diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/__init__.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/__init__.py index 357f62409cd9..53de8d77a4e8 100644 --- a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/__init__.py +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/__init__.py @@ -9,10 +9,11 @@ # regenerated. # -------------------------------------------------------------------------- -from .graph_rbac_management_client import GraphRbacManagementClient -from .version import VERSION +from ._configuration import GraphRbacManagementClientConfiguration +from ._graph_rbac_management_client import GraphRbacManagementClient +__all__ = ['GraphRbacManagementClient', 'GraphRbacManagementClientConfiguration'] -__all__ = ['GraphRbacManagementClient'] +from .version import VERSION __version__ = VERSION diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/_configuration.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/_configuration.py new file mode 100644 index 000000000000..6da188c3674e --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/_configuration.py @@ -0,0 +1,48 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- +from msrestazure import AzureConfiguration + +from .version import VERSION + + +class GraphRbacManagementClientConfiguration(AzureConfiguration): + """Configuration for GraphRbacManagementClient + Note that all parameters used to create this instance are saved as instance + attributes. + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + :param tenant_id: The tenant ID. + :type tenant_id: str + :param str base_url: Service URL + """ + + def __init__( + self, credentials, tenant_id, base_url=None): + + if credentials is None: + raise ValueError("Parameter 'credentials' must not be None.") + if tenant_id is None: + raise ValueError("Parameter 'tenant_id' must not be None.") + if not base_url: + base_url = 'https://graph.windows.net' + + super(GraphRbacManagementClientConfiguration, self).__init__(base_url) + + # Starting Autorest.Python 4.0.64, make connection pool activated by default + self.keep_alive = True + + self.add_user_agent('azure-graphrbac/{}'.format(VERSION)) + self.add_user_agent('Azure-SDK-For-Python') + + self.credentials = credentials + self.tenant_id = tenant_id diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/_graph_rbac_management_client.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/_graph_rbac_management_client.py new file mode 100644 index 000000000000..2e8db48ef790 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/_graph_rbac_management_client.py @@ -0,0 +1,89 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.service_client import SDKClient +from msrest import Serializer, Deserializer + +from ._configuration import GraphRbacManagementClientConfiguration +from .operations import SignedInUserOperations +from .operations import ApplicationsOperations +from .operations import DeletedApplicationsOperations +from .operations import GroupsOperations +from .operations import ServicePrincipalsOperations +from .operations import UsersOperations +from .operations import ObjectsOperations +from .operations import DomainsOperations +from .operations import OAuth2PermissionGrantOperations +from . import models + + +class GraphRbacManagementClient(SDKClient): + """The Graph RBAC Management Client + + :ivar config: Configuration for client. + :vartype config: GraphRbacManagementClientConfiguration + + :ivar signed_in_user: SignedInUser operations + :vartype signed_in_user: azure.graphrbac.operations.SignedInUserOperations + :ivar applications: Applications operations + :vartype applications: azure.graphrbac.operations.ApplicationsOperations + :ivar deleted_applications: DeletedApplications operations + :vartype deleted_applications: azure.graphrbac.operations.DeletedApplicationsOperations + :ivar groups: Groups operations + :vartype groups: azure.graphrbac.operations.GroupsOperations + :ivar service_principals: ServicePrincipals operations + :vartype service_principals: azure.graphrbac.operations.ServicePrincipalsOperations + :ivar users: Users operations + :vartype users: azure.graphrbac.operations.UsersOperations + :ivar objects: Objects operations + :vartype objects: azure.graphrbac.operations.ObjectsOperations + :ivar domains: Domains operations + :vartype domains: azure.graphrbac.operations.DomainsOperations + :ivar oauth2_permission_grant: OAuth2PermissionGrant operations + :vartype oauth2_permission_grant: azure.graphrbac.operations.OAuth2PermissionGrantOperations + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + :param tenant_id: The tenant ID. + :type tenant_id: str + :param str base_url: Service URL + """ + + def __init__( + self, credentials, tenant_id, base_url=None): + + self.config = GraphRbacManagementClientConfiguration(credentials, tenant_id, base_url) + super(GraphRbacManagementClient, self).__init__(self.config.credentials, self.config) + + client_models = {k: v for k, v in models.__dict__.items() if isinstance(v, type)} + self.api_version = '1.6' + self._serialize = Serializer(client_models) + self._deserialize = Deserializer(client_models) + + self.signed_in_user = SignedInUserOperations( + self._client, self.config, self._serialize, self._deserialize) + self.applications = ApplicationsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.deleted_applications = DeletedApplicationsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.groups = GroupsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.service_principals = ServicePrincipalsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.users = UsersOperations( + self._client, self.config, self._serialize, self._deserialize) + self.objects = ObjectsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.domains = DomainsOperations( + self._client, self.config, self._serialize, self._deserialize) + self.oauth2_permission_grant = OAuth2PermissionGrantOperations( + self._client, self.config, self._serialize, self._deserialize) diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/__init__.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/__init__.py index c179999edbc9..1f91cb83f0e6 100644 --- a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/__init__.py +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/__init__.py @@ -10,149 +10,154 @@ # -------------------------------------------------------------------------- try: - from .informational_url_py3 import InformationalUrl - from .oauth2_permission_py3 import OAuth2Permission - from .optional_claim_py3 import OptionalClaim - from .optional_claims_py3 import OptionalClaims - from .pre_authorized_application_permission_py3 import PreAuthorizedApplicationPermission - from .pre_authorized_application_extension_py3 import PreAuthorizedApplicationExtension - from .pre_authorized_application_py3 import PreAuthorizedApplication - from .graph_error_py3 import GraphError, GraphErrorException - from .directory_object_py3 import DirectoryObject - from .key_credential_py3 import KeyCredential - from .password_credential_py3 import PasswordCredential - from .resource_access_py3 import ResourceAccess - from .required_resource_access_py3 import RequiredResourceAccess - from .app_role_py3 import AppRole - from .application_base_py3 import ApplicationBase - from .application_create_parameters_py3 import ApplicationCreateParameters - from .application_update_parameters_py3 import ApplicationUpdateParameters - from .application_py3 import Application - from .service_principal_object_result_py3 import ServicePrincipalObjectResult - from .add_owner_parameters_py3 import AddOwnerParameters - from .key_credentials_update_parameters_py3 import KeyCredentialsUpdateParameters - from .password_credentials_update_parameters_py3 import PasswordCredentialsUpdateParameters - from .group_add_member_parameters_py3 import GroupAddMemberParameters - from .group_create_parameters_py3 import GroupCreateParameters - from .ad_group_py3 import ADGroup - from .group_get_member_groups_parameters_py3 import GroupGetMemberGroupsParameters - from .check_group_membership_parameters_py3 import CheckGroupMembershipParameters - from .check_group_membership_result_py3 import CheckGroupMembershipResult - from .service_principal_base_py3 import ServicePrincipalBase - from .service_principal_create_parameters_py3 import ServicePrincipalCreateParameters - from .service_principal_update_parameters_py3 import ServicePrincipalUpdateParameters - from .service_principal_py3 import ServicePrincipal - from .password_profile_py3 import PasswordProfile - from .user_base_py3 import UserBase - from .user_create_parameters_py3 import UserCreateParameters - from .user_update_parameters_py3 import UserUpdateParameters - from .sign_in_name_py3 import SignInName - from .user_py3 import User - from .user_get_member_groups_parameters_py3 import UserGetMemberGroupsParameters - from .get_objects_parameters_py3 import GetObjectsParameters - from .domain_py3 import Domain - from .oauth2_permission_grant_py3 import OAuth2PermissionGrant + from ._models_py3 import AddOwnerParameters + from ._models_py3 import ADGroup + from ._models_py3 import Application + from ._models_py3 import ApplicationBase + from ._models_py3 import ApplicationCreateParameters + from ._models_py3 import ApplicationUpdateParameters + from ._models_py3 import AppRole + from ._models_py3 import AppRoleAssignment + from ._models_py3 import CheckGroupMembershipParameters + from ._models_py3 import CheckGroupMembershipResult + from ._models_py3 import DirectoryObject + from ._models_py3 import Domain + from ._models_py3 import GetObjectsParameters + from ._models_py3 import GraphError, GraphErrorException + from ._models_py3 import GroupAddMemberParameters + from ._models_py3 import GroupCreateParameters + from ._models_py3 import GroupGetMemberGroupsParameters + from ._models_py3 import InformationalUrl + from ._models_py3 import KeyCredential + from ._models_py3 import KeyCredentialsUpdateParameters + from ._models_py3 import OAuth2Permission + from ._models_py3 import OAuth2PermissionGrant + from ._models_py3 import OptionalClaim + from ._models_py3 import OptionalClaims + from ._models_py3 import PasswordCredential + from ._models_py3 import PasswordCredentialsUpdateParameters + from ._models_py3 import PasswordProfile + from ._models_py3 import PreAuthorizedApplication + from ._models_py3 import PreAuthorizedApplicationExtension + from ._models_py3 import PreAuthorizedApplicationPermission + from ._models_py3 import RequiredResourceAccess + from ._models_py3 import ResourceAccess + from ._models_py3 import ServicePrincipal + from ._models_py3 import ServicePrincipalBase + from ._models_py3 import ServicePrincipalCreateParameters + from ._models_py3 import ServicePrincipalObjectResult + from ._models_py3 import ServicePrincipalUpdateParameters + from ._models_py3 import SignInName + from ._models_py3 import User + from ._models_py3 import UserBase + from ._models_py3 import UserCreateParameters + from ._models_py3 import UserGetMemberGroupsParameters + from ._models_py3 import UserUpdateParameters except (SyntaxError, ImportError): - from .informational_url import InformationalUrl - from .oauth2_permission import OAuth2Permission - from .optional_claim import OptionalClaim - from .optional_claims import OptionalClaims - from .pre_authorized_application_permission import PreAuthorizedApplicationPermission - from .pre_authorized_application_extension import PreAuthorizedApplicationExtension - from .pre_authorized_application import PreAuthorizedApplication - from .graph_error import GraphError, GraphErrorException - from .directory_object import DirectoryObject - from .key_credential import KeyCredential - from .password_credential import PasswordCredential - from .resource_access import ResourceAccess - from .required_resource_access import RequiredResourceAccess - from .app_role import AppRole - from .application_base import ApplicationBase - from .application_create_parameters import ApplicationCreateParameters - from .application_update_parameters import ApplicationUpdateParameters - from .application import Application - from .service_principal_object_result import ServicePrincipalObjectResult - from .add_owner_parameters import AddOwnerParameters - from .key_credentials_update_parameters import KeyCredentialsUpdateParameters - from .password_credentials_update_parameters import PasswordCredentialsUpdateParameters - from .group_add_member_parameters import GroupAddMemberParameters - from .group_create_parameters import GroupCreateParameters - from .ad_group import ADGroup - from .group_get_member_groups_parameters import GroupGetMemberGroupsParameters - from .check_group_membership_parameters import CheckGroupMembershipParameters - from .check_group_membership_result import CheckGroupMembershipResult - from .service_principal_base import ServicePrincipalBase - from .service_principal_create_parameters import ServicePrincipalCreateParameters - from .service_principal_update_parameters import ServicePrincipalUpdateParameters - from .service_principal import ServicePrincipal - from .password_profile import PasswordProfile - from .user_base import UserBase - from .user_create_parameters import UserCreateParameters - from .user_update_parameters import UserUpdateParameters - from .sign_in_name import SignInName - from .user import User - from .user_get_member_groups_parameters import UserGetMemberGroupsParameters - from .get_objects_parameters import GetObjectsParameters - from .domain import Domain - from .oauth2_permission_grant import OAuth2PermissionGrant -from .directory_object_paged import DirectoryObjectPaged -from .application_paged import ApplicationPaged -from .key_credential_paged import KeyCredentialPaged -from .password_credential_paged import PasswordCredentialPaged -from .ad_group_paged import ADGroupPaged -from .str_paged import StrPaged -from .service_principal_paged import ServicePrincipalPaged -from .user_paged import UserPaged -from .domain_paged import DomainPaged -from .oauth2_permission_grant_paged import OAuth2PermissionGrantPaged -from .graph_rbac_management_client_enums import ( + from ._models import AddOwnerParameters + from ._models import ADGroup + from ._models import Application + from ._models import ApplicationBase + from ._models import ApplicationCreateParameters + from ._models import ApplicationUpdateParameters + from ._models import AppRole + from ._models import AppRoleAssignment + from ._models import CheckGroupMembershipParameters + from ._models import CheckGroupMembershipResult + from ._models import DirectoryObject + from ._models import Domain + from ._models import GetObjectsParameters + from ._models import GraphError, GraphErrorException + from ._models import GroupAddMemberParameters + from ._models import GroupCreateParameters + from ._models import GroupGetMemberGroupsParameters + from ._models import InformationalUrl + from ._models import KeyCredential + from ._models import KeyCredentialsUpdateParameters + from ._models import OAuth2Permission + from ._models import OAuth2PermissionGrant + from ._models import OptionalClaim + from ._models import OptionalClaims + from ._models import PasswordCredential + from ._models import PasswordCredentialsUpdateParameters + from ._models import PasswordProfile + from ._models import PreAuthorizedApplication + from ._models import PreAuthorizedApplicationExtension + from ._models import PreAuthorizedApplicationPermission + from ._models import RequiredResourceAccess + from ._models import ResourceAccess + from ._models import ServicePrincipal + from ._models import ServicePrincipalBase + from ._models import ServicePrincipalCreateParameters + from ._models import ServicePrincipalObjectResult + from ._models import ServicePrincipalUpdateParameters + from ._models import SignInName + from ._models import User + from ._models import UserBase + from ._models import UserCreateParameters + from ._models import UserGetMemberGroupsParameters + from ._models import UserUpdateParameters +from ._paged_models import ADGroupPaged +from ._paged_models import ApplicationPaged +from ._paged_models import AppRoleAssignmentPaged +from ._paged_models import DirectoryObjectPaged +from ._paged_models import DomainPaged +from ._paged_models import KeyCredentialPaged +from ._paged_models import OAuth2PermissionGrantPaged +from ._paged_models import PasswordCredentialPaged +from ._paged_models import ServicePrincipalPaged +from ._paged_models import StrPaged +from ._paged_models import UserPaged +from ._graph_rbac_management_client_enums import ( + GroupMembershipClaimTypes, UserType, ConsentType, ) __all__ = [ - 'InformationalUrl', - 'OAuth2Permission', - 'OptionalClaim', - 'OptionalClaims', - 'PreAuthorizedApplicationPermission', - 'PreAuthorizedApplicationExtension', - 'PreAuthorizedApplication', - 'GraphError', 'GraphErrorException', - 'DirectoryObject', - 'KeyCredential', - 'PasswordCredential', - 'ResourceAccess', - 'RequiredResourceAccess', - 'AppRole', + 'AddOwnerParameters', + 'ADGroup', + 'Application', 'ApplicationBase', 'ApplicationCreateParameters', 'ApplicationUpdateParameters', - 'Application', - 'ServicePrincipalObjectResult', - 'AddOwnerParameters', - 'KeyCredentialsUpdateParameters', - 'PasswordCredentialsUpdateParameters', + 'AppRole', + 'AppRoleAssignment', + 'CheckGroupMembershipParameters', + 'CheckGroupMembershipResult', + 'DirectoryObject', + 'Domain', + 'GetObjectsParameters', + 'GraphError', 'GraphErrorException', 'GroupAddMemberParameters', 'GroupCreateParameters', - 'ADGroup', 'GroupGetMemberGroupsParameters', - 'CheckGroupMembershipParameters', - 'CheckGroupMembershipResult', + 'InformationalUrl', + 'KeyCredential', + 'KeyCredentialsUpdateParameters', + 'OAuth2Permission', + 'OAuth2PermissionGrant', + 'OptionalClaim', + 'OptionalClaims', + 'PasswordCredential', + 'PasswordCredentialsUpdateParameters', + 'PasswordProfile', + 'PreAuthorizedApplication', + 'PreAuthorizedApplicationExtension', + 'PreAuthorizedApplicationPermission', + 'RequiredResourceAccess', + 'ResourceAccess', + 'ServicePrincipal', 'ServicePrincipalBase', 'ServicePrincipalCreateParameters', + 'ServicePrincipalObjectResult', 'ServicePrincipalUpdateParameters', - 'ServicePrincipal', - 'PasswordProfile', - 'UserBase', - 'UserCreateParameters', - 'UserUpdateParameters', 'SignInName', 'User', + 'UserBase', + 'UserCreateParameters', 'UserGetMemberGroupsParameters', - 'GetObjectsParameters', - 'Domain', - 'OAuth2PermissionGrant', + 'UserUpdateParameters', 'DirectoryObjectPaged', 'ApplicationPaged', 'KeyCredentialPaged', @@ -160,9 +165,11 @@ 'ADGroupPaged', 'StrPaged', 'ServicePrincipalPaged', + 'AppRoleAssignmentPaged', 'UserPaged', 'DomainPaged', 'OAuth2PermissionGrantPaged', + 'GroupMembershipClaimTypes', 'UserType', 'ConsentType', ] diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_graph_rbac_management_client_enums.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_graph_rbac_management_client_enums.py new file mode 100644 index 000000000000..bd4b2a908a36 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_graph_rbac_management_client_enums.py @@ -0,0 +1,31 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from enum import Enum + + +class GroupMembershipClaimTypes(str, Enum): + + none = "None" + security_group = "SecurityGroup" + all = "All" + + +class UserType(str, Enum): + + member = "Member" + guest = "Guest" + + +class ConsentType(str, Enum): + + all_principals = "AllPrincipals" + principal = "Principal" diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_models.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_models.py new file mode 100644 index 000000000000..81e64e0f93b7 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_models.py @@ -0,0 +1,2332 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model +from msrest.exceptions import HttpOperationError + + +class AddOwnerParameters(Model): + """Request parameters for adding a owner to an application. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param url: Required. A owner object URL, such as + "https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd", + where "0b1f9851-1bf0-433f-aec3-cb9272f093dc" is the tenantId and + "f260bbc4-c254-447b-94cf-293b5ec434dd" is the objectId of the owner (user, + application, servicePrincipal, group) to be added. + :type url: str + """ + + _validation = { + 'url': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'url': {'key': 'url', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AddOwnerParameters, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.url = kwargs.get('url', None) + + +class DirectoryObject(Model): + """Represents an Azure Active Directory object. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: Application, AppRoleAssignment, ADGroup, ServicePrincipal, + User + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + } + + _subtype_map = { + 'object_type': {'Application': 'Application', 'AppRoleAssignment': 'AppRoleAssignment', 'Group': 'ADGroup', 'ServicePrincipal': 'ServicePrincipal', 'User': 'User'} + } + + def __init__(self, **kwargs): + super(DirectoryObject, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.object_id = None + self.deletion_timestamp = None + self.object_type = None + + +class ADGroup(DirectoryObject): + """Active Directory group information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param display_name: The display name of the group. + :type display_name: str + :param mail_enabled: Whether the group is mail-enabled. Must be false. + This is because only pure security groups can be created using the Graph + API. + :type mail_enabled: bool + :param mail_nickname: The mail alias for the group. + :type mail_nickname: str + :param security_enabled: Whether the group is security-enable. + :type security_enabled: bool + :param mail: The primary email address of the group. + :type mail: str + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'mail_enabled': {'key': 'mailEnabled', 'type': 'bool'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + 'security_enabled': {'key': 'securityEnabled', 'type': 'bool'}, + 'mail': {'key': 'mail', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ADGroup, self).__init__(**kwargs) + self.display_name = kwargs.get('display_name', None) + self.mail_enabled = kwargs.get('mail_enabled', None) + self.mail_nickname = kwargs.get('mail_nickname', None) + self.security_enabled = kwargs.get('security_enabled', None) + self.mail = kwargs.get('mail', None) + self.object_type = 'Group' + + +class Application(DirectoryObject): + """Active Directory application information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param app_id: The application ID. + :type app_id: str + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param display_name: The display name of the application. + :type display_name: str + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. Possible values + include: 'None', 'SecurityGroup', 'All' + :type group_membership_claims: str or + ~azure.graphrbac.models.GroupMembershipClaimTypes + :param homepage: The home page of the application. + :type homepage: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] + :param informational_urls: URLs with more information about the + application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorized applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganization, AzureADAllOrganizations, + AzureADAndMicrosoftAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'app_id': {'key': 'appId', 'type': 'str'}, + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(Application, self).