DefaultErrorResponse" + } + } + }, + "x-ms-examples": { + "Delete Container App AuthConfig": { + "$ref": "./examples/AuthConfigs_Delete.json" + } + } + } + } + }, + "definitions": { + "AuthConfig": { + "description": "Configuration settings for the Azure App Service Authentication / Authorization V2 feature.", + "type": "object", + "allOf": [ + { + "$ref": "./CommonDefinitions.json#/definitions/ProxyOnlyResource" + } + ], + "properties": { + "properties": { + "description": "SiteAuthSettingsV2 resource specific properties", + "type": "object", + "properties": { + "enabled": { + "description": "true if the Authentication / Authorization feature is enabled for the current app; otherwise, false.", + "type": "boolean" + }, + "globalValidation": { + "$ref": "#/definitions/GlobalValidation", + "description": "The configuration settings that determines the validation flow of users using App Service Authentication/Authorization." + }, + "identityProviders": { + "$ref": "#/definitions/IdentityProviders", + "description": "The configuration settings of each of the identity providers used to configure App Service Authentication/Authorization." + }, + "login": { + "$ref": "#/definitions/Login", + "description": "The configuration settings of the login flow of users using App Service Authentication/Authorization." + }, + "httpSettings": { + "$ref": "#/definitions/HttpSettings", + "description": "The configuration settings of the HTTP requests for authentication and authorization requests made against App Service Authentication/Authorization." + } + }, + "x-ms-client-flatten": true + } + } + }, + "GlobalValidation": { + "description": "The configuration settings that determines the validation flow of users using App Service Authentication/Authorization.", + "type": "object", + "properties": { + "unauthenticatedClientAction": { + "description": "The action to take when an unauthenticated client attempts to access the app.", + "enum": [ + "RedirectToLoginPage", + "AllowAnonymous", + "Return401", + "Return403" + ], + "type": "string", + "x-ms-enum": { + "name": "UnauthenticatedClientAction", + "modelAsString": true + } + }, + "redirectToProvider": { + "description": "The default authentication provider to use when multiple providers are configured.\nThis setting is only needed if multiple providers are configured and the unauthenticated client\naction is set to \"RedirectToLoginPage\".", + "type": "string" + } + } + }, + "Login": { + "description": "The configuration settings of the login flow of users using App Service Authentication/Authorization.", + "type": "object", + "properties": { + "routes": { + "$ref": "#/definitions/LoginRoutes", + "description": "The routes that specify the endpoints used for login and logout requests." + }, + "preserveUrlFragmentsForLogins": { + "description": "true if the fragments from the request are preserved after the login request is made; otherwise, false.", + "type": "boolean" + }, + "allowedExternalRedirectUrls": { + "description": "External URLs that can be redirected to as part of logging in or logging out of the app. Note that the query string part of the URL is ignored.\nThis is an advanced setting typically only needed by Windows Store application backends.\nNote that URLs within the current domain are always implicitly allowed.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "LoginRoutes": { + "description": "The routes that specify the endpoints used for login and logout requests.", + "type": "object", + "properties": { + "logoutEndpoint": { + "description": "The endpoint at which a logout request should be made.", + "type": "string" + } + } + }, + "HttpSettings": { + "description": "The configuration settings of the HTTP requests for authentication and authorization requests made against App Service Authentication/Authorization.", + "type": "object", + "properties": { + "requireHttps": { + "description": "false if the authentication/authorization responses not having the HTTPS scheme are permissible; otherwise, true.", + "type": "boolean" + }, + "routes": { + "$ref": "#/definitions/HttpSettingsRoutes", + "description": "The configuration settings of the paths HTTP requests." + } + } + }, + "HttpSettingsRoutes": { + "description": "The configuration settings of the paths HTTP requests.", + "type": "object", + "properties": { + "apiPrefix": { + "description": "The prefix that should precede all the authentication/authorization paths.", + "type": "string" + } + } + }, + "IdentityProviders": { + "description": "The configuration settings of each of the identity providers used to configure App Service Authentication/Authorization.", + "type": "object", + "properties": { + "azureActiveDirectory": { + "$ref": "#/definitions/AzureActiveDirectory", + "description": "The configuration settings of the Azure Active directory provider." + }, + "facebook": { + "$ref": "#/definitions/Facebook", + "description": "The configuration settings of the Facebook provider." + }, + "gitHub": { + "$ref": "#/definitions/GitHub", + "description": "The configuration settings of the GitHub provider." + }, + "google": { + "$ref": "#/definitions/Google", + "description": "The configuration settings of the Google provider." + }, + "legacyMicrosoftAccount": { + "$ref": "#/definitions/LegacyMicrosoftAccount", + "description": "The configuration settings of the legacy Microsoft Account provider." + }, + "twitter": { + "$ref": "#/definitions/Twitter", + "description": "The configuration settings of the Twitter