diff --git a/azure-graphrbac/MANIFEST.in b/azure-graphrbac/MANIFEST.in index 73ef117329e5..74c0ac7e42a1 100644 --- a/azure-graphrbac/MANIFEST.in +++ b/azure-graphrbac/MANIFEST.in @@ -1,3 +1,4 @@ +recursive-include tests *.py *.yaml include *.rst include azure/__init__.py diff --git a/azure-graphrbac/README.rst b/azure-graphrbac/README.rst index 378e69472679..308d61ae5702 100644 --- a/azure-graphrbac/README.rst +++ b/azure-graphrbac/README.rst @@ -8,25 +8,6 @@ This package has been tested with Python 2.7, 3.4, 3.5, 3.6 and 3.7. For a more complete set of Azure libraries, see the `azure `__ bundle package. -Compatibility -============= - -**IMPORTANT**: If you have an earlier version of the azure package -(version < 1.0), you should uninstall it before installing this package. - -You can check the version using pip: - -.. code:: shell - - pip freeze - -If you see azure==0.11.0 (or any version below 1.0), uninstall it first: - -.. code:: shell - - pip uninstall azure - - Usage ===== @@ -41,3 +22,6 @@ Provide Feedback If you encounter any bugs or have suggestions, please file an issue in the `Issues `__ section of the project. + + +.. image:: https://azure-sdk-impressions.azurewebsites.net/api/impressions/azure-sdk-for-python%2Fazure-graphrbac%2FREADME.png diff --git a/azure-graphrbac/azure/graphrbac/graph_rbac_management_client.py b/azure-graphrbac/azure/graphrbac/graph_rbac_management_client.py index f117db210db6..8287efe3fe8e 100644 --- a/azure-graphrbac/azure/graphrbac/graph_rbac_management_client.py +++ b/azure-graphrbac/azure/graphrbac/graph_rbac_management_client.py @@ -21,7 +21,7 @@ from .operations.users_operations import UsersOperations from .operations.objects_operations import ObjectsOperations from .operations.domains_operations import DomainsOperations -from .operations.oauth2_operations import OAuth2Operations +from .operations.oauth2_permission_grant_operations import OAuth2PermissionGrantOperations from . import models @@ -79,8 +79,8 @@ class GraphRbacManagementClient(SDKClient): :vartype objects: azure.graphrbac.operations.ObjectsOperations :ivar domains: Domains operations :vartype domains: azure.graphrbac.operations.DomainsOperations - :ivar oauth2: OAuth2 operations - :vartype oauth2: azure.graphrbac.operations.OAuth2Operations + :ivar oauth2_permission_grant: OAuth2PermissionGrant operations + :vartype oauth2_permission_grant: azure.graphrbac.operations.OAuth2PermissionGrantOperations :param credentials: Credentials needed for the client to connect to Azure. :type credentials: :mod:`A msrestazure Credentials @@ -117,5 +117,5 @@ def __init__( self._client, self.config, self._serialize, self._deserialize) self.domains = DomainsOperations( self._client, self.config, self._serialize, self._deserialize) - self.oauth2 = OAuth2Operations( + self.oauth2_permission_grant = OAuth2PermissionGrantOperations( self._client, self.config, self._serialize, self._deserialize) diff --git a/azure-graphrbac/azure/graphrbac/models/__init__.py b/azure-graphrbac/azure/graphrbac/models/__init__.py index 0708935493f8..73ea75f4fc67 100644 --- a/azure-graphrbac/azure/graphrbac/models/__init__.py +++ b/azure-graphrbac/azure/graphrbac/models/__init__.py @@ -10,6 +10,13 @@ # -------------------------------------------------------------------------- try: + from .informational_url_py3 import InformationalUrl + from .oauth2_permission_py3 import OAuth2Permission + from .optional_claim_py3 import OptionalClaim + from .optional_claims_py3 import OptionalClaims + from .pre_authorized_application_permission_py3 import PreAuthorizedApplicationPermission + from .pre_authorized_application_extension_py3 import PreAuthorizedApplicationExtension + from .pre_authorized_application_py3 import PreAuthorizedApplication from .graph_error_py3 import GraphError, GraphErrorException from .directory_object_py3 import DirectoryObject from .key_credential_py3 import KeyCredential @@ -17,6 +24,7 @@ from .resource_access_py3 import ResourceAccess from .required_resource_access_py3 import RequiredResourceAccess from .app_role_py3 import AppRole + from .application_base_py3 import ApplicationBase from .application_create_parameters_py3 import ApplicationCreateParameters from .application_update_parameters_py3 import ApplicationUpdateParameters from .application_py3 import Application @@ -29,6 +37,7 @@ from .group_get_member_groups_parameters_py3 import GroupGetMemberGroupsParameters from .check_group_membership_parameters_py3 import CheckGroupMembershipParameters from .check_group_membership_result_py3 