__init__(**kwargs) + self.app_id = kwargs.get('app_id', None) + self.allow_guests_sign_in = kwargs.get('allow_guests_sign_in', None) + self.allow_passthrough_users = kwargs.get('allow_passthrough_users', None) + self.app_logo_url = kwargs.get('app_logo_url', None) + self.app_roles = kwargs.get('app_roles', None) + self.app_permissions = kwargs.get('app_permissions', None) + self.available_to_other_tenants = kwargs.get('available_to_other_tenants', None) + self.display_name = kwargs.get('display_name', None) + self.error_url = kwargs.get('error_url', None) + self.group_membership_claims = kwargs.get('group_membership_claims', None) + self.homepage = kwargs.get('homepage', None) + self.identifier_uris = kwargs.get('identifier_uris', None) + self.informational_urls = kwargs.get('informational_urls', None) + self.is_device_only_auth_supported = kwargs.get('is_device_only_auth_supported', None) + self.key_credentials = kwargs.get('key_credentials', None) + self.known_client_applications = kwargs.get('known_client_applications', None) + self.logout_url = kwargs.get('logout_url', None) + self.oauth2_allow_implicit_flow = kwargs.get('oauth2_allow_implicit_flow', None) + self.oauth2_allow_url_path_matching = kwargs.get('oauth2_allow_url_path_matching', None) + self.oauth2_permissions = kwargs.get('oauth2_permissions', None) + self.oauth2_require_post_response = kwargs.get('oauth2_require_post_response', None) + self.org_restrictions = kwargs.get('org_restrictions', None) + self.optional_claims = kwargs.get('optional_claims', None) + self.password_credentials = kwargs.get('password_credentials', None) + self.pre_authorized_applications = kwargs.get('pre_authorized_applications', None) + self.public_client = kwargs.get('public_client', None) + self.publisher_domain = kwargs.get('publisher_domain', None) + self.reply_urls = kwargs.get('reply_urls', None) + self.required_resource_access = kwargs.get('required_resource_access', None) + self.saml_metadata_url = kwargs.get('saml_metadata_url', None) + self.sign_in_audience = kwargs.get('sign_in_audience', None) + self.www_homepage = kwargs.get('www_homepage', None) + self.object_type = 'Application' + + +class ApplicationBase(Model): + """Active Directive Application common properties shared among GET, POST and + PATCH. + + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. Possible values + include: 'None', 'SecurityGroup', 'All' + :type group_membership_claims: str or + ~azure.graphrbac.models.GroupMembershipClaimTypes + :param homepage: The home page of the application. + :type homepage: str + :param informational_urls: URLs with more information about the + application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorized applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganization, AzureADAllOrganizations, + AzureADAndMicrosoftAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + """ + + _attribute_map = { + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ApplicationBase, self).__init__(**kwargs) + self.allow_guests_sign_in = kwargs.get('allow_guests_sign_in', None) + self.allow_passthrough_users = kwargs.get('allow_passthrough_users', None) + self.app_logo_url = kwargs.get('app_logo_url', None) + self.app_roles = kwargs.get('app_roles', None) + self.app_permissions = kwargs.get('app_permissions', None) + self.available_to_other_tenants = kwargs.get('available_to_other_tenants', None) + self.error_url = kwargs.get('error_url', None) + self.group_membership_claims = kwargs.get('group_membership_claims', None) + self.homepage = kwargs.get('homepage', None) + self.informational_urls = kwargs.get('informational_urls', None) + self.is_device_only_auth_supported = kwargs.get('is_device_only_auth_supported', None) + self.key_credentials = kwargs.get('key_credentials', None) + self.known_client_applications = kwargs.get('known_client_applications', None) + self.logout_url = kwargs.get('logout_url', None) + self.oauth2_allow_implicit_flow = kwargs.get('oauth2_allow_implicit_flow', None) + self.oauth2_allow_url_path_matching = kwargs.get('oauth2_allow_url_path_matching', None) + self.oauth2_permissions = kwargs.get('oauth2_permissions', None) + self.oauth2_require_post_response = kwargs.get('oauth2_require_post_response', None) + self.org_restrictions = kwargs.get('org_restrictions', None) + self.optional_claims = kwargs.get('optional_claims', None) + self.password_credentials = kwargs.get('password_credentials', None) + self.pre_authorized_applications = kwargs.get('pre_authorized_applications', None) + self.public_client = kwargs.get('public_client', None) + self.publisher_domain = kwargs.get('publisher_domain', None) + self.reply_urls = kwargs.get('reply_urls', None) + self.required_resource_access = kwargs.get('required_resource_access', None) + self.saml_metadata_url = kwargs.get('saml_metadata_url', None) + self.sign_in_audience = kwargs.get('sign_in_audience', None) + self.www_homepage = kwargs.get('www_homepage', None) + + +class ApplicationCreateParameters(ApplicationBase): + """Request parameters for creating a new application. + + All required parameters must be populated in order to send to Azure. + + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. Possible values + include: 'None', 'SecurityGroup', 'All' + :type group_membership_claims: str or + ~azure.graphrbac.models.GroupMembershipClaimTypes + :param homepage: The home page of the application. + :type homepage: str + :param informational_urls: URLs with more information about the + application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorized applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganization, AzureADAllOrganizations, + AzureADAndMicrosoftAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + :param display_name: Required. The display name of the application. + :type display_name: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] + """ + + _validation = { + 'display_name': {'required': True}, + } + + _attribute_map = { + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(ApplicationCreateParameters, self).__init__(**kwargs) + self.display_name = kwargs.get('display_name', None) + self.identifier_uris = kwargs.get('identifier_uris', None) + + +class ApplicationUpdateParameters(ApplicationBase): + """Request parameters for updating a new application. + + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. Possible values + include: 'None', 'SecurityGroup', 'All' + :type group_membership_claims: str or + ~azure.graphrbac.models.GroupMembershipClaimTypes + :param homepage: The home page of the application. + :type homepage: str + :param informational_urls: URLs with more information about the + application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorized applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganization, AzureADAllOrganizations, + AzureADAndMicrosoftAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + :param display_name: The display name of the application. + :type display_name: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] + """ + + _attribute_map = { + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(ApplicationUpdateParameters, self).__init__(**kwargs) + self.display_name = kwargs.get('display_name', None) + self.identifier_uris = kwargs.get('identifier_uris', None) + + +class AppRole(Model): + """AppRole. + + :param id: Unique role identifier inside the appRoles collection. + :type id: str + :param allowed_member_types: Specifies whether this app role definition + can be assigned to users and groups by setting to 'User', or to other + applications (that are accessing this application in daemon service + scenarios) by setting to 'Application', or to both. + :type allowed_member_types: list[str] + :param description: Permission help text that appears in the admin app + assignment and consent experiences. + :type description: str + :param display_name: Display name for the permission that appears in the + admin consent and app assignment experiences. + :type display_name: str + :param is_enabled: When creating or updating a role definition, this must + be set to true (which is the default). To delete a role, this must first + be set to false. At that point, in a subsequent call, this role may be + removed. + :type is_enabled: bool + :param value: Specifies the value of the roles claim that the application + should expect in the authentication and access tokens. + :type value: str + """ + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'allowed_member_types': {'key': 'allowedMemberTypes', 'type': '[str]'}, + 'description': {'key': 'description', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'value': {'key': 'value', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AppRole, self).__init__(**kwargs) + self.id = kwargs.get('id', None) + self.allowed_member_types = kwargs.get('allowed_member_types', None) + self.description = kwargs.get('description', None) + self.display_name = kwargs.get('display_name', None) + self.is_enabled = kwargs.get('is_enabled', None) + self.value = kwargs.get('value', None) + + +class AppRoleAssignment(DirectoryObject): + """AppRoleAssignment information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param id: The role id that was assigned to the principal. This role must + be declared by the target resource application resourceId in its appRoles + property. + :type id: str + :param principal_display_name: The display name of the principal that was + granted the access. + :type principal_display_name: str + :param principal_id: The unique identifier (objectId) for the principal + being granted the access. + :type principal_id: str + :param principal_type: The type of principal. This can either be "User", + "Group" or "ServicePrincipal". + :type principal_type: str + :param resource_display_name: The display name of the resource to which + the assignment was made. + :type resource_display_name: str + :param resource_id: The unique identifier (objectId) for the target + resource (service principal) for which the assignment was made. + :type resource_id: str + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'principal_display_name': {'key': 'principalDisplayName', 'type': 'str'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'principal_type': {'key': 'principalType', 'type': 'str'}, + 'resource_display_name': {'key': 'resourceDisplayName', 'type': 'str'}, + 'resource_id': {'key': 'resourceId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AppRoleAssignment, self).__init__(**kwargs) + self.id = kwargs.get('id', None) + self.principal_display_name = kwargs.get('principal_display_name', None) + self.principal_id = kwargs.get('principal_id', None) + self.principal_type = kwargs.get('principal_type', None) + self.resource_display_name = kwargs.get('resource_display_name', None) + self.resource_id = kwargs.get('resource_id', None) + self.object_type = 'AppRoleAssignment' + + +class CheckGroupMembershipParameters(Model): + """Request parameters for IsMemberOf API call. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param group_id: Required. The object ID of the group to check. + :type group_id: str + :param member_id: Required. The object ID of the contact, group, user, or + service principal to check for membership in the specified group. + :type member_id: str + """ + + _validation = { + 'group_id': {'required': True}, + 'member_id': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'group_id': {'key': 'groupId', 'type': 'str'}, + 'member_id': {'key': 'memberId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(CheckGroupMembershipParameters, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.group_id = kwargs.get('group_id', None) + self.member_id = kwargs.get('member_id', None) + + +class CheckGroupMembershipResult(Model): + """Server response for IsMemberOf API call. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param value: True if the specified user, group, contact, or service + principal has either direct or transitive membership in the specified + group; otherwise, false. + :type value: bool + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'value': {'key': 'value', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(CheckGroupMembershipResult, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.value = kwargs.get('value', None) + + +class CloudError(Model): + """CloudError. + """ + + _attribute_map = { + } + + +class Domain(Model): + """Active Directory Domain information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar authentication_type: the type of the authentication into the domain. + :vartype authentication_type: str + :ivar is_default: if this is the default domain in the tenant. + :vartype is_default: bool + :ivar is_verified: if this domain's ownership is verified. + :vartype is_verified: bool + :param name: Required. the domain name. + :type name: str + """ + + _validation = { + 'authentication_type': {'readonly': True}, + 'is_default': {'readonly': True}, + 'is_verified': {'readonly': True}, + 'name': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'authentication_type': {'key': 'authenticationType', 'type': 'str'}, + 'is_default': {'key': 'isDefault', 'type': 'bool'}, + 'is_verified': {'key': 'isVerified', 'type': 'bool'}, + 'name': {'key': 'name', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(Domain, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.authentication_type = None + self.is_default = None + self.is_verified = None + self.name = kwargs.get('name', None) + + +class GetObjectsParameters(Model): + """Request parameters for the GetObjectsByObjectIds API. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param object_ids: The requested object IDs. + :type object_ids: list[str] + :param types: The requested object types. + :type types: list[str] + :param include_directory_object_references: If true, also searches for + object IDs in the partner tenant. + :type include_directory_object_references: bool + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_ids': {'key': 'objectIds', 'type': '[str]'}, + 'types': {'key': 'types', 'type': '[str]'}, + 'include_directory_object_references': {'key': 'includeDirectoryObjectReferences', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(GetObjectsParameters, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.object_ids = kwargs.get('object_ids', None) + self.types = kwargs.get('types', None) + self.include_directory_object_references = kwargs.get('include_directory_object_references', None) + + +class GraphError(Model): + """Active Directory error information. + + :param code: Error code. + :type code: str + :param message: Error message value. + :type message: str + """ + + _attribute_map = { + 'code': {'key': 'odata\\.error.code', 'type': 'str'}, + 'message': {'key': 'odata\\.error.message.value', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(GraphError, self).__init__(**kwargs) + self.code = kwargs.get('code', None) + self.message = kwargs.get('message', None) + + +class GraphErrorException(HttpOperationError): + """Server responsed with exception of type: 'GraphError'. + + :param deserialize: A deserializer + :param response: Server response to be deserialized. + """ + + def __init__(self, deserialize, response, *args): + + super(GraphErrorException, self).__init__(deserialize, response, 'GraphError', *args) + + +class GroupAddMemberParameters(Model): + """Request parameters for adding a member to a group. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param url: Required. A member object URL, such as + "https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd", + where "0b1f9851-1bf0-433f-aec3-cb9272f093dc" is the tenantId and + "f260bbc4-c254-447b-94cf-293b5ec434dd" is the objectId of the member + (user, application, servicePrincipal, group) to be added. + :type url: str + """ + + _validation = { + 'url': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'url': {'key': 'url', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(GroupAddMemberParameters, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.url = kwargs.get('url', None) + + +class GroupCreateParameters(Model): + """Request parameters for creating a new group. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param display_name: Required. Group display name + :type display_name: str + :ivar mail_enabled: Required. Whether the group is mail-enabled. Must be + false. This is because only pure security groups can be created using the + Graph API. Default value: False . + :vartype mail_enabled: bool + :param mail_nickname: Required. Mail nickname + :type mail_nickname: str + :ivar security_enabled: Required. Whether the group is a security group. + Must be true. This is because only pure security groups can be created + using the Graph API. Default value: True . + :vartype security_enabled: bool + """ + + _validation = { + 'display_name': {'required': True}, + 'mail_enabled': {'required': True, 'constant': True}, + 'mail_nickname': {'required': True}, + 'security_enabled': {'required': True, 'constant': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'mail_enabled': {'key': 'mailEnabled', 'type': 'bool'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + 'security_enabled': {'key': 'securityEnabled', 'type': 'bool'}, + } + + mail_enabled = False + + security_enabled = True + + def __init__(self, **kwargs): + super(GroupCreateParameters, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.display_name = kwargs.get('display_name', None) + self.mail_nickname = kwargs.get('mail_nickname', None) + + +class GroupGetMemberGroupsParameters(Model): + """Request parameters for GetMemberGroups API call. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param security_enabled_only: Required. If true, only membership in + security-enabled groups should be checked. Otherwise, membership in all + groups should be checked. + :type security_enabled_only: bool + """ + + _validation = { + 'security_enabled_only': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'security_enabled_only': {'key': 'securityEnabledOnly', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(GroupGetMemberGroupsParameters, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.security_enabled_only = kwargs.get('security_enabled_only', None) + + +class InformationalUrl(Model): + """Represents a group of URIs that provide terms of service, marketing, + support and privacy policy information about an application. The default + value for each string is null. + + :param terms_of_service: The terms of service URI + :type terms_of_service: str + :param marketing: The marketing URI + :type marketing: str + :param privacy: The privacy policy URI + :type privacy: str + :param support: The support URI + :type support: str + """ + + _attribute_map = { + 'terms_of_service': {'key': 'termsOfService', 'type': 'str'}, + 'marketing': {'key': 'marketing', 'type': 'str'}, + 'privacy': {'key': 'privacy', 'type': 'str'}, + 'support': {'key': 'support', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(InformationalUrl, self).__init__(**kwargs) + self.terms_of_service = kwargs.get('terms_of_service', None) + self.marketing = kwargs.get('marketing', None) + self.privacy = kwargs.get('privacy', None) + self.support = kwargs.get('support', None) + + +class KeyCredential(Model): + """Active Directory Key Credential information. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param start_date: Start date. + :type start_date: datetime + :param end_date: End date. + :type end_date: datetime + :param value: Key value. + :type value: str + :param key_id: Key ID. + :type key_id: str + :param usage: Usage. Acceptable values are 'Verify' and 'Sign'. + :type usage: str + :param type: Type. Acceptable values are 'AsymmetricX509Cert' and + 'Symmetric'. + :type type: str + :param custom_key_identifier: Custom Key Identifier + :type custom_key_identifier: str + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'start_date': {'key': 'startDate', 'type': 'iso-8601'}, + 'end_date': {'key': 'endDate', 'type': 'iso-8601'}, + 'value': {'key': 'value', 'type': 'str'}, + 'key_id': {'key': 'keyId', 'type': 'str'}, + 'usage': {'key': 'usage', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'custom_key_identifier': {'key': 'customKeyIdentifier', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(KeyCredential, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.start_date = kwargs.get('start_date', None) + self.end_date = kwargs.get('end_date', None) + self.value = kwargs.get('value', None) + self.key_id = kwargs.get('key_id', None) + self.usage = kwargs.get('usage', None) + self.type = kwargs.get('type', None) + self.custom_key_identifier = kwargs.get('custom_key_identifier', None) + + +class KeyCredentialsUpdateParameters(Model): + """Request parameters for a KeyCredentials update operation. + + All required parameters must be populated in order to send to Azure. + + :param value: Required. A collection of KeyCredentials. + :type value: list[~azure.graphrbac.models.KeyCredential] + """ + + _validation = { + 'value': {'required': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[KeyCredential]'}, + } + + def __init__(self, **kwargs): + super(KeyCredentialsUpdateParameters, self).__init__(**kwargs) + self.value = kwargs.get('value', None) + + +class OAuth2Permission(Model): + """Represents an OAuth 2.0 delegated permission scope. The specified OAuth 2.0 + delegated permission scopes may be requested by client applications + (through the requiredResourceAccess collection on the Application object) + when calling a resource application. The oauth2Permissions property of the + ServicePrincipal entity and of the Application entity is a collection of + OAuth2Permission. + + :param admin_consent_description: Permission help text that appears in the + admin consent and app assignment experiences. + :type admin_consent_description: str + :param admin_consent_display_name: Display name for the permission that + appears in the admin consent and app assignment experiences. + :type admin_consent_display_name: str + :param id: Unique scope permission identifier inside the oauth2Permissions + collection. + :type id: str + :param is_enabled: When creating or updating a permission, this property + must be set to true (which is the default). To delete a permission, this + property must first be set to false. At that point, in a subsequent call, + the permission may be removed. + :type is_enabled: bool + :param type: Specifies whether this scope permission can be consented to + by an end user, or whether it is a tenant-wide permission that must be + consented to by a Company Administrator. Possible values are "User" or + "Admin". + :type type: str + :param user_consent_description: Permission help text that appears in the + end user consent experience. + :type user_consent_description: str + :param user_consent_display_name: Display name for the permission that + appears in the end user consent experience. + :type user_consent_display_name: str + :param value: The value of the scope claim that the resource application + should expect in the OAuth 2.0 access token. + :type value: str + """ + + _attribute_map = { + 'admin_consent_description': {'key': 'adminConsentDescription', 'type': 'str'}, + 'admin_consent_display_name': {'key': 'adminConsentDisplayName', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'type': {'key': 'type', 'type': 'str'}, + 'user_consent_description': {'key': 'userConsentDescription', 'type': 'str'}, + 'user_consent_display_name': {'key': 'userConsentDisplayName', 'type': 'str'}, + 'value': {'key': 'value', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(OAuth2Permission, self).__init__(**kwargs) + self.admin_consent_description = kwargs.get('admin_consent_description', None) + self.admin_consent_display_name = kwargs.get('admin_consent_display_name', None) + self.id = kwargs.get('id', None) + self.is_enabled = kwargs.get('is_enabled', None) + self.type = kwargs.get('type', None) + self.user_consent_description = kwargs.get('user_consent_description', None) + self.user_consent_display_name = kwargs.get('user_consent_display_name', None) + self.value = kwargs.get('value', None) + + +class OAuth2PermissionGrant(Model): + """OAuth2PermissionGrant. + + :param odatatype: Microsoft.DirectoryServices.OAuth2PermissionGrant + :type odatatype: str + :param client_id: The id of the resource's service principal granted + consent to impersonate the user when accessing the resource (represented + by the resourceId property). + :type client_id: str + :param object_id: The id of the permission grant + :type object_id: str + :param consent_type: Indicates if consent was provided by the + administrator (on behalf of the organization) or by an individual. + Possible values include: 'AllPrincipals', 'Principal' + :type consent_type: str or ~azure.graphrbac.models.ConsentType + :param principal_id: When consent type is Principal, this property + specifies the id of the user that granted consent and applies only for + that user. + :type principal_id: str + :param resource_id: Object Id of the resource you want to grant + :type resource_id: str + :param scope: Specifies the value of the scope claim that the resource + application should expect in the OAuth 2.0 access token. For example, + User.Read + :type scope: str + :param start_time: Start time for TTL + :type start_time: str + :param expiry_time: Expiry time for TTL + :type expiry_time: str + """ + + _attribute_map = { + 'odatatype': {'key': 'odata\\.type', 'type': 'str'}, + 'client_id': {'key': 'clientId', 'type': 'str'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'consent_type': {'key': 'consentType', 'type': 'str'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'resource_id': {'key': 'resourceId', 'type': 'str'}, + 'scope': {'key': 'scope', 'type': 'str'}, + 'start_time': {'key': 'startTime', 'type': 'str'}, + 'expiry_time': {'key': 'expiryTime', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(OAuth2PermissionGrant, self).