provider." + }, + "apple": { + "$ref": "#/definitions/Apple", + "description": "The configuration settings of the Apple provider." + } + } + }, + "AzureActiveDirectory": { + "description": "The configuration settings of the Azure Active directory provider.", + "type": "object", + "properties": { + "enabled": { + "description": "false if the Azure Active Directory provider should not be enabled despite the set registration; otherwise, true.", + "type": "boolean" + }, + "registration": { + "$ref": "#/definitions/AzureActiveDirectoryRegistration", + "description": "The configuration settings of the Azure Active Directory app registration." + }, + "login": { + "$ref": "#/definitions/AzureActiveDirectoryLogin", + "description": "The configuration settings of the Azure Active Directory login flow." + }, + "validation": { + "$ref": "#/definitions/AzureActiveDirectoryValidation", + "description": "The configuration settings of the Azure Active Directory token validation flow." + } + } + }, + "AzureActiveDirectoryRegistration": { + "description": "The configuration settings of the Azure Active Directory app registration.", + "type": "object", + "properties": { + "openIdIssuer": { + "description": "The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.\nWhen using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://login.microsoftonline.com/v2.0/{tenant-guid}/.\nThis URI is a case-sensitive identifier for the token issuer.\nMore information on OpenID Connect Discovery: http://openid.net/specs/openid-connect-discovery-1_0.html", + "type": "string" + }, + "clientId": { + "description": "The Client ID of this relying party application, known as the client_id.\nThis setting is required for enabling OpenID Connection authentication with Azure Active Directory or \nother 3rd party OpenID Connect providers.\nMore information on OpenID Connect: http://openid.net/specs/openid-connect-core-1_0.html", + "type": "string" + }, + "clientSecretRefName": { + "description": "The app secret ref name that contains the client secret of the relying party application.", + "type": "string" + }, + "clientSecretCertificateThumbprint": { + "description": "An alternative to the client secret, that is the thumbprint of a certificate used for signing purposes. This property acts as\na replacement for the Client Secret. It is also optional.", + "type": "string" + }, + "clientSecretCertificateSubjectAlternativeName": { + "description": "An alternative to the client secret thumbprint, that is the subject alternative name of a certificate used for signing purposes. This property acts as\na replacement for the Client Secret Certificate Thumbprint. It is also optional.", + "type": "string" + }, + "clientSecretCertificateIssuer": { + "description": "An alternative to the client secret thumbprint, that is the issuer of a certificate used for signing purposes. This property acts as\na replacement for the Client Secret Certificate Thumbprint. It is also optional.", + "type": "string" + } + } + }, + "AzureActiveDirectoryLogin": { + "description": "The configuration settings of the Azure Active Directory login flow.", + "type": "object", + "properties": { + "loginParameters": { + "description": "Login parameters to send to the OpenID Connect authorization endpoint when\na user logs in. Each parameter must be in the form \"key=value\".", + "type": "array", + "items": { + "type": "string" + } + }, + "disableWWWAuthenticate": { + "description": "true if the www-authenticate provider should be omitted from the request; otherwise, false.", + "type": "boolean" + } + } + }, + "AzureActiveDirectoryValidation": { + "description": "The configuration settings of the Azure Active Directory token validation flow.", + "type": "object", + "properties": { + "allowedAudiences": { + "description": "The list of audiences that can make successful authentication/authorization requests.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "Facebook": { + "description": "The configuration settings of the Facebook provider.", + "type": "object", + "properties": { + "enabled": { + "description": "false if the Facebook provider should not be enabled despite the set registration; otherwise, true.", + "type": "boolean" + }, + "registration": { + "$ref": "#/definitions/AppRegistration", + "description": "The configuration settings of the app registration for the Facebook provider." + }, + "graphApiVersion": { + "description": "The version of the Facebook api to be used while logging in.", + "type": "string" + }, + "login": { + "$ref": "#/definitions/LoginScopes", + "description": "The configuration settings of the login flow." + } + } + }, + "AppRegistration": { + "description": "The configuration settings of the app registration for providers that have app ids and app secrets", + "type": "object", + "properties": { + "appId": { + "description": "The App ID of the app used for login.", + "type": "string" + }, + "appSecretRefName": { + "description": "The app secret ref name that contains the app secret.", + "type": "string" + } + } + }, + "LoginScopes": { + "description": "The configuration settings of the login flow, including the scopes that should be requested.", + "type": "object", + "properties": { + "scopes": { + "description": "A list of the scopes that should be requested while authenticating.