import CheckGroupMembershipResult + from .service_principal_base_py3 import ServicePrincipalBase from .service_principal_create_parameters_py3 import ServicePrincipalCreateParameters from .service_principal_update_parameters_py3 import ServicePrincipalUpdateParameters from .service_principal_py3 import ServicePrincipal @@ -41,8 +50,15 @@ from .user_get_member_groups_parameters_py3 import UserGetMemberGroupsParameters from .get_objects_parameters_py3 import GetObjectsParameters from .domain_py3 import Domain - from .permissions_py3 import Permissions + from .oauth2_permission_grant_py3 import OAuth2PermissionGrant except (SyntaxError, ImportError): + from .informational_url import InformationalUrl + from .oauth2_permission import OAuth2Permission + from .optional_claim import OptionalClaim + from .optional_claims import OptionalClaims + from .pre_authorized_application_permission import PreAuthorizedApplicationPermission + from .pre_authorized_application_extension import PreAuthorizedApplicationExtension + from .pre_authorized_application import PreAuthorizedApplication from .graph_error import GraphError, GraphErrorException from .directory_object import DirectoryObject from .key_credential import KeyCredential @@ -50,6 +66,7 @@ from .resource_access import ResourceAccess from .required_resource_access import RequiredResourceAccess from .app_role import AppRole + from .application_base import ApplicationBase from .application_create_parameters import ApplicationCreateParameters from .application_update_parameters import ApplicationUpdateParameters from .application import Application @@ -62,6 +79,7 @@ from .group_get_member_groups_parameters import GroupGetMemberGroupsParameters from .check_group_membership_parameters import CheckGroupMembershipParameters from .check_group_membership_result import CheckGroupMembershipResult + from .service_principal_base import ServicePrincipalBase from .service_principal_create_parameters import ServicePrincipalCreateParameters from .service_principal_update_parameters import ServicePrincipalUpdateParameters from .service_principal import ServicePrincipal @@ -74,7 +92,7 @@ from .user_get_member_groups_parameters import UserGetMemberGroupsParameters from .get_objects_parameters import GetObjectsParameters from .domain import Domain - from .permissions import Permissions + from .oauth2_permission_grant import OAuth2PermissionGrant from .directory_object_paged import DirectoryObjectPaged from .application_paged import ApplicationPaged from .key_credential_paged import KeyCredentialPaged @@ -84,11 +102,20 @@ from .service_principal_paged import ServicePrincipalPaged from .user_paged import UserPaged from .domain_paged import DomainPaged +from .oauth2_permission_grant_paged import OAuth2PermissionGrantPaged from .graph_rbac_management_client_enums import ( UserType, + ConsentType, ) __all__ = [ + 'InformationalUrl', + 'OAuth2Permission', + 'OptionalClaim', + 'OptionalClaims', + 'PreAuthorizedApplicationPermission', + 'PreAuthorizedApplicationExtension', + 'PreAuthorizedApplication', 'GraphError', 'GraphErrorException', 'DirectoryObject', 'KeyCredential', @@ -96,6 +123,7 @@ 'ResourceAccess', 'RequiredResourceAccess', 'AppRole', + 'ApplicationBase', 'ApplicationCreateParameters', 'ApplicationUpdateParameters', 'Application', @@ -108,6 +136,7 @@ 'GroupGetMemberGroupsParameters', 'CheckGroupMembershipParameters', 'CheckGroupMembershipResult', + 'ServicePrincipalBase', 'ServicePrincipalCreateParameters', 'ServicePrincipalUpdateParameters', 'ServicePrincipal', @@ -120,7 +149,7 @@ 'UserGetMemberGroupsParameters', 'GetObjectsParameters', 'Domain', - 'Permissions', + 'OAuth2PermissionGrant', 'DirectoryObjectPaged', 'ApplicationPaged', 'KeyCredentialPaged', @@ -130,5 +159,7 @@ 'ServicePrincipalPaged', 'UserPaged', 'DomainPaged', + 'OAuth2PermissionGrantPaged', 'UserType', + 'ConsentType', ] diff --git a/azure-graphrbac/azure/graphrbac/models/application.py b/azure-graphrbac/azure/graphrbac/models/application.py index ab8a5cabaa01..4806ade749bf 100644 --- a/azure-graphrbac/azure/graphrbac/models/application.py +++ b/azure-graphrbac/azure/graphrbac/models/application.py @@ -32,37 +32,102 @@ class Application(DirectoryObject): :type object_type: str :param app_id: The application ID. :type app_id: str + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str :param app_roles: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. :type app_roles: list[~azure.graphrbac.models.AppRole] :param app_permissions: The application permissions. :type app_permissions: list[str] - :param available_to_other_tenants: Whether the application is be available - to other tenants. + :param available_to_other_tenants: Whether the application is available to + other tenants. :type available_to_other_tenants: bool :param display_name: The display name of the application. :type display_name: str - :param identifier_uris: A collection of URIs for the application. - :type identifier_uris: list[str] - :param reply_urls: A collection of reply URLs for the application. - :type reply_urls: list[str] + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. + :type group_membership_claims: object :param homepage: The home page of the application. :type homepage: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] + :param informational_urls: urls with more informations of the application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow for OAuth2 :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorizaed applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] :param required_resource_access: Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. :type required_resource_access: list[~azure.graphrbac.models.RequiredResourceAccess] - :param key_credentials: A collection of KeyCredential objects. - :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: A collection of PasswordCredential objects - :type password_credentials: - list[~azure.graphrbac.models.PasswordCredential] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganizatio, AzureADAllorganizations, + AzureADAndMicrosofAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str """ _validation = { @@ -77,31 +142,71 @@ class Application(DirectoryObject): 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, 'object_type': {'key': 'objectType', 'type': 'str'}, 'app_id': {'key': 'appId', 'type': 'str'}, + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, 'display_name': {'key': 'displayName', 'type': 'str'}, - 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'object'}, 'homepage': {'key': 'homepage', 'type': 'str'}, - 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, - 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, } def __init__(self, **kwargs): super(Application, self).__init__(**kwargs) self.app_id = kwargs.get('app_id', None) + self.allow_guests_sign_in = kwargs.get('allow_guests_sign_in', None) + self.allow_passthrough_users = kwargs.get('allow_passthrough_users', None) + self.app_logo_url = kwargs.get('app_logo_url', None) self.app_roles = kwargs.get('app_roles', None) self.app_permissions = kwargs.get('app_permissions', None) self.available_to_other_tenants = kwargs.get('available_to_other_tenants', None) self.display_name = kwargs.get('display_name', None) - self.identifier_uris = kwargs.get('identifier_uris', None) - self.reply_urls = kwargs.get('reply_urls', None) + self.error_url = kwargs.get('error_url', None) + self.group_membership_claims = kwargs.get('group_membership_claims', None) self.homepage = kwargs.get('homepage', None) - self.oauth2_allow_implicit_flow = kwargs.get('oauth2_allow_implicit_flow', None) - self.required_resource_access = kwargs.get('required_resource_access', None) + self.identifier_uris = kwargs.get('identifier_uris', None) + self.informational_urls = kwargs.get('informational_urls', None) + self.is_device_only_auth_supported = kwargs.get('is_device_only_auth_supported', None) self.key_credentials = kwargs.get('key_credentials', None) + self.known_client_applications = kwargs.get('known_client_applications', None) + self.logout_url = kwargs.get('logout_url', None) + self.oauth2_allow_implicit_flow = kwargs.get('oauth2_allow_implicit_flow', None) + self.oauth2_allow_url_path_matching = kwargs.get('oauth2_allow_url_path_matching', None) + self.oauth2_permissions = kwargs.get('oauth2_permissions', None) + self.oauth2_require_post_response = kwargs.get('oauth2_require_post_response', None) + self.org_restrictions = kwargs.get('org_restrictions', None) + self.optional_claims = kwargs.get('optional_claims', None) self.password_credentials = kwargs.get('password_credentials', None) + self.pre_authorized_applications = kwargs.get('pre_authorized_applications', None) + self.public_client = kwargs.get('public_client', None) + self.publisher_domain = kwargs.get('publisher_domain', None) + self.reply_urls = kwargs.get('reply_urls', None) + self.required_resource_access = kwargs.get('required_resource_access', None) + self.saml_metadata_url = kwargs.get('saml_metadata_url', None) + self.sign_in_audience = kwargs.get('sign_in_audience', None) + self.www_homepage = kwargs.get('www_homepage', None) self.object_type = 'Application' diff --git a/azure-graphrbac/azure/graphrbac/models/application_base.py b/azure-graphrbac/azure/graphrbac/models/application_base.py new file mode 100644 index 000000000000..ea395cd8d4e9 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/application_base.py @@ -0,0 +1,175 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ApplicationBase(Model): + """Active Directive Application common properties shared among GET, POST and + PATCH. + + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. + :type group_membership_claims: object + :param homepage: The home page of the application. + :type homepage: str + :param informational_urls: urls with more informations of the application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorizaed applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganizatio, AzureADAllorganizations, + AzureADAndMicrosofAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + """ + + _attribute_map = { + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'object'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(ApplicationBase, self).__init__(**kwargs) + self.allow_guests_sign_in = kwargs.get('allow_guests_sign_in', None) + self.allow_passthrough_users = kwargs.get('allow_passthrough_users', None) + self.app_logo_url = kwargs.get('app_logo_url', None) + self.app_roles = kwargs.get('app_roles', None) + self.app_permissions = kwargs.get('app_permissions', None) + self.available_to_other_tenants = kwargs.get('available_to_other_tenants', None) + self.error_url = kwargs.get('error_url', None) + self.group_membership_claims = kwargs.get('group_membership_claims', None) + self.homepage = kwargs.get('homepage', None) + self.informational_urls = kwargs.get('informational_urls', None) + self.is_device_only_auth_supported = kwargs.get('is_device_only_auth_supported', None) + self.key_credentials = kwargs.get('key_credentials', None) + self.known_client_applications = kwargs.get('known_client_applications', None) + self.logout_url = kwargs.get('logout_url', None) + self.oauth2_allow_implicit_flow = kwargs.get('oauth2_allow_implicit_flow', None) + self.oauth2_allow_url_path_matching = kwargs.get('oauth2_allow_url_path_matching', None) + self.oauth2_permissions = kwargs.get('oauth2_permissions', None) + self.oauth2_require_post_response = kwargs.get('oauth2_require_post_response', None) + self.org_restrictions = kwargs.get('org_restrictions', None) + self.optional_claims = kwargs.get('optional_claims', None) + self.password_credentials = kwargs.get('password_credentials', None) + self.pre_authorized_applications = kwargs.get('pre_authorized_applications', None) + self.public_client = kwargs.get('public_client', None) + self.publisher_domain = kwargs.get('publisher_domain', None) + self.reply_urls = kwargs.get('reply_urls', None) + self.required_resource_access = kwargs.get('required_resource_access', None) + self.saml_metadata_url = kwargs.get('saml_metadata_url', None) + self.sign_in_audience = kwargs.get('sign_in_audience', None) + self.www_homepage = kwargs.get('www_homepage', None) diff --git a/azure-graphrbac/azure/graphrbac/models/application_base_py3.py b/azure-graphrbac/azure/graphrbac/models/application_base_py3.py new file mode 100644 index 000000000000..bc6d66e4f99e --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/application_base_py3.py @@ -0,0 +1,175 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ApplicationBase(Model): + """Active Directive Application common properties shared among GET, POST and + PATCH. + + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str + :param app_roles: The collection of application roles that an application + may declare. These roles can be assigned to users, groups or service + principals. + :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. + :type available_to_other_tenants: bool + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. + :type group_membership_claims: object + :param homepage: The home page of the application. + :type homepage: str + :param informational_urls: urls with more informations of the application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str + :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow + for OAuth2 + :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorizaed applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] + :param required_resource_access: Specifies resources that this application + requires access to and the set of OAuth