__init__(**kwargs) + self.odatatype = kwargs.get('odatatype', None) + self.client_id = kwargs.get('client_id', None) + self.object_id = kwargs.get('object_id', None) + self.consent_type = kwargs.get('consent_type', None) + self.principal_id = kwargs.get('principal_id', None) + self.resource_id = kwargs.get('resource_id', None) + self.scope = kwargs.get('scope', None) + self.start_time = kwargs.get('start_time', None) + self.expiry_time = kwargs.get('expiry_time', None) + + +class OptionalClaim(Model): + """Specifying the claims to be included in a token. + + :param name: Claim name. + :type name: str + :param source: Claim source. + :type source: str + :param essential: Is this a required claim. + :type essential: bool + :param additional_properties: + :type additional_properties: object + """ + + _attribute_map = { + 'name': {'key': 'name', 'type': 'str'}, + 'source': {'key': 'source', 'type': 'str'}, + 'essential': {'key': 'essential', 'type': 'bool'}, + 'additional_properties': {'key': 'additionalProperties', 'type': 'object'}, + } + + def __init__(self, **kwargs): + super(OptionalClaim, self).__init__(**kwargs) + self.name = kwargs.get('name', None) + self.source = kwargs.get('source', None) + self.essential = kwargs.get('essential', None) + self.additional_properties = kwargs.get('additional_properties', None) + + +class OptionalClaims(Model): + """Specifying the claims to be included in the token. + + :param id_token: Optional claims requested to be included in the id token. + :type id_token: list[~azure.graphrbac.models.OptionalClaim] + :param access_token: Optional claims requested to be included in the + access token. + :type access_token: list[~azure.graphrbac.models.OptionalClaim] + :param saml_token: Optional claims requested to be included in the saml + token. + :type saml_token: list[~azure.graphrbac.models.OptionalClaim] + """ + + _attribute_map = { + 'id_token': {'key': 'idToken', 'type': '[OptionalClaim]'}, + 'access_token': {'key': 'accessToken', 'type': '[OptionalClaim]'}, + 'saml_token': {'key': 'samlToken', 'type': '[OptionalClaim]'}, + } + + def __init__(self, **kwargs): + super(OptionalClaims, self).__init__(**kwargs) + self.id_token = kwargs.get('id_token', None) + self.access_token = kwargs.get('access_token', None) + self.saml_token = kwargs.get('saml_token', None) + + +class PasswordCredential(Model): + """Active Directory Password Credential information. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param start_date: Start date. + :type start_date: datetime + :param end_date: End date. + :type end_date: datetime + :param key_id: Key ID. + :type key_id: str + :param value: Key value. + :type value: str + :param custom_key_identifier: Custom Key Identifier + :type custom_key_identifier: bytearray + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'start_date': {'key': 'startDate', 'type': 'iso-8601'}, + 'end_date': {'key': 'endDate', 'type': 'iso-8601'}, + 'key_id': {'key': 'keyId', 'type': 'str'}, + 'value': {'key': 'value', 'type': 'str'}, + 'custom_key_identifier': {'key': 'customKeyIdentifier', 'type': 'bytearray'}, + } + + def __init__(self, **kwargs): + super(PasswordCredential, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.start_date = kwargs.get('start_date', None) + self.end_date = kwargs.get('end_date', None) + self.key_id = kwargs.get('key_id', None) + self.value = kwargs.get('value', None) + self.custom_key_identifier = kwargs.get('custom_key_identifier', None) + + +class PasswordCredentialsUpdateParameters(Model): + """Request parameters for a PasswordCredentials update operation. + + All required parameters must be populated in order to send to Azure. + + :param value: Required. A collection of PasswordCredentials. + :type value: list[~azure.graphrbac.models.PasswordCredential] + """ + + _validation = { + 'value': {'required': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[PasswordCredential]'}, + } + + def __init__(self, **kwargs): + super(PasswordCredentialsUpdateParameters, self).__init__(**kwargs) + self.value = kwargs.get('value', None) + + +class PasswordProfile(Model): + """The password profile associated with a user. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param password: Required. Password + :type password: str + :param force_change_password_next_login: Whether to force a password + change on next login. + :type force_change_password_next_login: bool + """ + + _validation = { + 'password': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'password': {'key': 'password', 'type': 'str'}, + 'force_change_password_next_login': {'key': 'forceChangePasswordNextLogin', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(PasswordProfile, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.password = kwargs.get('password', None) + self.force_change_password_next_login = kwargs.get('force_change_password_next_login', None) + + +class PreAuthorizedApplication(Model): + """Contains information about pre authorized client application. + + :param app_id: Represents the application id. + :type app_id: str + :param permissions: Collection of required app permissions/entitlements + from the resource application. + :type permissions: + list[~azure.graphrbac.models.PreAuthorizedApplicationPermission] + :param extensions: Collection of extensions from the resource application. + :type extensions: + list[~azure.graphrbac.models.PreAuthorizedApplicationExtension] + """ + + _attribute_map = { + 'app_id': {'key': 'appId', 'type': 'str'}, + 'permissions': {'key': 'permissions', 'type': '[PreAuthorizedApplicationPermission]'}, + 'extensions': {'key': 'extensions', 'type': '[PreAuthorizedApplicationExtension]'}, + } + + def __init__(self, **kwargs): + super(PreAuthorizedApplication, self).__init__(**kwargs) + self.app_id = kwargs.get('app_id', None) + self.permissions = kwargs.get('permissions', None) + self.extensions = kwargs.get('extensions', None) + + +class PreAuthorizedApplicationExtension(Model): + """Representation of an app PreAuthorizedApplicationExtension required by a + pre authorized client app. + + :param conditions: The extension's conditions. + :type conditions: list[str] + """ + + _attribute_map = { + 'conditions': {'key': 'conditions', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(PreAuthorizedApplicationExtension, self).__init__(**kwargs) + self.conditions = kwargs.get('conditions', None) + + +class PreAuthorizedApplicationPermission(Model): + """Contains information about the pre-authorized permissions. + + :param direct_access_grant: Indicates whether the permission set is + DirectAccess or impersonation. + :type direct_access_grant: bool + :param access_grants: The list of permissions. + :type access_grants: list[str] + """ + + _attribute_map = { + 'direct_access_grant': {'key': 'directAccessGrant', 'type': 'bool'}, + 'access_grants': {'key': 'accessGrants', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(PreAuthorizedApplicationPermission, self).__init__(**kwargs) + self.direct_access_grant = kwargs.get('direct_access_grant', None) + self.access_grants = kwargs.get('access_grants', None) + + +class RequiredResourceAccess(Model): + """Specifies the set of OAuth 2.0 permission scopes and app roles under the + specified resource that an application requires access to. The specified + OAuth 2.0 permission scopes may be requested by client applications + (through the requiredResourceAccess collection) when calling a resource + application. The requiredResourceAccess property of the Application entity + is a collection of RequiredResourceAccess. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param resource_access: Required. The list of OAuth2.0 permission scopes + and app roles that the application requires from the specified resource. + :type resource_access: list[~azure.graphrbac.models.ResourceAccess] + :param resource_app_id: The unique identifier for the resource that the + application requires access to. This should be equal to the appId declared + on the target resource application. + :type resource_app_id: str + """ + + _validation = { + 'resource_access': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'resource_access': {'key': 'resourceAccess', 'type': '[ResourceAccess]'}, + 'resource_app_id': {'key': 'resourceAppId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(RequiredResourceAccess, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.resource_access = kwargs.get('resource_access', None) + self.resource_app_id = kwargs.get('resource_app_id', None) + + +class ResourceAccess(Model): + """Specifies an OAuth 2.0 permission scope or an app role that an application + requires. The resourceAccess property of the RequiredResourceAccess type is + a collection of ResourceAccess. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param id: Required. The unique identifier for one of the OAuth2Permission + or AppRole instances that the resource application exposes. + :type id: str + :param type: Specifies whether the id property references an + OAuth2Permission or an AppRole. Possible values are "scope" or "role". + :type type: str + """ + + _validation = { + 'id': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ResourceAccess, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.id = kwargs.get('id', None) + self.type = kwargs.get('type', None) + + +class ServicePrincipal(DirectoryObject): + """Active Directory service principal information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: bool + :param alternative_names: alternative names + :type alternative_names: list[str] + :ivar app_display_name: The display name exposed by the associated + application. + :vartype app_display_name: str + :param app_id: The application ID. + :type app_id: str + :ivar app_owner_tenant_id: + :vartype app_owner_tenant_id: str + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param display_name: The display name of the service principal. + :type display_name: str + :param error_url: A URL provided by the author of the associated + application to report errors when using the application. + :type error_url: str + :param homepage: The URL to the homepage of the associated application. + :type homepage: str + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param logout_url: A URL provided by the author of the associated + application to logout + :type logout_url: str + :ivar oauth2_permissions: The OAuth 2.0 permissions exposed by the + associated application. + :vartype oauth2_permissions: + list[~azure.graphrbac.models.OAuth2Permission] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param preferred_token_signing_key_thumbprint: The thumbprint of preferred + certificate to sign the token + :type preferred_token_signing_key_thumbprint: str + :param publisher_name: The publisher's name of the associated application + :type publisher_name: str + :param reply_urls: The URLs that user tokens are sent to for sign in with + the associated application. The redirect URIs that the oAuth 2.0 + authorization code and access tokens are sent to for the associated + application. + :type reply_urls: list[str] + :param saml_metadata_url: The URL to the SAML metadata of the associated + application + :type saml_metadata_url: str + :param service_principal_names: A collection of service principal names. + :type service_principal_names: list[str] + :param service_principal_type: the type of the service principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + 'app_display_name': {'readonly': True}, + 'app_owner_tenant_id': {'readonly': True}, + 'oauth2_permissions': {'readonly': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'alternative_names': {'key': 'alternativeNames', 'type': '[str]'}, + 'app_display_name': {'key': 'appDisplayName', 'type': 'str'}, + 'app_id': {'key': 'appId', 'type': 'str'}, + 'app_owner_tenant_id': {'key': 'appOwnerTenantId', 'type': 'str'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'preferred_token_signing_key_thumbprint': {'key': 'preferredTokenSigningKeyThumbprint', 'type': 'str'}, + 'publisher_name': {'key': 'publisherName', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'service_principal_names': {'key': 'servicePrincipalNames', 'type': '[str]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(ServicePrincipal, self).__init__(**kwargs) + self.account_enabled = kwargs.get('account_enabled', None) + self.alternative_names = kwargs.get('alternative_names', None) + self.app_display_name = None + self.app_id = kwargs.get('app_id', None) + self.app_owner_tenant_id = None + self.app_role_assignment_required = kwargs.get('app_role_assignment_required', None) + self.app_roles = kwargs.get('app_roles', None) + self.display_name = kwargs.get('display_name', None) + self.error_url = kwargs.get('error_url', None) + self.homepage = kwargs.get('homepage', None) + self.key_credentials = kwargs.get('key_credentials', None) + self.logout_url = kwargs.get('logout_url', None) + self.oauth2_permissions = None + self.password_credentials = kwargs.get('password_credentials', None) + self.preferred_token_signing_key_thumbprint = kwargs.get('preferred_token_signing_key_thumbprint', None) + self.publisher_name = kwargs.get('publisher_name', None) + self.reply_urls = kwargs.get('reply_urls', None) + self.saml_metadata_url = kwargs.get('saml_metadata_url', None) + self.service_principal_names = kwargs.get('service_principal_names', None) + self.service_principal_type = kwargs.get('service_principal_type', None) + self.tags = kwargs.get('tags', None) + self.object_type = 'ServicePrincipal' + + +class ServicePrincipalBase(Model): + """Active Directory service principal common properties shared among GET, POST + and PATCH. + + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: bool + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param service_principal_type: the type of the service principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + """ + + _attribute_map = { + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(ServicePrincipalBase, self).__init__(**kwargs) + self.account_enabled = kwargs.get('account_enabled', None) + self.app_role_assignment_required = kwargs.get('app_role_assignment_required', None) + self.key_credentials = kwargs.get('key_credentials', None) + self.password_credentials = kwargs.get('password_credentials', None) + self.service_principal_type = kwargs.get('service_principal_type', None) + self.tags = kwargs.get('tags', None) + + +class ServicePrincipalCreateParameters(ServicePrincipalBase): + """Request parameters for creating a new service principal. + + All required parameters must be populated in order to send to Azure. + + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: bool + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param service_principal_type: the type of the service principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + :param app_id: Required. The application ID. + :type app_id: str + """ + + _validation = { + 'app_id': {'required': True}, + } + + _attribute_map = { + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + 'app_id': {'key': 'appId', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ServicePrincipalCreateParameters, self).__init__(**kwargs) + self.app_id = kwargs.get('app_id', None) + + +class ServicePrincipalObjectResult(Model): + """Service Principal Object Result. + + :param value: The Object ID of the service principal with the specified + application ID. + :type value: str + :param odatametadata: The URL representing edm equivalent. + :type odatametadata: str + """ + + _attribute_map = { + 'value': {'key': 'value', 'type': 'str'}, + 'odatametadata': {'key': 'odata\\.metadata', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ServicePrincipalObjectResult, self).__init__(**kwargs) + self.value = kwargs.get('value', None) + self.odatametadata = kwargs.get('odatametadata', None) + + +class ServicePrincipalUpdateParameters(ServicePrincipalBase): + """Request parameters for update an existing service principal. + + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: bool + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param service_principal_type: the type of the service principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + """ + + _attribute_map = { + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(ServicePrincipalUpdateParameters, self).__init__(**kwargs) + + +class SignInName(Model): + """Contains information about a sign-in name of a local account user in an + Azure Active Directory B2C tenant. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param type: A string value that can be used to classify user sign-in + types in your directory, such as 'emailAddress' or 'userName'. + :type type: str + :param value: The sign-in used by the local account. Must be unique across + the company/tenant. For example, 'johnc@example.com'. + :type value: str + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'type': {'key': 'type', 'type': 'str'}, + 'value': {'key': 'value', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(SignInName, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.type = kwargs.get('type', None) + self.value = kwargs.get('value', None) + + +class User(DirectoryObject): + """Active Directory user information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param immutable_id: This must be specified if you are using a federated + domain for the user's userPrincipalName (UPN) property when creating a new + user account. It is used to associate an on-premises Active Directory user + account with their Azure AD user object. + :type immutable_id: str + :param usage_location: A two letter country code (ISO standard 3166). + Required for users that will be assigned licenses due to legal requirement + to check for availability of services in countries. Examples include: + "US", "JP", and "GB". + :type usage_location: str + :param given_name: The given name for the user. + :type given_name: str + :param surname: The user's surname (family name or last name). + :type surname: str + :param user_type: A string value that can be used to classify user types + in your directory, such as 'Member' and 'Guest'. Possible values include: + 'Member', 'Guest' + :type user_type: str or ~azure.graphrbac.models.UserType + :param account_enabled: Whether the account is enabled. + :type account_enabled: bool + :param display_name: The display name of the user. + :type display_name: str + :param user_principal_name: The principal name of the user. + :type user_principal_name: str + :param mail_nickname: The mail alias for the user. + :type mail_nickname: str + :param mail: The primary email address of the user. + :type mail: str + :param sign_in_names: The sign-in names of the user. + :type sign_in_names: list[~azure.graphrbac.models.SignInName] + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'immutable_id': {'key': 'immutableId', 'type': 'str'}, + 'usage_location': {'key': 'usageLocation', 'type': 'str'}, + 'given_name': {'key': 'givenName', 'type': 'str'}, + 'surname': {'key': 'surname', 'type': 'str'}, + 'user_type': {'key': 'userType', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'user_principal_name': {'key': 'userPrincipalName', 'type': 'str'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + 'mail': {'key': 'mail', 'type': 'str'}, + 'sign_in_names': {'key': 'signInNames', 'type': '[SignInName]'}, + } + + def __init__(self, **kwargs): + super(User, self).__init__(**kwargs) + self.immutable_id = kwargs.get('immutable_id', None) + self.usage_location = kwargs.get('usage_location', None) + self.given_name = kwargs.get('given_name', None) + self.surname = kwargs.get('surname', None) + self.user_type = kwargs.get('user_type', None) + self.account_enabled = kwargs.get('account_enabled', None) + self.display_name = kwargs.get('display_name', None) + self.user_principal_name = kwargs.get('user_principal_name', None) + self.mail_nickname = kwargs.get('mail_nickname', None) + self.mail = kwargs.get('mail', None) + self.sign_in_names = kwargs.get('sign_in_names', None) + self.object_type = 'User' + + +class UserBase(Model): + """UserBase. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param immutable_id: This must be specified if you are using a federated + domain for the user's userPrincipalName (UPN) property when creating a new + user account. It is used to associate an on-premises Active Directory user + account with their Azure AD user object. + :type immutable_id: str + :param usage_location: A two letter country code (ISO standard 3166). + Required for users that will be assigned licenses due to legal requirement + to check for availability of services in countries. Examples include: + "US", "JP", and "GB". + :type usage_location: str + :param given_name: The given name for the user. + :type given_name: str + :param surname: The user's surname (family name or last name). + :type surname: str + :param user_type: A string value that can be used to classify user types + in your directory, such as 'Member' and 'Guest'. Possible values include: + 'Member', 'Guest' + :type user_type: str or ~azure.graphrbac.models.UserType + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'immutable_id': {'key': 'immutableId', 'type': 'str'}, + 'usage_location': {'key': 'usageLocation', 'type': 'str'}, + 'given_name': {'key': 'givenName', 'type': 'str'}, + 'surname': {'key': 'surname', 'type': 'str'}, + 'user_type': {'key': 'userType', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(UserBase, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.immutable_id = kwargs.get('immutable_id', None) + self.usage_location = kwargs.get('usage_location', None) + self.given_name = kwargs.get('given_name', None) + self.surname = kwargs.get('surname', None) + self.user_type = kwargs.get('user_type', None) + + +class UserCreateParameters(UserBase): + """Request parameters for creating a new work or school account user. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param immutable_id: This must be specified if you are using a federated + domain for the user's userPrincipalName (UPN) property when creating a new + user account. It is used to associate an on-premises Active Directory user + account with their Azure AD user object. + :type immutable_id: str + :param usage_location: A two letter country code (ISO standard 3166). + Required for users that will be assigned licenses due to legal requirement + to check for availability of services in countries. Examples include: + "US", "JP", and "GB". + :type usage_location: str + :param given_name: The given name for the user. + :type given_name: str + :param surname: The user's surname (family name or last name). + :type surname: str + :param user_type: A string value that can be used to classify user types + in your directory, such as 'Member' and 'Guest'. Possible values include: + 'Member', 'Guest' + :type user_type: str or ~azure.graphrbac.models.UserType + :param account_enabled: Required. Whether the account is enabled. + :type account_enabled: bool + :param display_name: Required. The display name of the user. + :type display_name: str + :param password_profile: Required. Password Profile + :type password_profile: ~azure.graphrbac.models.PasswordProfile + :param user_principal_name: Required. The user principal name + (someuser@contoso.com). It must contain one of the verified domains for + the tenant. + :type user_principal_name: str + :param mail_nickname: Required. The mail alias for the user. + :type mail_nickname: str + :param mail: The primary email address of the user. + :type mail: str + """ + + _validation = { + 'account_enabled': {'required': True}, + 'display_name': {'required': True}, + 'password_profile': {'required': True}, + 'user_principal_name': {'required': True}, + 'mail_nickname': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'immutable_id': {'key': 'immutableId', 'type': 'str'}, + 'usage_location': {'key': 'usageLocation', 'type': 'str'}, + 'given_name': {'key': 'givenName', 'type': 'str'}, + 'surname': {'key': 'surname', 'type': 'str'}, + 'user_type': {'key': 'userType', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'password_profile': {'key': 'passwordProfile', 'type': 'PasswordProfile'}, + 'user_principal_name': {'key': 'userPrincipalName', 'type': 'str'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + 'mail': {'key': 'mail', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(UserCreateParameters, self).