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "GitHub": { + "description": "The configuration settings of the GitHub provider.", + "type": "object", + "properties": { + "enabled": { + "description": "false if the GitHub provider should not be enabled despite the set registration; otherwise, true.", + "type": "boolean" + }, + "registration": { + "$ref": "#/definitions/ClientRegistration", + "description": "The configuration settings of the app registration for the GitHub provider." + }, + "login": { + "$ref": "#/definitions/LoginScopes", + "description": "The configuration settings of the login flow." + } + } + }, + "ClientRegistration": { + "description": "The configuration settings of the app registration for providers that have client ids and client secrets", + "type": "object", + "properties": { + "clientId": { + "description": "The Client ID of the app used for login.", + "type": "string" + }, + "clientSecretRefName": { + "description": "The app secret ref name that contains the client secret.", + "type": "string" + } + } + }, + "Google": { + "description": "The configuration settings of the Google provider.", + "type": "object", + "properties": { + "enabled": { + "description": "false if the Google provider should not be enabled despite the set registration; otherwise, true.", + "type": "boolean" + }, + "registration": { + "$ref": "#/definitions/ClientRegistration", + "description": "The configuration settings of the app registration for the Google provider." + }, + "login": { + "$ref": "#/definitions/LoginScopes", + "description": "The configuration settings of the login flow." + }, + "validation": { + "$ref": "#/definitions/AllowedAudiencesValidation", + "description": "The configuration settings of the Azure Active Directory token validation flow." + } + } + }, + "AllowedAudiencesValidation": { + "description": "The configuration settings of the Allowed Audiences validation flow.", + "type": "object", + "properties": { + "allowedAudiences": { + "description": "The configuration settings of the allowed list of audiences from which to validate the JWT token.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "Twitter": { + "description": "The configuration settings of the Twitter provider.", + "type": "object", + "properties": { + "enabled": { + "description": "false if the Twitter provider should not be enabled despite the set registration; otherwise, true.", + "type": "boolean" + }, + "registration": { + "$ref": "#/definitions/TwitterRegistration", + "description": "The configuration settings of the app registration for the Twitter provider." + } + } + }, + "TwitterRegistration": { + "description": "The configuration settings of the app registration for the Twitter provider.", + "type": "object", + "properties": { + "consumerKey": { + "description": "The OAuth 1.0a consumer key of the Twitter application used for sign-in.\nThis setting is required for enabling Twitter Sign-In.\nTwitter Sign-In documentation: https://dev.twitter.com/web/sign-in", + "type": "string" + }, + "consumerSecretRefName": { + "description": "The app secret ref name that contains the OAuth 1.0a consumer secret of the Twitter\napplication used for sign-in.", + "type": "string" + } + } + }, + "LegacyMicrosoftAccount": { + "description": "The configuration settings of the legacy Microsoft Account provider.", + "type": "object", + "properties": { + "enabled": { + "description": "false if the legacy Microsoft Account provider should not be enabled despite the set registration; otherwise, true.", + "type": "boolean" + }, + "registration": { + "$ref": "#/definitions/ClientRegistration", + "description": "The configuration settings of the app registration for the legacy Microsoft Account provider." + }, + "login": { + "$ref": "#/definitions/LoginScopes", + "description": "The configuration settings of the login flow." + }, + "validation": { + "$ref": "#/definitions/AllowedAudiencesValidation", + "description": "The configuration settings of the legacy Microsoft Account provider token validation flow." + } + } + }, + "Apple": { + "description": "The configuration settings of the Apple provider.", + "type": "object", + "properties": { + "enabled": { + "description": "false if the Apple provider should not be enabled despite the set registration; otherwise, true.", + "type": "boolean" + }, + "registration": { + "$ref": "#/definitions/AppleRegistration", + "description": "The configuration settings of the Apple registration." + }, + "login": { + "$ref": "#/definitions/LoginScopes", + "description": "The configuration settings of the login flow." + } + } + }, + "AppleRegistration": { + "description": "The configuration settings of the registration for the Apple provider", + "type": "object", + "properties": { + "clientId": { + "description": "The Client ID of the app used for login.", + "type": "string" + }, + "clientSecretRefName": { + "description": "The app secret ref name that contains the client secret.", + "type": "string" + } + } + }, + "AuthConfigCollection": { + "description": "AuthConfig collection ARM resource.", + "required": [ + "value" + ], + "type": "object", + "properties": { + "value": { + "description": "Collection of resources.", + "type": "array", + "items": { + "$ref": "#/definitions/AuthConfig" + } + }, + "nextLink": { + "description": "Link to next page of resources.", + "type": "string", + "readOnly": true + } + } + } + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "description": "Azure Active Directory OAuth2 Flow", + "flow": "implicit", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ] +} diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json new file mode 100644 index 000000000000..fff5eeb4c2d2 --- /dev/null +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json @@ -0,0 +1,49 @@ +{ + "parameters": { + "subscriptionId": "651f8027-33e8-4ec4-97b4-f6e9f3dc8744", + "resourceGroupName": "workerapps-rg-xj", + "containerAppName": "testcanadacentral", + "name": "current", + "api-version": "2022-01-01-preview", + "authConfigEnvelope": { + "properties": { + "enabled": true, + "globalValidation": { + "unauthenticatedClientAction": "AllowAnonymous" + }, + "identityProviders": { + "facebook": { + "registration": { + "appId": "123", + "appSecretRefName": "facebook-secret" + } + } + } + } + } + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.Web/containerApps/myapp/sourcecontrols/current", + "name": "current", + "type": "Microsoft.Web/containerapps/authconfigs", + "properties": { + "enabled": true, + "globalValidation": { + "unauthenticatedClientAction": "AllowAnonymous" + }, + "identityProviders": { + "facebook": { + "registration": { + "appId": "123", + "appSecretRefName": "facebook-secret" + } + } + } + } + } + } + } +} diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_Delete.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_Delete.json new file mode 100644 index 000000000000..b63e179e961a --- /dev/null +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_Delete.json @@ -0,0 +1,12 @@ +{ + "parameters": { + "subscriptionId": "651f8027-33e8-4ec4-97b4-f6e9f3dc8744", + "resourceGroupName": "workerapps-rg-xj", + "containerAppName": "testcanadacentral", + "name": "current", + "api-version": "2022-01-01-preview" + }, + "responses": { + "200": {} + } +} diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json new file mode 100644 index 000000000000..82dc0d64b9be --- /dev/null +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json @@ -0,0 +1,33 @@ +{ + "parameters": { + "subscriptionId": "651f8027-33e8-4ec4-97b4-f6e9f3dc8744", + "resourceGroupName": "workerapps-rg-xj", + "containerAppName": "testcanadacentral", + "name": "current", + "api-version": "2022-01-01-preview" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.Web/containerApps/testcanadacentral/authconfigs/current", + "name": "current", + "type": "Microsoft.Web/containerapps/authconfigs", + "properties": { + "enabled": true, + "globalValidation": { + "unauthenticatedClientAction": "AllowAnonymous" + }, + "identityProviders": { + "facebook": { + "registration": { + "appId": "123", + "appSecretRefName": "facebook-secret" + } + } + } + } + } + } + } +} \ No newline at end of file diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json new file mode 100644 index 000000000000..db2441baeaf7 --- /dev/null +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "subscriptionId": "651f8027-33e8-4ec4-97b4-f6e9f3dc8744", + "resourceGroupName": "workerapps-rg-xj", + "containerAppName": "testcanadacentral", + "api-version": "2022-01-01-preview" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.Web/containerApps/testcanadacentral/authconfigs/current", + "name": "current", + "type": "Microsoft.Web/containerapps/authconfigs", + "properties": { + "enabled": true, + "globalValidation": { + "unauthenticatedClientAction": "AllowAnonymous" + }, + "identityProviders": { + "facebook": { + "registration": { + "appId": "123", + "appSecretRefName": "facebook-secret" + } + } + } + } + } + ], + "nextLink": null + } + } + } +} \ No newline at end of file From bcb08809b8bbfb6d22b96dc6cc8bfb3fc3195f8e Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Tue, 25 Jan 2022 17:33:20 +0800 Subject: [PATCH 2/9] Use common type ProxyResource --- .../2022-01-01-preview/CommonDefinitions.json | 26 ------------------- .../2022-01-01-preview/EasyAuthConfigs.json | 2 +- .../examples/AuthConfig_CreateOrUpdate.json | 2 +- 3 files changed, 2 insertions(+), 28 deletions(-) diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/CommonDefinitions.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/CommonDefinitions.json index 0f698792c407..920e6fb3bc9d 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/CommonDefinitions.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/CommonDefinitions.json @@ -16,32 +16,6 @@ ], "paths": {}, "definitions": { - "ProxyOnlyResource": { - "description": "Azure proxy only resource. This resource is not tracked by Azure Resource Manager.", - "type": "object", - "properties": { - "id": { - "description": "Resource Id.", - "type": "string", - "readOnly": true - }, - "name": { - "description": "Resource Name.", - "type": "string", - "readOnly": true - }, - "kind": { - "description": "Kind of resource.", - "type": "string" - }, - "type": { - "description": "Resource type.", - "type": "string", - "readOnly": true - } - }, - "x-ms-azure-resource": true - }, "EnvironmentVar": { "description": "Container App container environment variable.", "type": "object", diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json index 5e928b572da5..49fee68db3df 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json @@ -237,7 +237,7 @@ "type": "object", "allOf": [ { - "$ref": "./CommonDefinitions.json#/definitions/ProxyOnlyResource" + "$ref": "../../../../../common-types/resource-management/v3/types.json#/definitions/ProxyResource" } ], "properties": { diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json index fff5eeb4c2d2..d98a22d3cee6 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json @@ -26,7 +26,7 @@ "200": { "headers": {}, "body": { - "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.Web/containerApps/myapp/sourcecontrols/current", + "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.Web/containerApps/myapp/authconfigs/current", "name": "current", "type": "Microsoft.Web/containerapps/authconfigs", "properties": { From 59031e4b859ed3f61a51e7a10e312a3f180ad96f Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Tue, 25 Jan 2022 17:38:38 +0800 Subject: [PATCH 3/9] Update description --- .../2022-01-01-preview/EasyAuthConfigs.json | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json index 49fee68db3df..b0402c5efd36 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json @@ -233,7 +233,7 @@ }, "definitions": { "AuthConfig": { - "description": "Configuration settings for the Azure App Service Authentication / Authorization V2 feature.", + "description": "Configuration settings for the Azure ContainerApp Authentication / Authorization V2 feature.", "type": "object", "allOf": [ { @@ -251,19 +251,19 @@ }, "globalValidation": { "$ref": "#/definitions/GlobalValidation", - "description": "The configuration settings that determines the validation flow of users using App Service Authentication/Authorization." + "description": "The configuration settings that determines the validation flow of users using ContainerApp Authentication/Authorization." }, "identityProviders": { "$ref": "#/definitions/IdentityProviders", - "description": "The configuration settings of each of the identity providers used to configure App Service Authentication/Authorization." + "description": "The configuration settings of each of the identity providers used to configure ContainerApp Authentication/Authorization." }, "login": { "$ref": "#/definitions/Login", - "description": "The configuration settings of the login flow of users using App Service Authentication/Authorization." + "description": "The configuration settings of the login flow of users using ContainerApp Authentication/Authorization." }, "httpSettings": { "$ref": "#/definitions/HttpSettings", - "description": "The configuration settings of the HTTP requests for authentication and authorization requests made against App Service Authentication/Authorization." + "description": "The configuration settings of the HTTP requests for authentication and authorization requests made against ContainerApp Authentication/Authorization." } }, "x-ms-client-flatten": true @@ -271,7 +271,7 @@ } }, "GlobalValidation": { - "description": "The configuration settings that determines the validation flow of users using App Service Authentication/Authorization.", + "description": "The configuration settings that determines the validation flow of users using ContainerApp Authentication/Authorization.", "type": "object", "properties": { "unauthenticatedClientAction": { @@ -295,7 +295,7 @@ } }, "Login": { - "description": "The configuration settings of the login flow of users using App Service Authentication/Authorization.", + "description": "The configuration settings of the login flow of users using ContainerApp Authentication/Authorization.", "type": "object", "properties": { "routes": { @@ -326,7 +326,7 @@ } }, "HttpSettings": { - "description": "The configuration settings of the HTTP requests for authentication and authorization requests made against App Service Authentication/Authorization.", + "description": "The configuration settings of the HTTP requests for authentication and authorization requests made against ContainerApp Authentication/Authorization.", "type": "object", "properties": { "requireHttps": { @@ -350,7 +350,7 @@ } }, "IdentityProviders": { - "description": "The configuration settings of each of the identity providers used to configure App Service Authentication/Authorization.", + "description": "The configuration settings of each of the identity providers used to configure ContainerApp Authentication/Authorization.", "type": "object", "properties": { "azureActiveDirectory": { From 77ac04d92093e8fb9b97aeb6a7b7be1287965a46 Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Tue, 25 Jan 2022 19:34:16 +0800 Subject: [PATCH 4/9] update per validation --- ...nfig_CreateOrUpdate.json => AuthConfigs_CreateOrUpdate.json} | 0 .../{AuthConfig_Delete.json => AuthConfigs_Delete.json} | 0 .../preview/2022-01-01-preview/examples/AuthConfigs_Get.json | 2 +- .../examples/AuthConfigs_ListByContainer.json | 2 +- specification/app/resource-manager/readme.md | 1 + 5 files changed, 3 insertions(+), 2 deletions(-) rename specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/{AuthConfig_CreateOrUpdate.json => AuthConfigs_CreateOrUpdate.json} (100%) rename specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/{AuthConfig_Delete.json => AuthConfigs_Delete.json} (100%) diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json similarity index 100% rename from specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_CreateOrUpdate.json rename to specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_Delete.