permission scopes and application + roles that it needs under each of those resources. This pre-configuration + of required resource access drives the consent experience. + :type required_resource_access: + list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganizatio, AzureADAllorganizations, + AzureADAndMicrosofAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + """ + + _attribute_map = { + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, + 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, + 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'object'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + } + + def __init__(self, *, allow_guests_sign_in: bool=None, allow_passthrough_users: bool=None, app_logo_url: str=None, app_roles=None, app_permissions=None, available_to_other_tenants: bool=None, error_url: str=None, group_membership_claims=None, homepage: str=None, informational_urls=None, is_device_only_auth_supported: bool=None, key_credentials=None, known_client_applications=None, logout_url: str=None, oauth2_allow_implicit_flow: bool=None, oauth2_allow_url_path_matching: bool=None, oauth2_permissions=None, oauth2_require_post_response: bool=None, org_restrictions=None, optional_claims=None, password_credentials=None, pre_authorized_applications=None, public_client: bool=None, publisher_domain: str=None, reply_urls=None, required_resource_access=None, saml_metadata_url: str=None, sign_in_audience: str=None, www_homepage: str=None, **kwargs) -> None: + super(ApplicationBase, self).__init__(**kwargs) + self.allow_guests_sign_in = allow_guests_sign_in + self.allow_passthrough_users = allow_passthrough_users + self.app_logo_url = app_logo_url + self.app_roles = app_roles + self.app_permissions = app_permissions + self.available_to_other_tenants = available_to_other_tenants + self.error_url = error_url + self.group_membership_claims = group_membership_claims + self.homepage = homepage + self.informational_urls = informational_urls + self.is_device_only_auth_supported = is_device_only_auth_supported + self.key_credentials = key_credentials + self.known_client_applications = known_client_applications + self.logout_url = logout_url + self.oauth2_allow_implicit_flow = oauth2_allow_implicit_flow + self.oauth2_allow_url_path_matching = oauth2_allow_url_path_matching + self.oauth2_permissions = oauth2_permissions + self.oauth2_require_post_response = oauth2_require_post_response + self.org_restrictions = org_restrictions + self.optional_claims = optional_claims + self.password_credentials = password_credentials + self.pre_authorized_applications = pre_authorized_applications + self.public_client = public_client + self.publisher_domain = publisher_domain + self.reply_urls = reply_urls + self.required_resource_access = required_resource_access + self.saml_metadata_url = saml_metadata_url + self.sign_in_audience = sign_in_audience + self.www_homepage = www_homepage diff --git a/azure-graphrbac/azure/graphrbac/models/application_create_parameters.py b/azure-graphrbac/azure/graphrbac/models/application_create_parameters.py index 9c2b0e9c83e4..dbf668cb049e 100644 --- a/azure-graphrbac/azure/graphrbac/models/application_create_parameters.py +++ b/azure-graphrbac/azure/graphrbac/models/application_create_parameters.py @@ -9,79 +9,153 @@ # regenerated. # -------------------------------------------------------------------------- -from msrest.serialization import Model +from .application_base import ApplicationBase -class ApplicationCreateParameters(Model): +class ApplicationCreateParameters(ApplicationBase): """Request parameters for creating a new application. All required parameters must be populated in order to send to Azure. - :param additional_properties: Unmatched properties from the message are - deserialized this collection - :type additional_properties: dict[str, object] + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str :param app_roles: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. :type app_roles: list[~azure.graphrbac.models.AppRole] - :param available_to_other_tenants: Required. Whether the application is - available to other tenants. + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. :type available_to_other_tenants: bool - :param display_name: Required. The display name of the application. - :type display_name: str + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. + :type group_membership_claims: object :param homepage: The home page of the application. :type homepage: str - :param identifier_uris: Required. A collection