__init__(**kwargs) + self.account_enabled = kwargs.get('account_enabled', None) + self.display_name = kwargs.get('display_name', None) + self.password_profile = kwargs.get('password_profile', None) + self.user_principal_name = kwargs.get('user_principal_name', None) + self.mail_nickname = kwargs.get('mail_nickname', None) + self.mail = kwargs.get('mail', None) + + +class UserGetMemberGroupsParameters(Model): + """Request parameters for GetMemberGroups API call. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param security_enabled_only: Required. If true, only membership in + security-enabled groups should be checked. Otherwise, membership in all + groups should be checked. + :type security_enabled_only: bool + """ + + _validation = { + 'security_enabled_only': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'security_enabled_only': {'key': 'securityEnabledOnly', 'type': 'bool'}, + } + + def __init__(self, **kwargs): + super(UserGetMemberGroupsParameters, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.security_enabled_only = kwargs.get('security_enabled_only', None) + + +class UserUpdateParameters(UserBase): + """Request parameters for updating an existing work or school account user. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param immutable_id: This must be specified if you are using a federated + domain for the user's userPrincipalName (UPN) property when creating a new + user account. It is used to associate an on-premises Active Directory user + account with their Azure AD user object. + :type immutable_id: str + :param usage_location: A two letter country code (ISO standard 3166). + Required for users that will be assigned licenses due to legal requirement + to check for availability of services in countries. Examples include: + "US", "JP", and "GB". + :type usage_location: str + :param given_name: The given name for the user. + :type given_name: str + :param surname: The user's surname (family name or last name). + :type surname: str + :param user_type: A string value that can be used to classify user types + in your directory, such as 'Member' and 'Guest'. Possible values include: + 'Member', 'Guest' + :type user_type: str or ~azure.graphrbac.models.UserType + :param account_enabled: Whether the account is enabled. + :type account_enabled: bool + :param display_name: The display name of the user. + :type display_name: str + :param password_profile: The password profile of the user. + :type password_profile: ~azure.graphrbac.models.PasswordProfile + :param user_principal_name: The user principal name + (someuser@contoso.com). It must contain one of the verified domains for + the tenant. + :type user_principal_name: str + :param mail_nickname: The mail alias for the user. + :type mail_nickname: str + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'immutable_id': {'key': 'immutableId', 'type': 'str'}, + 'usage_location': {'key': 'usageLocation', 'type': 'str'}, + 'given_name': {'key': 'givenName', 'type': 'str'}, + 'surname': {'key': 'surname', 'type': 'str'}, + 'user_type': {'key': 'userType', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'password_profile': {'key': 'passwordProfile', 'type': 'PasswordProfile'}, + 'user_principal_name': {'key': 'userPrincipalName', 'type': 'str'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(UserUpdateParameters, self).__init__(**kwargs) + self.account_enabled = kwargs.get('account_enabled', None) + self.display_name = kwargs.get('display_name', None) + self.password_profile = kwargs.get('password_profile', None) + self.user_principal_name = kwargs.get('user_principal_name', None) + self.mail_nickname = kwargs.get('mail_nickname', None) diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_models_py3.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_models_py3.py new file mode 100644 index 000000000000..8a8e440da949 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_models_py3.py @@ -0,0 +1,2332 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model +from msrest.exceptions import HttpOperationError + + +class AddOwnerParameters(Model): + """Request parameters for adding a owner to an application. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param url: Required. A owner object URL, such as + "https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd", + where "0b1f9851-1bf0-433f-aec3-cb9272f093dc" is the tenantId and + "f260bbc4-c254-447b-94cf-293b5ec434dd" is the objectId of the owner (user, + application, servicePrincipal, group) to be added. + :type url: str + """ + + _validation = { + 'url': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'url': {'key': 'url', 'type': 'str'}, + } + + def __init__(self, *, url: str, additional_properties=None, **kwargs) -> None: + super(AddOwnerParameters, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.url = url + + +class DirectoryObject(Model): + """Represents an Azure Active Directory object. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: Application, AppRoleAssignment, ADGroup, ServicePrincipal, + User + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + } + + _subtype_map = { + 'object_type': {'Application': 'Application', 'AppRoleAssignment': 'AppRoleAssignment', 'Group': 'ADGroup', 'ServicePrincipal': 'ServicePrincipal', 'User': 'User'} + } + + def __init__(self, *, additional_properties=None, **kwargs) -> None: + super(DirectoryObject, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.object_id = None + self.deletion_timestamp = None + self.object_type = None + + +class ADGroup(DirectoryObject): + """Active Directory group information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param display_name: The display name of the group. + :type display_name: str + :param mail_enabled: Whether the group is mail-enabled. Must be false. + This is because only pure security groups can be created using the Graph + API. + :type mail_enabled: bool + :param mail_nickname: The mail alias for the group. + :type mail_nickname: str + :param security_enabled: Whether the group is security-enable. + :type security_enabled: bool + :param mail: The primary email address of the group. + :type mail: str + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'mail_enabled': {'key': 'mailEnabled', 'type': 'bool'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + 'security_enabled': {'key': 'securityEnabled', 'type': 'bool'}, + 'mail': {'key': 'mail', 'type': 'str'}, + } + + def __init__(self, *, additional_properties=None, display_name: str=None, mail_enabled: bool=None, mail_nickname: str=None, security_enabled: bool=None, mail: str=None, **kwargs) -> None: + super(ADGroup, self).__init__(additional_properties=additional_properties, **kwargs) + self.display_name = display_name + self.mail_enabled = mail_enabled + self.mail_nickname = mail_nickname + self.security_enabled = security_enabled + self.mail = mail + self.object_type = 'Group' + + +class Application(DirectoryObject): + """Active Directory application information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param app_id: The application ID. + :type app_id: str + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param display_name: The display name of the application. + :type display_name: str + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. Possible values + include: 'None', 'SecurityGroup', 'All' + :type group_membership_claims: str or + ~azure.graphrbac.models.GroupMembershipClaimTypes + :param homepage: The home page of the application. + :type homepage: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] + :param informational_urls: URLs with more information about the + application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorized applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganization, AzureADAllOrganizations, + AzureADAndMicrosoftAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'app_id': {'key': 'appId', 'type': 'str'}, + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + } + + def __init__(self, *, additional_properties=None, app_id: str=None, allow_guests_sign_in: bool=None, allow_passthrough_users: bool=None, app_logo_url: str=None, app_roles=None, app_permissions=None, available_to_other_tenants: bool=None, display_name: str=None, error_url: str=None, group_membership_claims=None, homepage: str=None, identifier_uris=None, informational_urls=None, is_device_only_auth_supported: bool=None, key_credentials=None, known_client_applications=None, logout_url: str=None, oauth2_allow_implicit_flow: bool=None, oauth2_allow_url_path_matching: bool=None, oauth2_permissions=None, oauth2_require_post_response: bool=None, org_restrictions=None, optional_claims=None, password_credentials=None, pre_authorized_applications=None, public_client: bool=None, publisher_domain: str=None, reply_urls=None, required_resource_access=None, saml_metadata_url: str=None, sign_in_audience: str=None, www_homepage: str=None, **kwargs) -> None: + super(Application, self).__init__(additional_properties=additional_properties, **kwargs) + self.app_id = app_id + self.allow_guests_sign_in = allow_guests_sign_in + self.allow_passthrough_users = allow_passthrough_users + self.app_logo_url = app_logo_url + self.app_roles = app_roles + self.app_permissions = app_permissions + self.available_to_other_tenants = available_to_other_tenants + self.display_name = display_name + self.error_url = error_url + self.group_membership_claims = group_membership_claims + self.homepage = homepage + self.identifier_uris = identifier_uris + self.informational_urls = informational_urls + self.is_device_only_auth_supported = is_device_only_auth_supported + self.key_credentials = key_credentials + self.known_client_applications = known_client_applications + self.logout_url = logout_url + self.oauth2_allow_implicit_flow = oauth2_allow_implicit_flow + self.oauth2_allow_url_path_matching = oauth2_allow_url_path_matching + self.oauth2_permissions = oauth2_permissions + self.oauth2_require_post_response = oauth2_require_post_response + self.org_restrictions = org_restrictions + self.optional_claims = optional_claims + self.password_credentials = password_credentials + self.pre_authorized_applications = pre_authorized_applications + self.public_client = public_client + self.publisher_domain = publisher_domain + self.reply_urls = reply_urls + self.required_resource_access = required_resource_access + self.saml_metadata_url = saml_metadata_url + self.sign_in_audience = sign_in_audience + self.www_homepage = www_homepage + self.object_type = 'Application' + + +class ApplicationBase(Model): + """Active Directive Application common properties shared among GET, POST and + PATCH. + + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. Possible values + include: 'None', 'SecurityGroup', 'All' + :type group_membership_claims: str or + ~azure.graphrbac.models.GroupMembershipClaimTypes + :param homepage: The home page of the application. + :type homepage: str + :param informational_urls: URLs with more information about the + application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorized applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganization, AzureADAllOrganizations, + AzureADAndMicrosoftAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + """ + + _attribute_map = { + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + } + + def __init__(self, *, allow_guests_sign_in: bool=None, allow_passthrough_users: bool=None, app_logo_url: str=None, app_roles=None, app_permissions=None, available_to_other_tenants: bool=None, error_url: str=None, group_membership_claims=None, homepage: str=None, informational_urls=None, is_device_only_auth_supported: bool=None, key_credentials=None, known_client_applications=None, logout_url: str=None, oauth2_allow_implicit_flow: bool=None, oauth2_allow_url_path_matching: bool=None, oauth2_permissions=None, oauth2_require_post_response: bool=None, org_restrictions=None, optional_claims=None, password_credentials=None, pre_authorized_applications=None, public_client: bool=None, publisher_domain: str=None, reply_urls=None, required_resource_access=None, saml_metadata_url: str=None, sign_in_audience: str=None, www_homepage: str=None, **kwargs) -> None: + super(ApplicationBase, self).__init__(**kwargs) + self.allow_guests_sign_in = allow_guests_sign_in + self.allow_passthrough_users = allow_passthrough_users + self.app_logo_url = app_logo_url + self.app_roles = app_roles + self.app_permissions = app_permissions + self.available_to_other_tenants = available_to_other_tenants + self.error_url = error_url + self.group_membership_claims = group_membership_claims + self.homepage = homepage + self.informational_urls = informational_urls + self.is_device_only_auth_supported = is_device_only_auth_supported + self.key_credentials = key_credentials + self.known_client_applications = known_client_applications + self.logout_url = logout_url + self.oauth2_allow_implicit_flow = oauth2_allow_implicit_flow + self.oauth2_allow_url_path_matching = oauth2_allow_url_path_matching + self.oauth2_permissions = oauth2_permissions + self.oauth2_require_post_response = oauth2_require_post_response + self.org_restrictions = org_restrictions + self.optional_claims = optional_claims + self.password_credentials = password_credentials + self.pre_authorized_applications = pre_authorized_applications + self.public_client = public_client + self.publisher_domain = publisher_domain + self.reply_urls = reply_urls + self.required_resource_access = required_resource_access + self.saml_metadata_url = saml_metadata_url + self.sign_in_audience = sign_in_audience + self.www_homepage = www_homepage + + +class ApplicationCreateParameters(ApplicationBase): + """Request parameters for creating a new application. + + All required parameters must be populated in order to send to Azure. + + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. Possible values + include: 'None', 'SecurityGroup', 'All' + :type group_membership_claims: str or + ~azure.graphrbac.models.GroupMembershipClaimTypes + :param homepage: The home page of the application. + :type homepage: str + :param informational_urls: URLs with more information about the + application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorized applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganization, AzureADAllOrganizations, + AzureADAndMicrosoftAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + :param display_name: Required. The display name of the application. + :type display_name: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] + """ + + _validation = { + 'display_name': {'required': True}, + } + + _attribute_map = { + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, + } + + def __init__(self, *, display_name: str, allow_guests_sign_in: bool=None, allow_passthrough_users: bool=None, app_logo_url: str=None, app_roles=None, app_permissions=None, available_to_other_tenants: bool=None, error_url: str=None, group_membership_claims=None, homepage: str=None, informational_urls=None, is_device_only_auth_supported: bool=None, key_credentials=None, known_client_applications=None, logout_url: str=None, oauth2_allow_implicit_flow: bool=None, oauth2_allow_url_path_matching: bool=None, oauth2_permissions=None, oauth2_require_post_response: bool=None, org_restrictions=None, optional_claims=None, password_credentials=None, pre_authorized_applications=None, public_client: bool=None, publisher_domain: str=None, reply_urls=None, required_resource_access=None, saml_metadata_url: str=None, sign_in_audience: str=None, www_homepage: str=None, identifier_uris=None, **kwargs) -> None: + super(ApplicationCreateParameters, self).__init__(allow_guests_sign_in=allow_guests_sign_in, allow_passthrough_users=allow_passthrough_users, app_logo_url=app_logo_url, app_roles=app_roles, app_permissions=app_permissions, available_to_other_tenants=available_to_other_tenants, error_url=error_url, group_membership_claims=group_membership_claims, homepage=homepage, informational_urls=informational_urls, is_device_only_auth_supported=is_device_only_auth_supported, key_credentials=key_credentials, known_client_applications=known_client_applications, logout_url=logout_url, oauth2_allow_implicit_flow=oauth2_allow_implicit_flow, oauth2_allow_url_path_matching=oauth2_allow_url_path_matching, oauth2_permissions=oauth2_permissions, oauth2_require_post_response=oauth2_require_post_response, org_restrictions=org_restrictions, optional_claims=optional_claims, password_credentials=password_credentials, pre_authorized_applications=pre_authorized_applications, public_client=public_client, publisher_domain=publisher_domain, reply_urls=reply_urls, required_resource_access=required_resource_access, saml_metadata_url=saml_metadata_url, sign_in_audience=sign_in_audience, www_homepage=www_homepage, **kwargs) + self.display_name = display_name + self.identifier_uris = identifier_uris + + +class ApplicationUpdateParameters(ApplicationBase): + """Request parameters for updating a new application. + + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. Possible values + include: 'None', 'SecurityGroup', 'All' + :type group_membership_claims: str or + ~azure.graphrbac.models.GroupMembershipClaimTypes + :param homepage: The home page of the application. + :type homepage: str + :param informational_urls: URLs with more information about the + application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorized applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganization, AzureADAllOrganizations, + AzureADAndMicrosoftAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + :param display_name: The display name of the application. + :type display_name: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] + """ + + _attribute_map = { + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, + } + + def __init__(self, *, allow_guests_sign_in: bool=None, allow_passthrough_users: bool=None, app_logo_url: str=None, app_roles=None, app_permissions=None, available_to_other_tenants: bool=None, error_url: str=None, group_membership_claims=None, homepage: str=None, informational_urls=None, is_device_only_auth_supported: bool=None, key_credentials=None, known_client_applications=None, logout_url: str=None, oauth2_allow_implicit_flow: bool=None, oauth2_allow_url_path_matching: bool=None, oauth2_permissions=None, oauth2_require_post_response: bool=None, org_restrictions=None, optional_claims=None, password_credentials=None, pre_authorized_applications=None, public_client: bool=None, publisher_domain: str=None, reply_urls=None, required_resource_access=None, saml_metadata_url: str=None, sign_in_audience: str=None, www_homepage: str=None, display_name: str=None, identifier_uris=None, **kwargs) -> None: + super(ApplicationUpdateParameters, self).__init__(allow_guests_sign_in=allow_guests_sign_in, allow_passthrough_users=allow_passthrough_users, app_logo_url=app_logo_url, app_roles=app_roles, app_permissions=app_permissions, available_to_other_tenants=available_to_other_tenants, error_url=error_url, group_membership_claims=group_membership_claims, homepage=homepage, informational_urls=informational_urls, is_device_only_auth_supported=is_device_only_auth_supported, key_credentials=key_credentials, known_client_applications=known_client_applications, logout_url=logout_url, oauth2_allow_implicit_flow=oauth2_allow_implicit_flow, oauth2_allow_url_path_matching=oauth2_allow_url_path_matching, oauth2_permissions=oauth2_permissions, oauth2_require_post_response=oauth2_require_post_response, org_restrictions=org_restrictions, optional_claims=optional_claims, password_credentials=password_credentials, pre_authorized_applications=pre_authorized_applications, public_client=public_client, publisher_domain=publisher_domain, reply_urls=reply_urls, required_resource_access=required_resource_access, saml_metadata_url=saml_metadata_url, sign_in_audience=sign_in_audience, www_homepage=www_homepage, **kwargs) + self.display_name = display_name + self.identifier_uris = identifier_uris + + +class AppRole(Model): + """AppRole. + + :param id: Unique role identifier inside the appRoles collection. + :type id: str + :param allowed_member_types: Specifies whether this app role definition + can be assigned to users and groups by setting to 'User', or to other + applications (that are accessing this application in daemon service + scenarios) by setting to 'Application', or to both. + :type allowed_member_types: list[str] + :param description: Permission help text that appears in the admin app + assignment and consent experiences. + :type description: str + :param display_name: Display name for the permission that appears in the + admin consent and app assignment experiences. + :type display_name: str + :param is_enabled: When creating or updating a role definition, this must + be set to true (which is the default). To delete a role, this must first + be set to false. At that point, in a subsequent call, this role may be + removed. + :type is_enabled: bool + :param value: Specifies the value of the roles claim that the application + should expect in the authentication and access tokens. + :type value: str + """ + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'allowed_member_types': {'key': 'allowedMemberTypes', 'type': '[str]'}, + 'description': {'key': 'description', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'value': {'key': 'value', 'type': 'str'}, + } + + def __init__(self, *, id: str=None, allowed_member_types=None, description: str=None, display_name: str=None, is_enabled: bool=None, value: str=None, **kwargs) -> None: + super(AppRole, self).__init__(**kwargs) + self.id = id + self.allowed_member_types = allowed_member_types + self.description = description + self.display_name = display_name + self.is_enabled = is_enabled + self.value = value + + +class AppRoleAssignment(DirectoryObject): + """AppRoleAssignment information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param id: The role id that was assigned to the principal. This role must + be declared by the target resource application resourceId in its appRoles + property. + :type id: str + :param principal_display_name: The display name of the principal that was + granted the access. + :type principal_display_name: str + :param principal_id: The unique identifier (objectId) for the principal + being granted the access. + :type principal_id: str + :param principal_type: The type of principal. This can either be "User", + "Group" or "ServicePrincipal". + :type principal_type: str + :param resource_display_name: The display name of the resource to which + the assignment was made. + :type resource_display_name: str + :param resource_id: The unique identifier (objectId) for the target + resource (service principal) for which the assignment was made. + :type resource_id: str + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'principal_display_name': {'key': 'principalDisplayName', 'type': 'str'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'principal_type': {'key': 'principalType', 'type': 'str'}, + 'resource_display_name': {'key': 'resourceDisplayName', 'type': 'str'}, + 'resource_id': {'key': 'resourceId', 'type': 'str'}, + } + + def __init__(self, *, additional_properties=None, id: str=None, principal_display_name: str=None, principal_id: str=None, principal_type: str=None, resource_display_name: str=None, resource_id: str=None, **kwargs) -> None: + super(AppRoleAssignment, self).