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Delete.json similarity index 100% rename from specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfig_Delete.json rename to specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Delete.json diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json index 82dc0d64b9be..e4609bc14e25 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json @@ -30,4 +30,4 @@ } } } -} \ No newline at end of file +} diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json index db2441baeaf7..800190804fca 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json @@ -34,4 +34,4 @@ } } } -} \ No newline at end of file +} diff --git a/specification/app/resource-manager/readme.md b/specification/app/resource-manager/readme.md index f04ff08b1950..ab69c1b2db4f 100644 --- a/specification/app/resource-manager/readme.md +++ b/specification/app/resource-manager/readme.md @@ -41,6 +41,7 @@ input-file: - Microsoft.App/preview/2022-01-01-preview/ManagedEnvironments.json - Microsoft.App/preview/2022-01-01-preview/Global.json - Microsoft.App/preview/2022-01-01-preview/SourceControls.json + - Microsoft.App/preview/2022-01-01-preview/AuthConfigs.json directive: - suppress: R4009 from: ContainerAppsRevisions.json From 81f9061940b569862314c38f9d8afcd537850a50 Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Tue, 25 Jan 2022 19:37:46 +0800 Subject: [PATCH 5/9] typo fix --- specification/app/resource-manager/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/app/resource-manager/readme.md b/specification/app/resource-manager/readme.md index ab69c1b2db4f..fc2e8ec8da56 100644 --- a/specification/app/resource-manager/readme.md +++ b/specification/app/resource-manager/readme.md @@ -41,7 +41,7 @@ input-file: - Microsoft.App/preview/2022-01-01-preview/ManagedEnvironments.json - Microsoft.App/preview/2022-01-01-preview/Global.json - Microsoft.App/preview/2022-01-01-preview/SourceControls.json - - Microsoft.App/preview/2022-01-01-preview/AuthConfigs.json + - Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json directive: - suppress: R4009 from: ContainerAppsRevisions.json From 30d59a8dca86704f5086bcc97127ae3f89a39431 Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Tue, 25 Jan 2022 20:54:47 +0800 Subject: [PATCH 6/9] fix validation error --- .../preview/2022-01-01-preview/EasyAuthConfigs.json | 2 +- .../2022-01-01-preview/examples/AuthConfigs_Delete.json | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json index b0402c5efd36..12fc8fface53 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json @@ -446,7 +446,7 @@ "type": "string" } }, - "disableWWWAuthenticate": { + "disableWwwAuthenticate": { "description": "true if the www-authenticate provider should be omitted from the request; otherwise, false.", "type": "boolean" } diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Delete.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Delete.json index b63e179e961a..0e5bef780ac5 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Delete.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Delete.json @@ -7,6 +7,7 @@ "api-version": "2022-01-01-preview" }, "responses": { - "200": {} + "200": {}, + "204": {} } } From e0ef769bca84923dbea8f9d2df28c17a60735a1e Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Fri, 28 Jan 2022 10:26:36 +0800 Subject: [PATCH 7/9] Update sample and description --- .../preview/2022-01-01-preview/EasyAuthConfigs.json | 4 ++-- .../examples/AuthConfigs_CreateOrUpdate.json | 4 ++-- .../preview/2022-01-01-preview/examples/AuthConfigs_Get.json | 4 ++-- .../examples/AuthConfigs_ListByContainer.json | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json index 12fc8fface53..2076da52c178 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json @@ -233,7 +233,7 @@ }, "definitions": { "AuthConfig": { - "description": "Configuration settings for the Azure ContainerApp Authentication / Authorization V2 feature.", + "description": "Configuration settings for the Azure ContainerApp Authentication / Authorization feature.", "type": "object", "allOf": [ { @@ -242,7 +242,7 @@ ], "properties": { "properties": { - "description": "SiteAuthSettingsV2 resource specific properties", + "description": "Easy Auth configuration resource specific properties", "type": "object", "properties": { "enabled": { diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json index d98a22d3cee6..e6096bc64385 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json @@ -26,9 +26,9 @@ "200": { "headers": {}, "body": { - "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.Web/containerApps/myapp/authconfigs/current", + "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.App/containerApps/myapp/authconfigs/current", "name": "current", - "type": "Microsoft.Web/containerapps/authconfigs", + "type": "Microsoft.App/containerapps/authconfigs", "properties": { "enabled": true, "globalValidation": { diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json index e4609bc14e25..801fc7ac83a3 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json @@ -10,9 +10,9 @@ "200": { "headers": {}, "body": { - "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.Web/containerApps/testcanadacentral/authconfigs/current", + "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.App/containerApps/testcanadacentral/authconfigs/current", "name": "current", - "type": "Microsoft.Web/containerapps/authconfigs", + "type": "Microsoft.App/containerapps/authconfigs", "properties": { "enabled": true, "globalValidation": { diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json index 800190804fca..4aa49f1f430f 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json @@ -11,9 +11,9 @@ "body": { "value": [ { - "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.Web/containerApps/testcanadacentral/authconfigs/current", + "id": "/subscriptions/651f8027-33e8-4ec4-97b4-f6e9f3dc8744/resourceGroups/workerapps-rg-xj/providers/Microsoft.App/containerApps/testcanadacentral/authconfigs/current", "name": "current", - "type": "Microsoft.Web/containerapps/authconfigs", + "type": "Microsoft.App/containerapps/authconfigs", "properties": { "enabled": true, "globalValidation": { From 