__init__(additional_properties=additional_properties, **kwargs) + self.id = id + self.principal_display_name = principal_display_name + self.principal_id = principal_id + self.principal_type = principal_type + self.resource_display_name = resource_display_name + self.resource_id = resource_id + self.object_type = 'AppRoleAssignment' + + +class CheckGroupMembershipParameters(Model): + """Request parameters for IsMemberOf API call. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param group_id: Required. The object ID of the group to check. + :type group_id: str + :param member_id: Required. The object ID of the contact, group, user, or + service principal to check for membership in the specified group. + :type member_id: str + """ + + _validation = { + 'group_id': {'required': True}, + 'member_id': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'group_id': {'key': 'groupId', 'type': 'str'}, + 'member_id': {'key': 'memberId', 'type': 'str'}, + } + + def __init__(self, *, group_id: str, member_id: str, additional_properties=None, **kwargs) -> None: + super(CheckGroupMembershipParameters, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.group_id = group_id + self.member_id = member_id + + +class CheckGroupMembershipResult(Model): + """Server response for IsMemberOf API call. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param value: True if the specified user, group, contact, or service + principal has either direct or transitive membership in the specified + group; otherwise, false. + :type value: bool + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'value': {'key': 'value', 'type': 'bool'}, + } + + def __init__(self, *, additional_properties=None, value: bool=None, **kwargs) -> None: + super(CheckGroupMembershipResult, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.value = value + + +class CloudError(Model): + """CloudError. + """ + + _attribute_map = { + } + + +class Domain(Model): + """Active Directory Domain information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar authentication_type: the type of the authentication into the domain. + :vartype authentication_type: str + :ivar is_default: if this is the default domain in the tenant. + :vartype is_default: bool + :ivar is_verified: if this domain's ownership is verified. + :vartype is_verified: bool + :param name: Required. the domain name. + :type name: str + """ + + _validation = { + 'authentication_type': {'readonly': True}, + 'is_default': {'readonly': True}, + 'is_verified': {'readonly': True}, + 'name': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'authentication_type': {'key': 'authenticationType', 'type': 'str'}, + 'is_default': {'key': 'isDefault', 'type': 'bool'}, + 'is_verified': {'key': 'isVerified', 'type': 'bool'}, + 'name': {'key': 'name', 'type': 'str'}, + } + + def __init__(self, *, name: str, additional_properties=None, **kwargs) -> None: + super(Domain, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.authentication_type = None + self.is_default = None + self.is_verified = None + self.name = name + + +class GetObjectsParameters(Model): + """Request parameters for the GetObjectsByObjectIds API. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param object_ids: The requested object IDs. + :type object_ids: list[str] + :param types: The requested object types. + :type types: list[str] + :param include_directory_object_references: If true, also searches for + object IDs in the partner tenant. + :type include_directory_object_references: bool + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_ids': {'key': 'objectIds', 'type': '[str]'}, + 'types': {'key': 'types', 'type': '[str]'}, + 'include_directory_object_references': {'key': 'includeDirectoryObjectReferences', 'type': 'bool'}, + } + + def __init__(self, *, additional_properties=None, object_ids=None, types=None, include_directory_object_references: bool=None, **kwargs) -> None: + super(GetObjectsParameters, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.object_ids = object_ids + self.types = types + self.include_directory_object_references = include_directory_object_references + + +class GraphError(Model): + """Active Directory error information. + + :param code: Error code. + :type code: str + :param message: Error message value. + :type message: str + """ + + _attribute_map = { + 'code': {'key': 'odata\\.error.code', 'type': 'str'}, + 'message': {'key': 'odata\\.error.message.value', 'type': 'str'}, + } + + def __init__(self, *, code: str=None, message: str=None, **kwargs) -> None: + super(GraphError, self).__init__(**kwargs) + self.code = code + self.message = message + + +class GraphErrorException(HttpOperationError): + """Server responsed with exception of type: 'GraphError'. + + :param deserialize: A deserializer + :param response: Server response to be deserialized. + """ + + def __init__(self, deserialize, response, *args): + + super(GraphErrorException, self).__init__(deserialize, response, 'GraphError', *args) + + +class GroupAddMemberParameters(Model): + """Request parameters for adding a member to a group. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param url: Required. A member object URL, such as + "https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd", + where "0b1f9851-1bf0-433f-aec3-cb9272f093dc" is the tenantId and + "f260bbc4-c254-447b-94cf-293b5ec434dd" is the objectId of the member + (user, application, servicePrincipal, group) to be added. + :type url: str + """ + + _validation = { + 'url': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'url': {'key': 'url', 'type': 'str'}, + } + + def __init__(self, *, url: str, additional_properties=None, **kwargs) -> None: + super(GroupAddMemberParameters, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.url = url + + +class GroupCreateParameters(Model): + """Request parameters for creating a new group. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param display_name: Required. Group display name + :type display_name: str + :ivar mail_enabled: Required. Whether the group is mail-enabled. Must be + false. This is because only pure security groups can be created using the + Graph API. Default value: False . + :vartype mail_enabled: bool + :param mail_nickname: Required. Mail nickname + :type mail_nickname: str + :ivar security_enabled: Required. Whether the group is a security group. + Must be true. This is because only pure security groups can be created + using the Graph API. Default value: True . + :vartype security_enabled: bool + """ + + _validation = { + 'display_name': {'required': True}, + 'mail_enabled': {'required': True, 'constant': True}, + 'mail_nickname': {'required': True}, + 'security_enabled': {'required': True, 'constant': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'mail_enabled': {'key': 'mailEnabled', 'type': 'bool'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + 'security_enabled': {'key': 'securityEnabled', 'type': 'bool'}, + } + + mail_enabled = False + + security_enabled = True + + def __init__(self, *, display_name: str, mail_nickname: str, additional_properties=None, **kwargs) -> None: + super(GroupCreateParameters, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.display_name = display_name + self.mail_nickname = mail_nickname + + +class GroupGetMemberGroupsParameters(Model): + """Request parameters for GetMemberGroups API call. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param security_enabled_only: Required. If true, only membership in + security-enabled groups should be checked. Otherwise, membership in all + groups should be checked. + :type security_enabled_only: bool + """ + + _validation = { + 'security_enabled_only': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'security_enabled_only': {'key': 'securityEnabledOnly', 'type': 'bool'}, + } + + def __init__(self, *, security_enabled_only: bool, additional_properties=None, **kwargs) -> None: + super(GroupGetMemberGroupsParameters, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.security_enabled_only = security_enabled_only + + +class InformationalUrl(Model): + """Represents a group of URIs that provide terms of service, marketing, + support and privacy policy information about an application. The default + value for each string is null. + + :param terms_of_service: The terms of service URI + :type terms_of_service: str + :param marketing: The marketing URI + :type marketing: str + :param privacy: The privacy policy URI + :type privacy: str + :param support: The support URI + :type support: str + """ + + _attribute_map = { + 'terms_of_service': {'key': 'termsOfService', 'type': 'str'}, + 'marketing': {'key': 'marketing', 'type': 'str'}, + 'privacy': {'key': 'privacy', 'type': 'str'}, + 'support': {'key': 'support', 'type': 'str'}, + } + + def __init__(self, *, terms_of_service: str=None, marketing: str=None, privacy: str=None, support: str=None, **kwargs) -> None: + super(InformationalUrl, self).__init__(**kwargs) + self.terms_of_service = terms_of_service + self.marketing = marketing + self.privacy = privacy + self.support = support + + +class KeyCredential(Model): + """Active Directory Key Credential information. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param start_date: Start date. + :type start_date: datetime + :param end_date: End date. + :type end_date: datetime + :param value: Key value. + :type value: str + :param key_id: Key ID. + :type key_id: str + :param usage: Usage. Acceptable values are 'Verify' and 'Sign'. + :type usage: str + :param type: Type. Acceptable values are 'AsymmetricX509Cert' and + 'Symmetric'. + :type type: str + :param custom_key_identifier: Custom Key Identifier + :type custom_key_identifier: str + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'start_date': {'key': 'startDate', 'type': 'iso-8601'}, + 'end_date': {'key': 'endDate', 'type': 'iso-8601'}, + 'value': {'key': 'value', 'type': 'str'}, + 'key_id': {'key': 'keyId', 'type': 'str'}, + 'usage': {'key': 'usage', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'custom_key_identifier': {'key': 'customKeyIdentifier', 'type': 'str'}, + } + + def __init__(self, *, additional_properties=None, start_date=None, end_date=None, value: str=None, key_id: str=None, usage: str=None, type: str=None, custom_key_identifier: str=None, **kwargs) -> None: + super(KeyCredential, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.start_date = start_date + self.end_date = end_date + self.value = value + self.key_id = key_id + self.usage = usage + self.type = type + self.custom_key_identifier = custom_key_identifier + + +class KeyCredentialsUpdateParameters(Model): + """Request parameters for a KeyCredentials update operation. + + All required parameters must be populated in order to send to Azure. + + :param value: Required. A collection of KeyCredentials. + :type value: list[~azure.graphrbac.models.KeyCredential] + """ + + _validation = { + 'value': {'required': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[KeyCredential]'}, + } + + def __init__(self, *, value, **kwargs) -> None: + super(KeyCredentialsUpdateParameters, self).__init__(**kwargs) + self.value = value + + +class OAuth2Permission(Model): + """Represents an OAuth 2.0 delegated permission scope. The specified OAuth 2.0 + delegated permission scopes may be requested by client applications + (through the requiredResourceAccess collection on the Application object) + when calling a resource application. The oauth2Permissions property of the + ServicePrincipal entity and of the Application entity is a collection of + OAuth2Permission. + + :param admin_consent_description: Permission help text that appears in the + admin consent and app assignment experiences. + :type admin_consent_description: str + :param admin_consent_display_name: Display name for the permission that + appears in the admin consent and app assignment experiences. + :type admin_consent_display_name: str + :param id: Unique scope permission identifier inside the oauth2Permissions + collection. + :type id: str + :param is_enabled: When creating or updating a permission, this property + must be set to true (which is the default). To delete a permission, this + property must first be set to false. At that point, in a subsequent call, + the permission may be removed. + :type is_enabled: bool + :param type: Specifies whether this scope permission can be consented to + by an end user, or whether it is a tenant-wide permission that must be + consented to by a Company Administrator. Possible values are "User" or + "Admin". + :type type: str + :param user_consent_description: Permission help text that appears in the + end user consent experience. + :type user_consent_description: str + :param user_consent_display_name: Display name for the permission that + appears in the end user consent experience. + :type user_consent_display_name: str + :param value: The value of the scope claim that the resource application + should expect in the OAuth 2.0 access token. + :type value: str + """ + + _attribute_map = { + 'admin_consent_description': {'key': 'adminConsentDescription', 'type': 'str'}, + 'admin_consent_display_name': {'key': 'adminConsentDisplayName', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'type': {'key': 'type', 'type': 'str'}, + 'user_consent_description': {'key': 'userConsentDescription', 'type': 'str'}, + 'user_consent_display_name': {'key': 'userConsentDisplayName', 'type': 'str'}, + 'value': {'key': 'value', 'type': 'str'}, + } + + def __init__(self, *, admin_consent_description: str=None, admin_consent_display_name: str=None, id: str=None, is_enabled: bool=None, type: str=None, user_consent_description: str=None, user_consent_display_name: str=None, value: str=None, **kwargs) -> None: + super(OAuth2Permission, self).__init__(**kwargs) + self.admin_consent_description = admin_consent_description + self.admin_consent_display_name = admin_consent_display_name + self.id = id + self.is_enabled = is_enabled + self.type = type + self.user_consent_description = user_consent_description + self.user_consent_display_name = user_consent_display_name + self.value = value + + +class OAuth2PermissionGrant(Model): + """OAuth2PermissionGrant. + + :param odatatype: Microsoft.DirectoryServices.OAuth2PermissionGrant + :type odatatype: str + :param client_id: The id of the resource's service principal granted + consent to impersonate the user when accessing the resource (represented + by the resourceId property). + :type client_id: str + :param object_id: The id of the permission grant + :type object_id: str + :param consent_type: Indicates if consent was provided by the + administrator (on behalf of the organization) or by an individual. + Possible values include: 'AllPrincipals', 'Principal' + :type consent_type: str or ~azure.graphrbac.models.ConsentType + :param principal_id: When consent type is Principal, this property + specifies the id of the user that granted consent and applies only for + that user. + :type principal_id: str + :param resource_id: Object Id of the resource you want to grant + :type resource_id: str + :param scope: Specifies the value of the scope claim that the resource + application should expect in the OAuth 2.0 access token. For example, + User.Read + :type scope: str + :param start_time: Start time for TTL + :type start_time: str + :param expiry_time: Expiry time for TTL + :type expiry_time: str + """ + + _attribute_map = { + 'odatatype': {'key': 'odata\\.type', 'type': 'str'}, + 'client_id': {'key': 'clientId', 'type': 'str'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'consent_type': {'key': 'consentType', 'type': 'str'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, + 'resource_id': {'key': 'resourceId', 'type': 'str'}, + 'scope': {'key': 'scope', 'type': 'str'}, + 'start_time': {'key': 'startTime', 'type': 'str'}, + 'expiry_time': {'key': 'expiryTime', 'type': 'str'}, + } + + def __init__(self, *, odatatype: str=None, client_id: str=None, object_id: str=None, consent_type=None, principal_id: str=None, resource_id: str=None, scope: str=None, start_time: str=None, expiry_time: str=None, **kwargs) -> None: + super(OAuth2PermissionGrant, self).__init__(**kwargs) + self.odatatype = odatatype + self.client_id = client_id + self.object_id = object_id + self.consent_type = consent_type + self.principal_id = principal_id + self.resource_id = resource_id + self.scope = scope + self.start_time = start_time + self.expiry_time = expiry_time + + +class OptionalClaim(Model): + """Specifying the claims to be included in a token. + + :param name: Claim name. + :type name: str + :param source: Claim source. + :type source: str + :param essential: Is this a required claim. + :type essential: bool + :param additional_properties: + :type additional_properties: object + """ + + _attribute_map = { + 'name': {'key': 'name', 'type': 'str'}, + 'source': {'key': 'source', 'type': 'str'}, + 'essential': {'key': 'essential', 'type': 'bool'}, + 'additional_properties': {'key': 'additionalProperties', 'type': 'object'}, + } + + def __init__(self, *, name: str=None, source: str=None, essential: bool=None, additional_properties=None, **kwargs) -> None: + super(OptionalClaim, self).__init__(**kwargs) + self.name = name + self.source = source + self.essential = essential + self.additional_properties = additional_properties + + +class OptionalClaims(Model): + """Specifying the claims to be included in the token. + + :param id_token: Optional claims requested to be included in the id token. + :type id_token: list[~azure.graphrbac.models.OptionalClaim] + :param access_token: Optional claims requested to be included in the + access token. + :type access_token: list[~azure.graphrbac.models.OptionalClaim] + :param saml_token: Optional claims requested to be included in the saml + token. + :type saml_token: list[~azure.graphrbac.models.OptionalClaim] + """ + + _attribute_map = { + 'id_token': {'key': 'idToken', 'type': '[OptionalClaim]'}, + 'access_token': {'key': 'accessToken', 'type': '[OptionalClaim]'}, + 'saml_token': {'key': 'samlToken', 'type': '[OptionalClaim]'}, + } + + def __init__(self, *, id_token=None, access_token=None, saml_token=None, **kwargs) -> None: + super(OptionalClaims, self).__init__(**kwargs) + self.id_token = id_token + self.access_token = access_token + self.saml_token = saml_token + + +class PasswordCredential(Model): + """Active Directory Password Credential information. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param start_date: Start date. + :type start_date: datetime + :param end_date: End date. + :type end_date: datetime + :param key_id: Key ID. + :type key_id: str + :param value: Key value. + :type value: str + :param custom_key_identifier: Custom Key Identifier + :type custom_key_identifier: bytearray + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'start_date': {'key': 'startDate', 'type': 'iso-8601'}, + 'end_date': {'key': 'endDate', 'type': 'iso-8601'}, + 'key_id': {'key': 'keyId', 'type': 'str'}, + 'value': {'key': 'value', 'type': 'str'}, + 'custom_key_identifier': {'key': 'customKeyIdentifier', 'type': 'bytearray'}, + } + + def __init__(self, *, additional_properties=None, start_date=None, end_date=None, key_id: str=None, value: str=None, custom_key_identifier: bytearray=None, **kwargs) -> None: + super(PasswordCredential, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.start_date = start_date + self.end_date = end_date + self.key_id = key_id + self.value = value + self.custom_key_identifier = custom_key_identifier + + +class PasswordCredentialsUpdateParameters(Model): + """Request parameters for a PasswordCredentials update operation. + + All required parameters must be populated in order to send to Azure. + + :param value: Required. A collection of PasswordCredentials. + :type value: list[~azure.graphrbac.models.PasswordCredential] + """ + + _validation = { + 'value': {'required': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[PasswordCredential]'}, + } + + def __init__(self, *, value, **kwargs) -> None: + super(PasswordCredentialsUpdateParameters, self).__init__(**kwargs) + self.value = value + + +class PasswordProfile(Model): + """The password profile associated with a user. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param password: Required. Password + :type password: str + :param force_change_password_next_login: Whether to force a password + change on next login. + :type force_change_password_next_login: bool + """ + + _validation = { + 'password': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'password': {'key': 'password', 'type': 'str'}, + 'force_change_password_next_login': {'key': 'forceChangePasswordNextLogin', 'type': 'bool'}, + } + + def __init__(self, *, password: str, additional_properties=None, force_change_password_next_login: bool=None, **kwargs) -> None: + super(PasswordProfile, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.password = password + self.force_change_password_next_login = force_change_password_next_login + + +class PreAuthorizedApplication(Model): + """Contains information about pre authorized client application. + + :param app_id: Represents the application id. + :type app_id: str + :param permissions: Collection of required app permissions/entitlements + from the resource application. + :type permissions: + list[~azure.graphrbac.models.PreAuthorizedApplicationPermission] + :param extensions: Collection of extensions from the resource application. + :type extensions: + list[~azure.graphrbac.models.PreAuthorizedApplicationExtension] + """ + + _attribute_map = { + 'app_id': {'key': 'appId', 'type': 'str'}, + 'permissions': {'key': 'permissions', 'type': '[PreAuthorizedApplicationPermission]'}, + 'extensions': {'key': 'extensions', 'type': '[PreAuthorizedApplicationExtension]'}, + } + + def __init__(self, *, app_id: str=None, permissions=None, extensions=None, **kwargs) -> None: + super(PreAuthorizedApplication, self).__init__(**kwargs) + self.app_id = app_id + self.permissions = permissions + self.extensions = extensions + + +class PreAuthorizedApplicationExtension(Model): + """Representation of an app PreAuthorizedApplicationExtension required by a + pre authorized client app. + + :param conditions: The extension's conditions. + :type conditions: list[str] + """ + + _attribute_map = { + 'conditions': {'key': 'conditions', 'type': '[str]'}, + } + + def __init__(self, *, conditions=None, **kwargs) -> None: + super(PreAuthorizedApplicationExtension, self).__init__(**kwargs) + self.conditions = conditions + + +class PreAuthorizedApplicationPermission(Model): + """Contains information about the pre-authorized permissions. + + :param direct_access_grant: Indicates whether the permission set is + DirectAccess or impersonation. + :type direct_access_grant: bool + :param access_grants: The list of permissions. + :type access_grants: list[str] + """ + + _attribute_map = { + 'direct_access_grant': {'key': 'directAccessGrant', 'type': 'bool'}, + 'access_grants': {'key': 'accessGrants', 'type': '[str]'}, + } + + def __init__(self, *, direct_access_grant: bool=None, access_grants=None, **kwargs) -> None: + super(PreAuthorizedApplicationPermission, self).__init__(**kwargs) + self.direct_access_grant = direct_access_grant + self.access_grants = access_grants + + +class RequiredResourceAccess(Model): + """Specifies the set of OAuth 2.0 permission scopes and app roles under the + specified resource that an application requires access to. The specified + OAuth 2.0 permission scopes may be requested by client applications + (through the requiredResourceAccess collection) when calling a resource + application. The requiredResourceAccess property of the Application entity + is a collection of RequiredResourceAccess. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param resource_access: Required. The list of OAuth2.0 permission scopes + and app roles that the application requires from the specified resource. + :type resource_access: list[~azure.graphrbac.models.ResourceAccess] + :param resource_app_id: The unique identifier for the resource that the + application requires access to. This should be equal to the appId declared + on the target resource application. + :type resource_app_id: str + """ + + _validation = { + 'resource_access': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'resource_access': {'key': 'resourceAccess', 'type': '[ResourceAccess]'}, + 'resource_app_id': {'key': 'resourceAppId', 'type': 'str'}, + } + + def __init__(self, *, resource_access, additional_properties=None, resource_app_id: str=None, **kwargs) -> None: + super(RequiredResourceAccess, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.resource_access = resource_access + self.resource_app_id = resource_app_id + + +class ResourceAccess(Model): + """Specifies an OAuth 2.0 permission scope or an app role that an application + requires. The resourceAccess property of the RequiredResourceAccess type is + a collection of ResourceAccess. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param id: Required. The unique identifier for one of the OAuth2Permission + or AppRole instances that the resource application exposes. + :type id: str + :param type: Specifies whether the id property references an + OAuth2Permission or an AppRole. Possible values are "scope" or "role". + :type type: str + """ + + _validation = { + 'id': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'id': {'key': 'id', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + } + + def __init__(self, *, id: str, additional_properties=None, type: str=None, **kwargs) -> None: + super(ResourceAccess, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.id = id + self.type = type + + +class ServicePrincipal(DirectoryObject): + """Active Directory service principal information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: bool + :param alternative_names: alternative names + :type alternative_names: list[str] + :ivar app_display_name: The display name exposed by the associated + application. + :vartype app_display_name: str + :param app_id: The application ID. + :type app_id: str + :ivar app_owner_tenant_id: + :vartype app_owner_tenant_id: str + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param display_name: The display name of the service principal. + :type display_name: str + :param error_url: A URL provided by the author of the associated + application to report errors when using the application. + :type error_url: str + :param homepage: The URL to the homepage of the associated application. + :type homepage: str + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param logout_url: A URL provided by the author of the associated + application to logout + :type logout_url: str + :ivar oauth2_permissions: The OAuth 2.0 permissions exposed by the + associated application. + :vartype oauth2_permissions: + list[~azure.graphrbac.models.OAuth2Permission] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param preferred_token_signing_key_thumbprint: The thumbprint of preferred + certificate to sign the token + :type preferred_token_signing_key_thumbprint: str + :param publisher_name: The publisher's name of the associated application + :type publisher_name: str + :param reply_urls: The URLs that user tokens are sent to for sign in with + the associated application. The redirect URIs that the oAuth 2.0 + authorization code and access tokens are sent to for the associated + application. + :type reply_urls: list[str] + :param saml_metadata_url: The URL to the SAML metadata of the associated + application + :type saml_metadata_url: str + :param service_principal_names: A collection of service principal names. + :type service_principal_names: list[str] + :param service_principal_type: the type of the service principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + 'app_display_name': {'readonly': True}, + 'app_owner_tenant_id': {'readonly': True}, + 'oauth2_permissions': {'readonly': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'alternative_names': {'key': 'alternativeNames', 'type': '[str]'}, + 'app_display_name': {'key': 'appDisplayName', 'type': 'str'}, + 'app_id': {'key': 'appId', 'type': 'str'}, + 'app_owner_tenant_id': {'key': 'appOwnerTenantId', 'type': 'str'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'preferred_token_signing_key_thumbprint': {'key': 'preferredTokenSigningKeyThumbprint', 'type': 'str'}, + 'publisher_name': {'key': 'publisherName', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'service_principal_names': {'key': 'servicePrincipalNames', 'type': '[str]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + } + + def __init__(self, *, additional_properties=None, account_enabled: bool=None, alternative_names=None, app_id: str=None, app_role_assignment_required: bool=None, app_roles=None, display_name: str=None, error_url: str=None, homepage: str=None, key_credentials=None, logout_url: str=None, password_credentials=None, preferred_token_signing_key_thumbprint: str=None, publisher_name: str=None, reply_urls=None, saml_metadata_url: str=None, service_principal_names=None, service_principal_type: str=None, tags=None, **kwargs) -> None: + super(ServicePrincipal, self).__init__(additional_properties=additional_properties, **kwargs) + self.account_enabled = account_enabled + self.alternative_names = alternative_names + self.app_display_name = None + self.app_id = app_id + self.app_owner_tenant_id = None + self.app_role_assignment_required = app_role_assignment_required + self.app_roles = app_roles + self.display_name = display_name + self.error_url = error_url + self.homepage = homepage + self.key_credentials = key_credentials + self.logout_url = logout_url + self.oauth2_permissions = None + self.password_credentials = password_credentials + self.preferred_token_signing_key_thumbprint = preferred_token_signing_key_thumbprint + self.publisher_name = publisher_name + self.reply_urls = reply_urls + self.saml_metadata_url = saml_metadata_url + self.service_principal_names = service_principal_names + self.service_principal_type = service_principal_type + self.tags = tags + self.object_type = 'ServicePrincipal' + + +class ServicePrincipalBase(Model): + """Active Directory service principal common properties shared among GET, POST + and PATCH. + + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: bool + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param service_principal_type: the type of the service principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + """ + + _attribute_map = { + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + } + + def __init__(self, *, account_enabled: bool=None, app_role_assignment_required: bool=None, key_credentials=None, password_credentials=None, service_principal_type: str=None, tags=None, **kwargs) -> None: + super(ServicePrincipalBase, self).__init__(**kwargs) + self.account_enabled = account_enabled + self.app_role_assignment_required = app_role_assignment_required + self.key_credentials = key_credentials + self.password_credentials = password_credentials + self.service_principal_type = service_principal_type + self.tags = tags + + +class ServicePrincipalCreateParameters(ServicePrincipalBase): + """Request parameters for creating a new service principal. + + All required parameters must be populated in order to send to Azure. + + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: bool + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param service_principal_type: the type of the service principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + :param app_id: Required. The application ID. + :type app_id: str + """ + + _validation = { + 'app_id': {'required': True}, + } + + _attribute_map = { + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + 'app_id': {'key': 'appId', 'type': 'str'}, + } + + def __init__(self, *, app_id: str, account_enabled: bool=None, app_role_assignment_required: bool=None, key_credentials=None, password_credentials=None, service_principal_type: str=None, tags=None, **kwargs) -> None: + super(ServicePrincipalCreateParameters, self).__init__(account_enabled=account_enabled, app_role_assignment_required=app_role_assignment_required, key_credentials=key_credentials, password_credentials=password_credentials, service_principal_type=service_principal_type, tags=tags, **kwargs) + self.app_id = app_id + + +class ServicePrincipalObjectResult(Model): + """Service Principal Object Result. + + :param value: The Object ID of the service principal with the specified + application ID. + :type value: str + :param odatametadata: The URL representing edm equivalent. + :type odatametadata: str + """ + + _attribute_map = { + 'value': {'key': 'value', 'type': 'str'}, + 'odatametadata': {'key': 'odata\\.metadata', 'type': 'str'}, + } + + def __init__(self, *, value: str=None, odatametadata: str=None, **kwargs) -> None: + super(ServicePrincipalObjectResult, self).__init__(**kwargs) + self.value = value + self.odatametadata = odatametadata + + +class ServicePrincipalUpdateParameters(ServicePrincipalBase): + """Request parameters for update an existing service principal. + + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: bool + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param service_principal_type: the type of the service principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + """ + + _attribute_map = { + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + } + + def __init__(self, *, account_enabled: bool=None, app_role_assignment_required: bool=None, key_credentials=None, password_credentials=None, service_principal_type: str=None, tags=None, **kwargs) -> None: + super(ServicePrincipalUpdateParameters, self).__init__(account_enabled=account_enabled, app_role_assignment_required=app_role_assignment_required, key_credentials=key_credentials, password_credentials=password_credentials, service_principal_type=service_principal_type, tags=tags, **kwargs) + + +class SignInName(Model): + """Contains information about a sign-in name of a local account user in an + Azure Active Directory B2C tenant. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param type: A string value that can be used to classify user sign-in + types in your directory, such as 'emailAddress' or 'userName'. + :type type: str + :param value: The sign-in used by the local account. Must be unique across + the company/tenant. For example, 'johnc@example.com'. + :type value: str + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'type': {'key': 'type', 'type': 'str'}, + 'value': {'key': 'value', 'type': 'str'}, + } + + def __init__(self, *, additional_properties=None, type: str=None, value: str=None, **kwargs) -> None: + super(SignInName, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.type = type + self.value = value + + +class User(DirectoryObject): + """Active Directory user information. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :ivar object_id: The object ID. + :vartype object_id: str + :ivar deletion_timestamp: The time at which the directory object was + deleted. + :vartype deletion_timestamp: datetime + :param object_type: Required. Constant filled by server. + :type object_type: str + :param immutable_id: This must be specified if you are using a federated + domain for the user's userPrincipalName (UPN) property when creating a new + user account. It is used to associate an on-premises Active Directory user + account with their Azure AD user object. + :type immutable_id: str + :param usage_location: A two letter country code (ISO standard 3166). + Required for users that will be assigned licenses due to legal requirement + to check for availability of services in countries. Examples include: + "US", "JP", and "GB". + :type usage_location: str + :param given_name: The given name for the user. + :type given_name: str + :param surname: The user's surname (family name or last name). + :type surname: str + :param user_type: A string value that can be used to classify user types + in your directory, such as 'Member' and 'Guest'. Possible values include: + 'Member', 'Guest' + :type user_type: str or ~azure.graphrbac.models.UserType + :param account_enabled: Whether the account is enabled. + :type account_enabled: bool + :param display_name: The display name of the user. + :type display_name: str + :param user_principal_name: The principal name of the user. + :type user_principal_name: str + :param mail_nickname: The mail alias for the user. + :type mail_nickname: str + :param mail: The primary email address of the user. + :type mail: str + :param sign_in_names: The sign-in names of the user. + :type sign_in_names: list[~azure.graphrbac.models.SignInName] + """ + + _validation = { + 'object_id': {'readonly': True}, + 'deletion_timestamp': {'readonly': True}, + 'object_type': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, + 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, + 'object_type': {'key': 'objectType', 'type': 'str'}, + 'immutable_id': {'key': 'immutableId', 'type': 'str'}, + 'usage_location': {'key': 'usageLocation', 'type': 'str'}, + 'given_name': {'key': 'givenName', 'type': 'str'}, + 'surname': {'key': 'surname', 'type': 'str'}, + 'user_type': {'key': 'userType', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'user_principal_name': {'key': 'userPrincipalName', 'type': 'str'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + 'mail': {'key': 'mail', 'type': 'str'}, + 'sign_in_names': {'key': 'signInNames', 'type': '[SignInName]'}, + } + + def __init__(self, *, additional_properties=None, immutable_id: str=None, usage_location: str=None, given_name: str=None, surname: str=None, user_type=None, account_enabled: bool=None, display_name: str=None, user_principal_name: str=None, mail_nickname: str=None, mail: str=None, sign_in_names=None, **kwargs) -> None: + super(User, self).__init__(additional_properties=additional_properties, **kwargs) + self.immutable_id = immutable_id + self.usage_location = usage_location + self.given_name = given_name + self.surname = surname + self.user_type = user_type + self.account_enabled = account_enabled + self.display_name = display_name + self.user_principal_name = user_principal_name + self.mail_nickname = mail_nickname + self.mail = mail + self.sign_in_names = sign_in_names + self.object_type = 'User' + + +class UserBase(Model): + """UserBase. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param immutable_id: This must be specified if you are using a federated + domain for the user's userPrincipalName (UPN) property when creating a new + user account. It is used to associate an on-premises Active Directory user + account with their Azure AD user object. + :type immutable_id: str + :param usage_location: A two letter country code (ISO standard 3166). + Required for users that will be assigned licenses due to legal requirement + to check for availability of services in countries. Examples include: + "US", "JP", and "GB". + :type usage_location: str + :param given_name: The given name for the user. + :type given_name: str + :param surname: The user's surname (family name or last name). + :type surname: str + :param user_type: A string value that can be used to classify user types + in your directory, such as 'Member' and 'Guest'. Possible values include: + 'Member', 'Guest' + :type user_type: str or ~azure.graphrbac.models.UserType + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'immutable_id': {'key': 'immutableId', 'type': 'str'}, + 'usage_location': {'key': 'usageLocation', 'type': 'str'}, + 'given_name': {'key': 'givenName', 'type': 'str'}, + 'surname': {'key': 'surname', 'type': 'str'}, + 'user_type': {'key': 'userType', 'type': 'str'}, + } + + def __init__(self, *, additional_properties=None, immutable_id: str=None, usage_location: str=None, given_name: str=None, surname: str=None, user_type=None, **kwargs) -> None: + super(UserBase, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.immutable_id = immutable_id + self.usage_location = usage_location + self.given_name = given_name + self.surname = surname + self.user_type = user_type + + +class UserCreateParameters(UserBase): + """Request parameters for creating a new work or school account user. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param immutable_id: This must be specified if you are using a federated + domain for the user's userPrincipalName (UPN) property when creating a new + user account. It is used to associate an on-premises Active Directory user + account with their Azure AD user object. + :type immutable_id: str + :param usage_location: A two letter country code (ISO standard 3166). + Required for users that will be assigned licenses due to legal requirement + to check for availability of services in countries. Examples include: + "US", "JP", and "GB". + :type usage_location: str + :param given_name: The given name for the user. + :type given_name: str + :param surname: The user's surname (family name or last name). + :type surname: str + :param user_type: A string value that can be used to classify user types + in your directory, such as 'Member' and 'Guest'. Possible values include: + 'Member', 'Guest' + :type user_type: str or ~azure.graphrbac.models.UserType + :param account_enabled: Required. Whether the account is enabled. + :type account_enabled: bool + :param display_name: Required. The display name of the user. + :type display_name: str + :param password_profile: Required. Password Profile + :type password_profile: ~azure.graphrbac.models.PasswordProfile + :param user_principal_name: Required. The user principal name + (someuser@contoso.com). It must contain one of the verified domains for + the tenant. + :type user_principal_name: str + :param mail_nickname: Required. The mail alias for the user. + :type mail_nickname: str + :param mail: The primary email address of the user. + :type mail: str + """ + + _validation = { + 'account_enabled': {'required': True}, + 'display_name': {'required': True}, + 'password_profile': {'required': True}, + 'user_principal_name': {'required': True}, + 'mail_nickname': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'immutable_id': {'key': 'immutableId', 'type': 'str'}, + 'usage_location': {'key': 'usageLocation', 'type': 'str'}, + 'given_name': {'key': 'givenName', 'type': 'str'}, + 'surname': {'key': 'surname', 'type': 'str'}, + 'user_type': {'key': 'userType', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'password_profile': {'key': 'passwordProfile', 'type': 'PasswordProfile'}, + 'user_principal_name': {'key': 'userPrincipalName', 'type': 'str'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + 'mail': {'key': 'mail', 'type': 'str'}, + } + + def __init__(self, *, account_enabled: bool, display_name: str, password_profile, user_principal_name: str, mail_nickname: str, additional_properties=None, immutable_id: str=None, usage_location: str=None, given_name: str=None, surname: str=None, user_type=None, mail: str=None, **kwargs) -> None: + super(UserCreateParameters, self).__init__(additional_properties=additional_properties, immutable_id=immutable_id, usage_location=usage_location, given_name=given_name, surname=surname, user_type=user_type, **kwargs) + self.account_enabled = account_enabled + self.display_name = display_name + self.password_profile = password_profile + self.user_principal_name = user_principal_name + self.mail_nickname = mail_nickname + self.mail = mail + + +class UserGetMemberGroupsParameters(Model): + """Request parameters for GetMemberGroups API call. + + All required parameters must be populated in order to send to Azure. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param security_enabled_only: Required. If true, only membership in + security-enabled groups should be checked. Otherwise, membership in all + groups should be checked. + :type security_enabled_only: bool + """ + + _validation = { + 'security_enabled_only': {'required': True}, + } + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'security_enabled_only': {'key': 'securityEnabledOnly', 'type': 'bool'}, + } + + def __init__(self, *, security_enabled_only: bool, additional_properties=None, **kwargs) -> None: + super(UserGetMemberGroupsParameters, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.security_enabled_only = security_enabled_only + + +class UserUpdateParameters(UserBase): + """Request parameters for updating an existing work or school account user. + + :param additional_properties: Unmatched properties from the message are + deserialized this collection + :type additional_properties: dict[str, object] + :param immutable_id: This must be specified if you are using a federated + domain for the user's userPrincipalName (UPN) property when creating a new + user account. It is used to associate an on-premises Active Directory user + account with their Azure AD user object. + :type immutable_id: str + :param usage_location: A two letter country code (ISO standard 3166). + Required for users that will be assigned licenses due to legal requirement + to check for availability of services in countries. Examples include: + "US", "JP", and "GB". + :type usage_location: str + :param given_name: The given name for the user. + :type given_name: str + :param surname: The user's surname (family name or last name). + :type surname: str + :param user_type: A string value that can be used to classify user types + in your directory, such as 'Member' and 'Guest'. Possible values include: + 'Member', 'Guest' + :type user_type: str or ~azure.graphrbac.models.UserType + :param account_enabled: Whether the account is enabled. + :type account_enabled: bool + :param display_name: The display name of the user. + :type display_name: str + :param password_profile: The password profile of the user. + :type password_profile: ~azure.graphrbac.models.PasswordProfile + :param user_principal_name: The user principal name + (someuser@contoso.com). It must contain one of the verified domains for + the tenant. + :type user_principal_name: str + :param mail_nickname: The mail alias for the user. + :type mail_nickname: str + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'immutable_id': {'key': 'immutableId', 'type': 'str'}, + 'usage_location': {'key': 'usageLocation', 'type': 'str'}, + 'given_name': {'key': 'givenName', 'type': 'str'}, + 'surname': {'key': 'surname', 'type': 'str'}, + 'user_type': {'key': 'userType', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'password_profile': {'key': 'passwordProfile', 'type': 'PasswordProfile'}, + 'user_principal_name': {'key': 'userPrincipalName', 'type': 'str'}, + 'mail_nickname': {'key': 'mailNickname', 'type': 'str'}, + } + + def __init__(self, *, additional_properties=None, immutable_id: str=None, usage_location: str=None, given_name: str=None, surname: str=None, user_type=None, account_enabled: bool=None, display_name: str=None, password_profile=None, user_principal_name: str=None, mail_nickname: str=None, **kwargs) -> None: + super(UserUpdateParameters, self).__init__(additional_properties=additional_properties, immutable_id=immutable_id, usage_location=usage_location, given_name=given_name, surname=surname, user_type=user_type, **kwargs) + self.account_enabled = account_enabled + self.display_name = display_name + self.password_profile = password_profile + self.user_principal_name = user_principal_name + self.mail_nickname = mail_nickname diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_paged_models.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_paged_models.py new file mode 100644 index 000000000000..8f2a146467ed --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/models/_paged_models.py @@ -0,0 +1,157 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class DirectoryObjectPaged(Paged): + """ + A paging container for iterating over a list of :class:`DirectoryObject ` object + """ + + _attribute_map = { + 'next_link': {'key': 'odata\\.nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[DirectoryObject]'} + } + + def __init__(self, *args, **kwargs): + + super(DirectoryObjectPaged, self).__init__(*args, **kwargs) +class ApplicationPaged(Paged): + """ + A paging container for iterating over a list of :class:`Application ` object + """ + + _attribute_map = { + 'next_link': {'key': 'odata\\.nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[Application]'} + } + + def __init__(self, *args, **kwargs): + + super(ApplicationPaged, self).__init__(*args, **kwargs) +class KeyCredentialPaged(Paged): + """ + A paging container for iterating over a list of :class:`KeyCredential ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[KeyCredential]'} + } + + def __init__(self, *args, **kwargs): + + super(KeyCredentialPaged, self).__init__(*args, **kwargs) +class PasswordCredentialPaged(Paged): + """ + A paging container for iterating over a list of :class:`PasswordCredential ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[PasswordCredential]'} + } + + def __init__(self, *args, **kwargs): + + super(PasswordCredentialPaged, self).__init__(*args, **kwargs) +class ADGroupPaged(Paged): + """ + A paging container for iterating over a list of :class:`ADGroup ` object + """ + + _attribute_map = { + 'next_link': {'key': 'odata\\.nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[ADGroup]'} + } + + def __init__(self, *args, **kwargs): + + super(ADGroupPaged, self).__init__(*args, **kwargs) +class StrPaged(Paged): + """ + A paging container for iterating over a list of str object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[str]'} + } + + def __init__(self, *args, **kwargs): + + super(StrPaged, self).__init__(*args, **kwargs) +class ServicePrincipalPaged(Paged): + """ + A paging container for iterating over a list of :class:`ServicePrincipal ` object + """ + + _attribute_map = { + 'next_link': {'key': 'odata\\.nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[ServicePrincipal]'} + } + + def __init__(self, *args, **kwargs): + + super(ServicePrincipalPaged, self).__init__(*args, **kwargs) +class AppRoleAssignmentPaged(Paged): + """ + A paging container for iterating over a list of :class:`AppRoleAssignment ` object + """ + + _attribute_map = { + 'next_link': {'key': 'odata\\.nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[AppRoleAssignment]'} + } + + def __init__(self, *args, **kwargs): + + super(AppRoleAssignmentPaged, self).__init__(*args, **kwargs) +class UserPaged(Paged): + """ + A paging container for iterating over a list of :class:`User ` object + """ + + _attribute_map = { + 'next_link': {'key': 'odata\\.nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[User]'} + } + + def __init__(self, *args, **kwargs): + + super(UserPaged, self).__init__(*args, **kwargs) +class DomainPaged(Paged): + """ + A paging container for iterating over a list of :class:`Domain ` object + """ + + _attribute_map = { + 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[Domain]'} + } + + def __init__(self, *args, **kwargs): + + super(DomainPaged, self).__init__(*args, **kwargs) +class OAuth2PermissionGrantPaged(Paged): + """ + A paging container for iterating over a list of :class:`OAuth2PermissionGrant ` object + """ + + _attribute_map = { + 'next_link': {'key': 'odata\\.nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[OAuth2PermissionGrant]'} + } + + def __init__(self, *args, **kwargs): + + super(OAuth2PermissionGrantPaged, self).__init__(*args, **kwargs) diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/__init__.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/__init__.py index 9da12da17c41..31a836cde67b 100644 --- a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/__init__.py +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/__init__.py @@ -9,15 +9,15 @@ # regenerated. # -------------------------------------------------------------------------- -from .signed_in_user_operations import SignedInUserOperations -from .applications_operations import ApplicationsOperations -from .deleted_applications_operations import DeletedApplicationsOperations -from .groups_operations import GroupsOperations -from .service_principals_operations import ServicePrincipalsOperations -from .users_operations import UsersOperations -from .objects_operations import ObjectsOperations -from .domains_operations import DomainsOperations -from .oauth2_permission_grant_operations import OAuth2PermissionGrantOperations +from ._signed_in_user_operations import SignedInUserOperations +from ._applications_operations import ApplicationsOperations +from ._deleted_applications_operations import DeletedApplicationsOperations +from ._groups_operations import GroupsOperations +from ._service_principals_operations import ServicePrincipalsOperations +from ._users_operations import UsersOperations +from ._objects_operations import ObjectsOperations +from ._domains_operations import DomainsOperations +from ._oauth2_permission_grant_operations import OAuth2PermissionGrantOperations __all__ = [ 'SignedInUserOperations', diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_applications_operations.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_applications_operations.py new file mode 100644 index 000000000000..0a6be5dd640c --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_applications_operations.py @@ -0,0 +1,832 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse + +from .. import models + + +class ApplicationsOperations(object): + """ApplicationsOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "1.6". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "1.6" + + self.config = config + + def create( + self, parameters, custom_headers=None, raw=False, **operation_config): + """Create a new application. + + :param parameters: The parameters for creating an application. + :type parameters: ~azure.graphrbac.models.ApplicationCreateParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Application or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.Application or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.create.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'ApplicationCreateParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [201]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 201: + deserialized = self._deserialize('Application', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create.metadata = {'url': '/{tenantID}/applications'} + + def list( + self, filter=None, custom_headers=None, raw=False, **operation_config): + """Lists applications by filter parameters. + + :param filter: The filters to apply to the operation. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of Application + :rtype: + ~azure.graphrbac.models.ApplicationPaged[~azure.graphrbac.models.Application] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.ApplicationPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list.metadata = {'url': '/{tenantID}/applications'} + + def delete( + self, application_object_id, custom_headers=None, raw=False, **operation_config): + """Delete an application. + + :param application_object_id: Application object ID. + :type application_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}'} + + def get( + self, application_object_id, custom_headers=None, raw=False, **operation_config): + """Get an application by object ID. + + :param application_object_id: Application object ID. + :type application_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Application or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.Application or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('Application', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}'} + + def patch( + self, application_object_id, parameters, custom_headers=None, raw=False, **operation_config): + """Update an existing application. + + :param application_object_id: Application object ID. + :type application_object_id: str + :param parameters: Parameters to update an existing application. + :type parameters: ~azure.graphrbac.models.ApplicationUpdateParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.patch.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'ApplicationUpdateParameters') + + # Construct and send request + request = self._client.patch(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + patch.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}'} + + def list_owners( + self, application_object_id, custom_headers=None, raw=False, **operation_config): + """Directory objects that are owners of the application. + + The owners are a set of non-admin users who are allowed to modify this + object. + + :param application_object_id: The object ID of the application for + which to get owners. + :type application_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DirectoryObject + :rtype: + ~azure.graphrbac.models.DirectoryObjectPaged[~azure.graphrbac.models.DirectoryObject] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_owners.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.DirectoryObjectPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_owners.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}/owners'} + + def add_owner( + self, application_object_id, url, additional_properties=None, custom_headers=None, raw=False, **operation_config): + """Add an owner to an application. + + :param application_object_id: The object ID of the application to + which to add the owner. + :type application_object_id: str + :param url: A owner object URL, such as + "https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd", + where "0b1f9851-1bf0-433f-aec3-cb9272f093dc" is the tenantId and + "f260bbc4-c254-447b-94cf-293b5ec434dd" is the objectId of the owner + (user, application, servicePrincipal, group) to be added. + :type url: str + :param additional_properties: Unmatched properties from the message + are deserialized this collection + :type additional_properties: dict[str, object] + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + parameters = models.AddOwnerParameters(additional_properties=additional_properties, url=url) + + # Construct URL + url = self.add_owner.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'AddOwnerParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + add_owner.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}/$links/owners'} + + def remove_owner( + self, application_object_id, owner_object_id, custom_headers=None, raw=False, **operation_config): + """Remove a member from owners. + + :param application_object_id: The object ID of the application from + which to remove the owner. + :type application_object_id: str + :param owner_object_id: Owner object id + :type owner_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.remove_owner.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'ownerObjectId': self._serialize.url("owner_object_id", owner_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + remove_owner.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}/$links/owners/{ownerObjectId}'} + + def list_key_credentials( + self, application_object_id, custom_headers=None, raw=False, **operation_config): + """Get the keyCredentials associated with an application. + + :param application_object_id: Application object ID. + :type application_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of KeyCredential + :rtype: + ~azure.graphrbac.models.KeyCredentialPaged[~azure.graphrbac.models.KeyCredential] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_key_credentials.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.KeyCredentialPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_key_credentials.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}/keyCredentials'} + + def update_key_credentials( + self, application_object_id, value, custom_headers=None, raw=False, **operation_config): + """Update the keyCredentials associated with an application. + + :param application_object_id: Application object ID. + :type application_object_id: str + :param value: A collection of KeyCredentials. + :type value: list[~azure.graphrbac.models.KeyCredential] + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + parameters = models.KeyCredentialsUpdateParameters(value=value) + + # Construct URL + url = self.update_key_credentials.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'KeyCredentialsUpdateParameters') + + # Construct and send request + request = self._client.patch(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + update_key_credentials.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}/keyCredentials'} + + def list_password_credentials( + self, application_object_id, custom_headers=None, raw=False, **operation_config): + """Get the passwordCredentials associated with an application. + + :param application_object_id: Application object ID. + :type application_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of PasswordCredential + :rtype: + ~azure.graphrbac.models.PasswordCredentialPaged[~azure.graphrbac.models.PasswordCredential] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_password_credentials.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.PasswordCredentialPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_password_credentials.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}/passwordCredentials'} + + def update_password_credentials( + self, application_object_id, value, custom_headers=None, raw=False, **operation_config): + """Update passwordCredentials associated with an application. + + :param application_object_id: Application object ID. + :type application_object_id: str + :param value: A collection of PasswordCredentials. + :type value: list[~azure.graphrbac.models.PasswordCredential] + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + parameters = models.PasswordCredentialsUpdateParameters(value=value) + + # Construct URL + url = self.update_password_credentials.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'PasswordCredentialsUpdateParameters') + + # Construct and send request + request = self._client.patch(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + update_password_credentials.metadata = {'url': '/{tenantID}/applications/{applicationObjectId}/passwordCredentials'} + + def get_service_principals_id_by_app_id( + self, application_id, custom_headers=None, raw=False, **operation_config): + """Gets an object id for a given application id from the current tenant. + + :param application_id: The application ID. + :type application_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ServicePrincipalObjectResult or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.ServicePrincipalObjectResult or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.get_service_principals_id_by_app_id.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str'), + 'applicationID': self._serialize.url("application_id", application_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('ServicePrincipalObjectResult', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get_service_principals_id_by_app_id.metadata = {'url': '/{tenantID}/servicePrincipalsByAppId/{applicationID}/objectId'} diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_deleted_applications_operations.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_deleted_applications_operations.py new file mode 100644 index 000000000000..0fd7e84f8e47 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_deleted_applications_operations.py @@ -0,0 +1,220 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse + +from .. import models + + +class DeletedApplicationsOperations(object): + """DeletedApplicationsOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "1.6". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "1.6" + + self.config = config + + def restore( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Restores the deleted application in the directory. + + :param object_id: Application object ID. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Application or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.Application or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.restore.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('Application', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + restore.metadata = {'url': '/{tenantID}/deletedApplications/{objectId}/restore'} + + def list( + self, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets a list of deleted applications in the directory. + + :param filter: The filter to apply to the operation. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of Application + :rtype: + ~azure.graphrbac.models.ApplicationPaged[~azure.graphrbac.models.Application] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.ApplicationPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list.metadata = {'url': '/{tenantID}/deletedApplications'} + + def hard_delete( + self, application_object_id, custom_headers=None, raw=False, **operation_config): + """Hard-delete an application. + + :param application_object_id: Application object ID. + :type application_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.hard_delete.metadata['url'] + path_format_arguments = { + 'applicationObjectId': self._serialize.url("application_object_id", application_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + hard_delete.metadata = {'url': '/{tenantID}/deletedApplications/{applicationObjectId}'} diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_domains_operations.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_domains_operations.py new file mode 100644 index 000000000000..92318e3de344 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_domains_operations.py @@ -0,0 +1,168 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class DomainsOperations(object): + """DomainsOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "1.6". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "1.6" + + self.config = config + + def list( + self, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets a list of domains for the current tenant. + + :param filter: The filter to apply to the operation. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of Domain + :rtype: + ~azure.graphrbac.models.DomainPaged[~azure.graphrbac.models.Domain] + :raises: :class:`CloudError` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.DomainPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list.metadata = {'url': '/{tenantID}/domains'} + + def get( + self, domain_name, custom_headers=None, raw=False, **operation_config): + """Gets a specific domain in the current tenant. + + :param domain_name: name of the domain. + :type domain_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: Domain or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.Domain or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'domainName': self._serialize.url("domain_name", domain_name, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('Domain', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/{tenantID}/domains/{domainName}'} diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_groups_operations.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_groups_operations.py new file mode 100644 index 000000000000..62381935eafb --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_groups_operations.py @@ -0,0 +1,807 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse + +from .. import models + + +class GroupsOperations(object): + """GroupsOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "1.6". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "1.6" + + self.config = config + + def is_member_of( + self, parameters, custom_headers=None, raw=False, **operation_config): + """Checks whether the specified user, group, contact, or service principal + is a direct or transitive member of the specified group. + + :param parameters: The check group membership parameters. + :type parameters: + ~azure.graphrbac.models.CheckGroupMembershipParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: CheckGroupMembershipResult or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.CheckGroupMembershipResult or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.is_member_of.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'CheckGroupMembershipParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('CheckGroupMembershipResult', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + is_member_of.metadata = {'url': '/{tenantID}/isMemberOf'} + + def remove_member( + self, group_object_id, member_object_id, custom_headers=None, raw=False, **operation_config): + """Remove a member from a group. + + :param group_object_id: The object ID of the group from which to + remove the member. + :type group_object_id: str + :param member_object_id: Member object id + :type member_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.remove_member.metadata['url'] + path_format_arguments = { + 'groupObjectId': self._serialize.url("group_object_id", group_object_id, 'str'), + 'memberObjectId': self._serialize.url("member_object_id", member_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + remove_member.metadata = {'url': '/{tenantID}/groups/{groupObjectId}/$links/members/{memberObjectId}'} + + def add_member( + self, group_object_id, url, additional_properties=None, custom_headers=None, raw=False, **operation_config): + """Add a member to a group. + + :param group_object_id: The object ID of the group to which to add the + member. + :type group_object_id: str + :param url: A member object URL, such as + "https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd", + where "0b1f9851-1bf0-433f-aec3-cb9272f093dc" is the tenantId and + "f260bbc4-c254-447b-94cf-293b5ec434dd" is the objectId of the member + (user, application, servicePrincipal, group) to be added. + :type url: str + :param additional_properties: Unmatched properties from the message + are deserialized this collection + :type additional_properties: dict[str, object] + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + parameters = models.GroupAddMemberParameters(additional_properties=additional_properties, url=url) + + # Construct URL + url = self.add_member.metadata['url'] + path_format_arguments = { + 'groupObjectId': self._serialize.url("group_object_id", group_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'GroupAddMemberParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + add_member.metadata = {'url': '/{tenantID}/groups/{groupObjectId}/$links/members'} + + def create( + self, parameters, custom_headers=None, raw=False, **operation_config): + """Create a group in the directory. + + :param parameters: The parameters for the group to create. + :type parameters: ~azure.graphrbac.models.GroupCreateParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ADGroup or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.ADGroup or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.create.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'GroupCreateParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [201]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 201: + deserialized = self._deserialize('ADGroup', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create.metadata = {'url': '/{tenantID}/groups'} + + def list( + self, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets list of groups for the current tenant. + + :param filter: The filter to apply to the operation. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of ADGroup + :rtype: + ~azure.graphrbac.models.ADGroupPaged[~azure.graphrbac.models.ADGroup] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.ADGroupPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list.metadata = {'url': '/{tenantID}/groups'} + + def get_group_members( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Gets the members of a group. + + :param object_id: The object ID of the group whose members should be + retrieved. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DirectoryObject + :rtype: + ~azure.graphrbac.models.DirectoryObjectPaged[~azure.graphrbac.models.DirectoryObject] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.get_group_members.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.DirectoryObjectPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + get_group_members.metadata = {'url': '/{tenantID}/groups/{objectId}/members'} + + def get( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Gets group information from the directory. + + :param object_id: The object ID of the user for which to get group + information. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ADGroup or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.ADGroup or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('ADGroup', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/{tenantID}/groups/{objectId}'} + + def delete( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Delete a group from the directory. + + :param object_id: The object ID of the group to delete. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/{tenantID}/groups/{objectId}'} + + def get_member_groups( + self, object_id, security_enabled_only, additional_properties=None, custom_headers=None, raw=False, **operation_config): + """Gets a collection of object IDs of groups of which the specified group + is a member. + + :param object_id: The object ID of the group for which to get group + membership. + :type object_id: str + :param security_enabled_only: If true, only membership in + security-enabled groups should be checked. Otherwise, membership in + all groups should be checked. + :type security_enabled_only: bool + :param additional_properties: Unmatched properties from the message + are deserialized this collection + :type additional_properties: dict[str, object] + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of str + :rtype: ~azure.graphrbac.models.StrPaged[str] + :raises: + :class:`GraphErrorException` + """ + parameters = models.GroupGetMemberGroupsParameters(additional_properties=additional_properties, security_enabled_only=security_enabled_only) + + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.get_member_groups.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'GroupGetMemberGroupsParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.StrPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + get_member_groups.metadata = {'url': '/{tenantID}/groups/{objectId}/getMemberGroups'} + + def list_owners( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Directory objects that are owners of the group. + + The owners are a set of non-admin users who are allowed to modify this + object. + + :param object_id: The object ID of the group for which to get owners. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DirectoryObject + :rtype: + ~azure.graphrbac.models.DirectoryObjectPaged[~azure.graphrbac.models.DirectoryObject] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_owners.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.DirectoryObjectPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_owners.metadata = {'url': '/{tenantID}/groups/{objectId}/owners'} + + def add_owner( + self, object_id, url, additional_properties=None, custom_headers=None, raw=False, **operation_config): + """Add an owner to a group. + + :param object_id: The object ID of the application to which to add the + owner. + :type object_id: str + :param url: A owner object URL, such as + "https://graph.windows.net/0b1f9851-1bf0-433f-aec3-cb9272f093dc/directoryObjects/f260bbc4-c254-447b-94cf-293b5ec434dd", + where "0b1f9851-1bf0-433f-aec3-cb9272f093dc" is the tenantId and + "f260bbc4-c254-447b-94cf-293b5ec434dd" is the objectId of the owner + (user, application, servicePrincipal, group) to be added. + :type url: str + :param additional_properties: Unmatched properties from the message + are deserialized this collection + :type additional_properties: dict[str, object] + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + parameters = models.AddOwnerParameters(additional_properties=additional_properties, url=url) + + # Construct URL + url = self.add_owner.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'AddOwnerParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + add_owner.metadata = {'url': '/{tenantID}/groups/{objectId}/$links/owners'} + + def remove_owner( + self, object_id, owner_object_id, custom_headers=None, raw=False, **operation_config): + """Remove a member from owners. + + :param object_id: The object ID of the group from which to remove the + owner. + :type object_id: str + :param owner_object_id: Owner object id + :type owner_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.remove_owner.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'ownerObjectId': self._serialize.url("owner_object_id", owner_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + remove_owner.metadata = {'url': '/{tenantID}/groups/{objectId}/$links/owners/{ownerObjectId}'} diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_oauth2_permission_grant_operations.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_oauth2_permission_grant_operations.py new file mode 100644 index 000000000000..14de20bb6735 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_oauth2_permission_grant_operations.py @@ -0,0 +1,233 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class OAuth2PermissionGrantOperations(object): + """OAuth2PermissionGrantOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "1.6". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "1.6" + + self.config = config + + def list( + self, filter=None, custom_headers=None, raw=False, **operation_config): + """Queries OAuth2 permissions grants for the relevant SP ObjectId of an + app. + + :param filter: This is the Service Principal ObjectId associated with + the app + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of OAuth2PermissionGrant + :rtype: + ~azure.graphrbac.models.OAuth2PermissionGrantPaged[~azure.graphrbac.models.OAuth2PermissionGrant] + :raises: :class:`CloudError` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.OAuth2PermissionGrantPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list.metadata = {'url': '/{tenantID}/oauth2PermissionGrants'} + + def create( + self, body=None, custom_headers=None, raw=False, **operation_config): + """Grants OAuth2 permissions for the relevant resource Ids of an app. + + :param body: The relevant app Service Principal Object Id and the + Service Principal Object Id you want to grant. + :type body: ~azure.graphrbac.models.OAuth2PermissionGrant + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: OAuth2PermissionGrant or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.OAuth2PermissionGrant or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.create.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + if body is not None: + body_content = self._serialize.body(body, 'OAuth2PermissionGrant') + else: + body_content = None + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [201]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 201: + deserialized = self._deserialize('OAuth2PermissionGrant', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create.metadata = {'url': '/{tenantID}/oauth2PermissionGrants'} + + def delete( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Delete a OAuth2 permission grant for the relevant resource Ids of an + app. + + :param object_id: The object ID of a permission grant. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/{tenantID}/oauth2PermissionGrants/{objectId}'} diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_objects_operations.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_objects_operations.py new file mode 100644 index 000000000000..c700d57f6e9e --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_objects_operations.py @@ -0,0 +1,120 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class ObjectsOperations(object): + """ObjectsOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "1.6". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "1.6" + + self.config = config + + def get_objects_by_object_ids( + self, parameters, custom_headers=None, raw=False, **operation_config): + """Gets the directory objects specified in a list of object IDs. You can + also specify which resource collections (users, groups, etc.) should be + searched by specifying the optional types parameter. + + :param parameters: Objects filtering parameters. + :type parameters: ~azure.graphrbac.models.GetObjectsParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DirectoryObject + :rtype: + ~azure.graphrbac.models.DirectoryObjectPaged[~azure.graphrbac.models.DirectoryObject] + :raises: :class:`CloudError` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.get_objects_by_object_ids.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'GetObjectsParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.DirectoryObjectPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + get_objects_by_object_ids.metadata = {'url': '/{tenantID}/getObjectsByObjectIds'} diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_service_principals_operations.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_service_principals_operations.py new file mode 100644 index 000000000000..9d2e5d40d6f5 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_service_principals_operations.py @@ -0,0 +1,801 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse + +from .. import models + + +class ServicePrincipalsOperations(object): + """ServicePrincipalsOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "1.6". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "1.6" + + self.config = config + + def create( + self, parameters, custom_headers=None, raw=False, **operation_config): + """Creates a service principal in the directory. + + :param parameters: Parameters to create a service principal. + :type parameters: + ~azure.graphrbac.models.ServicePrincipalCreateParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ServicePrincipal or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.ServicePrincipal or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.create.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'ServicePrincipalCreateParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [201]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 201: + deserialized = self._deserialize('ServicePrincipal', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create.metadata = {'url': '/{tenantID}/servicePrincipals'} + + def list( + self, filter=None, custom_headers=None, raw=False, **operation_config): + """Gets a list of service principals from the current tenant. + + :param filter: The filter to apply to the operation. + :type filter: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of ServicePrincipal + :rtype: + ~azure.graphrbac.models.ServicePrincipalPaged[~azure.graphrbac.models.ServicePrincipal] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.ServicePrincipalPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list.metadata = {'url': '/{tenantID}/servicePrincipals'} + + def update( + self, object_id, parameters, custom_headers=None, raw=False, **operation_config): + """Updates a service principal in the directory. + + :param object_id: The object ID of the service principal to delete. + :type object_id: str + :param parameters: Parameters to update a service principal. + :type parameters: + ~azure.graphrbac.models.ServicePrincipalUpdateParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.update.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'ServicePrincipalUpdateParameters') + + # Construct and send request + request = self._client.patch(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + update.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}'} + + def delete( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Deletes a service principal from the directory. + + :param object_id: The object ID of the service principal to delete. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}'} + + def get( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Gets service principal information from the directory. Query by + objectId or pass a filter to query by appId. + + :param object_id: The object ID of the service principal to get. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ServicePrincipal or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.ServicePrincipal or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('ServicePrincipal', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}'} + + def list_app_role_assigned_to( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Principals (users, groups, and service principals) that are assigned to + this service principal. + + :param object_id: The object ID of the service principal for which to + get owners. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of AppRoleAssignment + :rtype: + ~azure.graphrbac.models.AppRoleAssignmentPaged[~azure.graphrbac.models.AppRoleAssignment] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_app_role_assigned_to.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.AppRoleAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_app_role_assigned_to.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}/appRoleAssignedTo'} + + def list_app_role_assignments( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Applications that the service principal is assigned to. + + :param object_id: The object ID of the service principal for which to + get owners. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of AppRoleAssignment + :rtype: + ~azure.graphrbac.models.AppRoleAssignmentPaged[~azure.graphrbac.models.AppRoleAssignment] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_app_role_assignments.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.AppRoleAssignmentPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_app_role_assignments.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}/appRoleAssignments'} + + def list_owners( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Directory objects that are owners of this service principal. + + The owners are a set of non-admin users who are allowed to modify this + object. + + :param object_id: The object ID of the service principal for which to + get owners. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DirectoryObject + :rtype: + ~azure.graphrbac.models.DirectoryObjectPaged[~azure.graphrbac.models.DirectoryObject] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_owners.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.DirectoryObjectPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_owners.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}/owners'} + + def list_key_credentials( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Get the keyCredentials associated with the specified service principal. + + :param object_id: The object ID of the service principal for which to + get keyCredentials. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of KeyCredential + :rtype: + ~azure.graphrbac.models.KeyCredentialPaged[~azure.graphrbac.models.KeyCredential] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_key_credentials.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.KeyCredentialPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_key_credentials.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}/keyCredentials'} + + def update_key_credentials( + self, object_id, value, custom_headers=None, raw=False, **operation_config): + """Update the keyCredentials associated with a service principal. + + :param object_id: The object ID for which to get service principal + information. + :type object_id: str + :param value: A collection of KeyCredentials. + :type value: list[~azure.graphrbac.models.KeyCredential] + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + parameters = models.KeyCredentialsUpdateParameters(value=value) + + # Construct URL + url = self.update_key_credentials.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'KeyCredentialsUpdateParameters') + + # Construct and send request + request = self._client.patch(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + update_key_credentials.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}/keyCredentials'} + + def list_password_credentials( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Gets the passwordCredentials associated with a service principal. + + :param object_id: The object ID of the service principal. + :type object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of PasswordCredential + :rtype: + ~azure.graphrbac.models.PasswordCredentialPaged[~azure.graphrbac.models.PasswordCredential] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_password_credentials.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.PasswordCredentialPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_password_credentials.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}/passwordCredentials'} + + def update_password_credentials( + self, object_id, value, custom_headers=None, raw=False, **operation_config): + """Updates the passwordCredentials associated with a service principal. + + :param object_id: The object ID of the service principal. + :type object_id: str + :param value: A collection of PasswordCredentials. + :type value: list[~azure.graphrbac.models.PasswordCredential] + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + parameters = models.PasswordCredentialsUpdateParameters(value=value) + + # Construct URL + url = self.update_password_credentials.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'PasswordCredentialsUpdateParameters') + + # Construct and send request + request = self._client.patch(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + update_password_credentials.metadata = {'url': '/{tenantID}/servicePrincipals/{objectId}/passwordCredentials'} diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_signed_in_user_operations.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_signed_in_user_operations.py new file mode 100644 index 000000000000..b7f2b25a4001 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_signed_in_user_operations.py @@ -0,0 +1,164 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse + +from .. import models + + +class SignedInUserOperations(object): + """SignedInUserOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "1.6". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "1.6" + + self.config = config + + def get( + self, custom_headers=None, raw=False, **operation_config): + """Gets the details for the currently logged-in user. + + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: User or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.User or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('User', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/{tenantID}/me'} + + def list_owned_objects( + self, custom_headers=None, raw=False, **operation_config): + """Get the list of directory objects that are owned by the user. + + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of DirectoryObject + :rtype: + ~azure.graphrbac.models.DirectoryObjectPaged[~azure.graphrbac.models.DirectoryObject] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list_owned_objects.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.DirectoryObjectPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list_owned_objects.metadata = {'url': '/{tenantID}/me/ownedObjects'} diff --git a/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_users_operations.py b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_users_operations.py new file mode 100644 index 000000000000..1db4f30aa797 --- /dev/null +++ b/sdk/graphrbac/azure-graphrbac/azure/graphrbac/operations/_users_operations.py @@ -0,0 +1,424 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse + +from .. import models + + +class UsersOperations(object): + """UsersOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "1.6". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "1.6" + + self.config = config + + def create( + self, parameters, custom_headers=None, raw=False, **operation_config): + """Create a new user. + + :param parameters: Parameters to create a user. + :type parameters: ~azure.graphrbac.models.UserCreateParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: User or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.User or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.create.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'UserCreateParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [201]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 201: + deserialized = self._deserialize('User', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + create.metadata = {'url': '/{tenantID}/users'} + + def list( + self, filter=None, expand=None, custom_headers=None, raw=False, **operation_config): + """Gets list of users for the current tenant. + + :param filter: The filter to apply to the operation. + :type filter: str + :param expand: The expand value for the operation result. + :type expand: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of User + :rtype: + ~azure.graphrbac.models.UserPaged[~azure.graphrbac.models.User] + :raises: + :class:`GraphErrorException` + """ + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + if expand is not None: + query_parameters['$expand'] = self._serialize.query("expand", expand, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.UserPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + list.metadata = {'url': '/{tenantID}/users'} + + def get( + self, upn_or_object_id, custom_headers=None, raw=False, **operation_config): + """Gets user information from the directory. + + :param upn_or_object_id: The object ID or principal name of the user + for which to get information. + :type upn_or_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: User or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.User or + ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'upnOrObjectId': self._serialize.url("upn_or_object_id", upn_or_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('User', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/{tenantID}/users/{upnOrObjectId}'} + + def update( + self, upn_or_object_id, parameters, custom_headers=None, raw=False, **operation_config): + """Updates a user. + + :param upn_or_object_id: The object ID or principal name of the user + to update. + :type upn_or_object_id: str + :param parameters: Parameters to update an existing user. + :type parameters: ~azure.graphrbac.models.UserUpdateParameters + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.update.metadata['url'] + path_format_arguments = { + 'upnOrObjectId': self._serialize.url("upn_or_object_id", upn_or_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'UserUpdateParameters') + + # Construct and send request + request = self._client.patch(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + update.metadata = {'url': '/{tenantID}/users/{upnOrObjectId}'} + + def delete( + self, upn_or_object_id, custom_headers=None, raw=False, **operation_config): + """Delete a user. + + :param upn_or_object_id: The object ID or principal name of the user + to delete. + :type upn_or_object_id: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` + """ + # Construct URL + url = self.delete.metadata['url'] + path_format_arguments = { + 'upnOrObjectId': self._serialize.url("upn_or_object_id", upn_or_object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.delete(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) + + if raw: + client_raw_response = ClientRawResponse(None, response) + return client_raw_response + delete.metadata = {'url': '/{tenantID}/users/{upnOrObjectId}'} + + def get_member_groups( + self, object_id, security_enabled_only, additional_properties=None, custom_headers=None, raw=False, **operation_config): + """Gets a collection that contains the object IDs of the groups of which + the user is a member. + + :param object_id: The object ID of the user for which to get group + membership. + :type object_id: str + :param security_enabled_only: If true, only membership in + security-enabled groups should be checked. Otherwise, membership in + all groups should be checked. + :type security_enabled_only: bool + :param additional_properties: Unmatched properties from the message + are deserialized this collection + :type additional_properties: dict[str, object] + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: An iterator like instance of str + :rtype: ~azure.graphrbac.models.StrPaged[str] + :raises: + :class:`GraphErrorException` + """ + parameters = models.UserGetMemberGroupsParameters(additional_properties=additional_properties, security_enabled_only=security_enabled_only) + + def prepare_request(next_link=None): + if not next_link: + # Construct URL + url = self.get_member_groups.metadata['url'] + path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = next_link + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'UserGetMemberGroupsParameters') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + return request + + def internal_paging(next_link=None): + request = prepare_request(next_link) + + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + raise models.GraphErrorException(self._deserialize, response) + + return response + + # Deserialize response + header_dict = None + if raw: + header_dict = {} + deserialized = models.StrPaged(internal_paging, self._deserialize.dependencies, header_dict) + + return deserialized + get_member_groups.metadata = {'url': '/{tenantID}/users/{objectId}/getMemberGroups'}