9d1f37bc0ce08104d5c2b01915ae68f986c983b3 Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Sun, 30 Jan 2022 21:33:16 +0800 Subject: [PATCH 8/9] Update because ARM prefer string than boolean --- .../2022-01-01-preview/EasyAuthConfigs.json | 116 ++++++++++++------ .../examples/AuthConfigs_CreateOrUpdate.json | 4 +- .../examples/AuthConfigs_Get.json | 2 +- .../examples/AuthConfigs_ListByContainer.json | 2 +- 4 files changed, 84 insertions(+), 40 deletions(-) diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json index 2076da52c178..c81d2a3f17d9 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json @@ -245,9 +245,17 @@ "description": "Easy Auth configuration resource specific properties", "type": "object", "properties": { - "enabled": { - "description": "true if the Authentication / Authorization feature is enabled for the current app; otherwise, false.", - "type": "boolean" + "state": { + "description": "Enabled if the Authentication / Authorization feature is enabled for the current app; otherwise, Disabled.", + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "x-ms-enum": { + "name": "EasyAuthState", + "modelAsString": true + } }, "globalValidation": { "$ref": "#/definitions/GlobalValidation", @@ -298,13 +306,21 @@ "description": "The configuration settings of the login flow of users using ContainerApp Authentication/Authorization.", "type": "object", "properties": { - "routes": { - "$ref": "#/definitions/LoginRoutes", - "description": "The routes that specify the endpoints used for login and logout requests." + "route": { + "$ref": "#/definitions/LoginRoute", + "description": "The route that specify the endpoint used for login and logout requests." }, "preserveUrlFragmentsForLogins": { - "description": "true if the fragments from the request are preserved after the login request is made; otherwise, false.", - "type": "boolean" + "description": "True if the fragments from the request are preserved after the login request is made; otherwise, False.", + "type": "string", + "enum": [ + "True", + "False" + ], + "x-ms-enum": { + "name": "PreserveUrlFragmentsForLoginsMode", + "modelAsString": true + } }, "allowedExternalRedirectUrls": { "description": "External URLs that can be redirected to as part of logging in or logging out of the app. Note that the query string part of the URL is ignored.\nThis is an advanced setting typically only needed by Windows Store application backends.\nNote that URLs within the current domain are always implicitly allowed.", @@ -315,8 +331,8 @@ } } }, - "LoginRoutes": { - "description": "The routes that specify the endpoints used for login and logout requests.", + "LoginRoute": { + "description": "The route that specify the endpoint used for login and logout requests.", "type": "object", "properties": { "logoutEndpoint": { @@ -331,15 +347,23 @@ "properties": { "requireHttps": { "description": "false if the authentication/authorization responses not having the HTTPS scheme are permissible; otherwise, true.", - "type": "boolean" + "type": "string", + "enum": [ + "True", + "False" + ], + "x-ms-enum": { + "name": "RequireHttpsMode", + "modelAsString": true + } }, - "routes": { - "$ref": "#/definitions/HttpSettingsRoutes", + "route": { + "$ref": "#/definitions/HttpSettingsRoute", "description": "The configuration settings of the paths HTTP requests." } } }, - "HttpSettingsRoutes": { + "HttpSettingsRoute": { "description": "The configuration settings of the paths HTTP requests.", "type": "object", "properties": { @@ -387,9 +411,9 @@ "description": "The configuration settings of the Azure Active directory provider.", "type": "object", "properties": { - "enabled": { - "description": "false if the Azure Active Directory provider should not be enabled despite the set registration; otherwise, true.", - "type": "boolean" + "state": { + "$ref": "#/definitions/IdentityProviderState", + "description": "Disabled if the Azure Active Directory provider should not be enabled despite the set registration; otherwise, Enabled." }, "registration": { "$ref": "#/definitions/AzureActiveDirectoryRegistration", @@ -448,7 +472,15 @@ }, "disableWwwAuthenticate": { "description": "true if the www-authenticate provider should be omitted from the request; otherwise, false.", - "type": "boolean" + "type": "string", + "enum": [ + "True", + "False" + ], + "x-ms-enum": { + "name": "DisableWwwAuthenticateMode", + "modelAsString": true + } } } }, @@ -469,9 +501,9 @@ "description": "The configuration settings of the Facebook provider.", "type": "object", "properties": { - "enabled": { - "description": "false if the Facebook provider should not be enabled despite the set registration; otherwise, true.", - "type": "boolean" + "state": { + "$ref": "#/definitions/IdentityProviderState", + "description": "Disabled if the Facebook provider should not be enabled despite the set registration; otherwise, Enabled." }, "registration": { "$ref": "#/definitions/AppRegistration", @@ -518,9 +550,9 @@ "description": "The configuration settings of the GitHub provider.", "type": "object", "properties": { - "enabled": { - "description": "false if the GitHub provider should not be enabled despite the set registration; otherwise, true.", - "type": "boolean" + "state": { + "$ref": "#/definitions/IdentityProviderState", + "description": "Disabled if the GitHub provider should not be enabled despite the set registration; otherwise, Enabled." }, "registration": { "$ref": "#/definitions/ClientRegistration", @@ -550,9 +582,9 @@ "description": "The configuration settings of the Google provider.", "type": "object", "properties": { - "enabled": { - "description": "false if the Google provider should not be enabled despite the set registration; otherwise, true.", - "type": "boolean" + "state": { + "$ref": "#/definitions/IdentityProviderState", + "description": "Disabled if the Google provider should not be enabled despite the set registration; otherwise, Enabled." }, "registration": { "$ref": "#/definitions/ClientRegistration", @@ -585,9 +617,9 @@ "description": "The configuration settings of the Twitter provider.", "type": "object", "properties": { - "enabled": { - "description": "false if the Twitter provider should not be enabled despite the set registration; otherwise, true.", - "type": "boolean" + "state": { + "$ref": "#/definitions/IdentityProviderState", + "description": "Disabled if the Twitter provider should not be enabled despite the set registration; otherwise, Enabled." }, "registration": { "$ref": "#/definitions/TwitterRegistration", @@ -613,9 +645,9 @@ "description": "The configuration settings of the legacy Microsoft Account provider.", "type": "object", "properties": { - "enabled": { - "description": "false if the legacy Microsoft Account provider should not be enabled despite the set registration; otherwise, true.", - "type": "boolean" + "state": { + "$ref": "#/definitions/IdentityProviderState", + "description": "Disabled if the legacy Microsoft Account provider should not be enabled despite the set registration; otherwise, Enabled." }, "registration": { "$ref": "#/definitions/ClientRegistration", @@ -635,9 +667,9 @@ "description": "The configuration settings of the Apple provider.", "type": "object", "properties": { - "enabled": { - "description": "false if the Apple provider should not be enabled despite the set registration; otherwise, true.", - "type": "boolean" + "state": { + "$ref": "#/definitions/IdentityProviderState", + "description": "Disabled if the Apple provider should not be enabled despite the set registration; otherwise, Enabled." }, "registration": { "$ref": "#/definitions/AppleRegistration", @@ -683,6 +715,18 @@ "readOnly": true } } + }, + "IdentityProviderState": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "x-ms-enum": { + "name": "IdentityProviderState", + "modelAsString": true + }, + "description": "Indicate whether identity provider is enabled or disabled." } }, "securityDefinitions": { diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json index e6096bc64385..c3494afcb179 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_CreateOrUpdate.json @@ -7,7 +7,7 @@ "api-version": "2022-01-01-preview", "authConfigEnvelope": { "properties": { - "enabled": true, + "state": "Enabled", "globalValidation": { "unauthenticatedClientAction": "AllowAnonymous" }, @@ -30,7 +30,7 @@ "name": "current", "type": "Microsoft.App/containerapps/authconfigs", "properties": { - "enabled": true, + "state": "Enabled", "globalValidation": { "unauthenticatedClientAction": "AllowAnonymous" }, diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json index 801fc7ac83a3..60c9bfef3126 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_Get.json @@ -14,7 +14,7 @@ "name": "current", "type": "Microsoft.App/containerapps/authconfigs", "properties": { - "enabled": true, + "state": "Enabled", "globalValidation": { "unauthenticatedClientAction": "AllowAnonymous" }, diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json index 4aa49f1f430f..f584baf3b6fc 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/examples/AuthConfigs_ListByContainer.json @@ -15,7 +15,7 @@ "name": "current", "type": "Microsoft.App/containerapps/authconfigs", "properties": { - "enabled": true, + "state": "Enabled", "globalValidation": { "unauthenticatedClientAction": "AllowAnonymous" }, From 3367efec61ec2def25d137e9cd8daa61be2e0c3f Mon Sep 17 00:00:00 2001 From: Erich Wang Date: Tue, 8 Feb 2022 13:47:43 +0800 Subject: [PATCH 9/9] Add static web identity provider --- .../2022-01-01-preview/EasyAuthConfigs.json | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json index c81d2a3f17d9..fbb6513ebf39 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2022-01-01-preview/EasyAuthConfigs.json @@ -404,6 +404,10 @@ "apple": { "$ref": "#/definitions/Apple", "description": "The configuration settings of the Apple provider." + }, + "azureStaticWebApp": { + "$ref": "#/definitions/AzureStaticWebApp", + "description": "The configuration settings of the Azure Static Web Apps provider." } } }, @@ -681,6 +685,30 @@ } } }, + "AzureStaticWebApp": { + "description": "The configuration settings of the Azure Static Web Apps provider.", + "type": "object", + "properties": { + "state": { + "$ref": "#/definitions/IdentityProviderState", + "description": "Disabled if the Azure Static Web Apps provider should not be enabled despite the set registration; otherwise, Enabled." + }, + "registration": { + "$ref": "#/definitions/AzureStaticWebAppRegistration", + "description": "The configuration settings of the Azure Static Web Apps registration." + } + } + }, + "AzureStaticWebAppRegistration": { + "description": "The configuration settings of the registration for the Azure Static Web Apps provider", + "type": "object", + "properties": { + "clientId": { + "description": "The Client ID of the app used for login.", + "type": "string" + } + } + }, "AppleRegistration": { "description": "The configuration settings of the registration for the Apple provider", "type": "object",