of URIs for the - application. - :type identifier_uris: list[str] - :param reply_urls: A collection of reply URLs for the application. - :type reply_urls: list[str] - :param key_credentials: The list of KeyCredential objects. + :param informational_urls: urls with more informations of the application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: The list of PasswordCredential objects. - :type password_credentials: - list[~azure.graphrbac.models.PasswordCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow for OAuth2 :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorizaed applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] :param required_resource_access: Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. :type required_resource_access: list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganizatio, AzureADAllorganizations, + AzureADAndMicrosofAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + :param display_name: Required. The display name of the application. + :type display_name: str + :param identifier_uris: Required. A collection of URIs for the + application. + :type identifier_uris: list[str] """ _validation = { - 'available_to_other_tenants': {'required': True}, 'display_name': {'required': True}, 'identifier_uris': {'required': True}, } _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'object'}, 'homepage': {'key': 'homepage', 'type': 'str'}, - 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, - 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, } def __init__(self, **kwargs): super(ApplicationCreateParameters, self).__init__(**kwargs) - self.additional_properties = kwargs.get('additional_properties', None) - self.app_roles = kwargs.get('app_roles', None) - self.available_to_other_tenants = kwargs.get('available_to_other_tenants', None) self.display_name = kwargs.get('display_name', None) - self.homepage = kwargs.get('homepage', None) self.identifier_uris = kwargs.get('identifier_uris', None) - self.reply_urls = kwargs.get('reply_urls', None) - self.key_credentials = kwargs.get('key_credentials', None) - self.password_credentials = kwargs.get('password_credentials', None) - self.oauth2_allow_implicit_flow = kwargs.get('oauth2_allow_implicit_flow', None) - self.required_resource_access = kwargs.get('required_resource_access', None) diff --git a/azure-graphrbac/azure/graphrbac/models/application_create_parameters_py3.py b/azure-graphrbac/azure/graphrbac/models/application_create_parameters_py3.py index a64daff94ed2..1fbc599abe98 100644 --- a/azure-graphrbac/azure/graphrbac/models/application_create_parameters_py3.py +++ b/azure-graphrbac/azure/graphrbac/models/application_create_parameters_py3.py @@ -9,79 +9,153 @@ # regenerated. # -------------------------------------------------------------------------- -from msrest.serialization import Model +from .application_base_py3 import ApplicationBase -class ApplicationCreateParameters(Model): +class ApplicationCreateParameters(ApplicationBase): """Request parameters for creating a new application. All required parameters must be populated in order to send to Azure. - :param additional_properties: Unmatched properties from the message are - deserialized this collection - :type additional_properties: dict[str, object] + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str :param app_roles: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. :type app_roles: list[~azure.graphrbac.models.AppRole] - :param available_to_other_tenants: Required. Whether the application is - available to other tenants. + :param app_permissions: The application permissions. + :type app_permissions: list[str] + :param available_to_other_tenants: Whether the application is available to + other tenants. :type available_to_other_tenants: bool - :param display_name: Required. The display name of the application. - :type display_name: str + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. + :type group_membership_claims: object :param homepage: The home page of the application. :type homepage: str - :param identifier_uris: Required. A collection of URIs for the - application. - :type identifier_uris: list[str] - :param reply_urls: A collection of reply URLs for the application. - :type reply_urls: list[str] - :param key_credentials: The list of KeyCredential objects. + :param informational_urls: urls with more informations of the application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: The list of PasswordCredential objects. - :type password_credentials: - list[~azure.graphrbac.models.PasswordCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow for OAuth2 :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorizaed applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] :param required_resource_access: Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. :type required_resource_access: list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganizatio, AzureADAllorganizations, + AzureADAndMicrosofAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + :param display_name: Required. The display name of the application. + :type display_name: str + :param identifier_uris: Required. A collection of URIs for the + application. + :type identifier_uris: list[str] """ _validation = { - 'available_to_other_tenants': {'required': True}, 'display_name': {'required': True}, 'identifier_uris': {'required': True}, } _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'object'}, 'homepage': {'key': 'homepage', 'type': 'str'}, - 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, - 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, } - def __init__(self, *, available_to_other_tenants: bool, display_name: str, identifier_uris, additional_properties=None, app_roles=None, homepage: str=None, reply_urls=None, key_credentials=None, password_credentials=None, oauth2_allow_implicit_flow: bool=None, required_resource_access=None, **kwargs) -> None: - super(ApplicationCreateParameters, self).__init__(**kwargs) - self.additional_properties = additional_properties - self.app_roles = app_roles - self.available_to_other_tenants = available_to_other_tenants + def __init__(self, *, display_name: str, identifier_uris, allow_guests_sign_in: bool=None, allow_passthrough_users: bool=None, app_logo_url: str=None, app_roles=None, app_permissions=None, available_to_other_tenants: bool=None, error_url: str=None, group_membership_claims=None, homepage: str=None, informational_urls=None, is_device_only_auth_supported: bool=None, key_credentials=None, known_client_applications=None, logout_url: str=None, oauth2_allow_implicit_flow: bool=None, oauth2_allow_url_path_matching: bool=None, oauth2_permissions=None, oauth2_require_post_response: bool=None, org_restrictions=None, optional_claims=None, password_credentials=None, pre_authorized_applications=None, public_client: bool=None, publisher_domain: str=None, reply_urls=None, required_resource_access=None, saml_metadata_url: str=None, sign_in_audience: str=None, www_homepage: str=None, **kwargs) -> None: + super(ApplicationCreateParameters, self).__init__(allow_guests_sign_in=allow_guests_sign_in, allow_passthrough_users=allow_passthrough_users, app_logo_url=app_logo_url, app_roles=app_roles, app_permissions=app_permissions, available_to_other_tenants=available_to_other_tenants, error_url=error_url, group_membership_claims=group_membership_claims, homepage=homepage, informational_urls=informational_urls, is_device_only_auth_supported=is_device_only_auth_supported, key_credentials=key_credentials, known_client_applications=known_client_applications, logout_url=logout_url, oauth2_allow_implicit_flow=oauth2_allow_implicit_flow, oauth2_allow_url_path_matching=oauth2_allow_url_path_matching, oauth2_permissions=oauth2_permissions, oauth2_require_post_response=oauth2_require_post_response, org_restrictions=org_restrictions, optional_claims=optional_claims, password_credentials=password_credentials, pre_authorized_applications=pre_authorized_applications, public_client=public_client, publisher_domain=publisher_domain, reply_urls=reply_urls, required_resource_access=required_resource_access, saml_metadata_url=saml_metadata_url, sign_in_audience=sign_in_audience, www_homepage=www_homepage, **kwargs) self.display_name = display_name - self.homepage = homepage self.identifier_uris = identifier_uris - self.reply_urls = reply_urls - self.key_credentials = key_credentials - self.password_credentials = password_credentials - self.oauth2_allow_implicit_flow = oauth2_allow_implicit_flow - self.required_resource_access = required_resource_access diff --git a/azure-graphrbac/azure/graphrbac/models/application_py3.py b/azure-graphrbac/azure/graphrbac/models/application_py3.py index 8b525e1fb6a8..d976a36109b6 100644 --- a/azure-graphrbac/azure/graphrbac/models/application_py3.py +++ b/azure-graphrbac/azure/graphrbac/models/application_py3.py @@ -32,37 +32,102 @@ class Application(DirectoryObject): :type object_type: str :param app_id: The application ID. :type app_id: str + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str :param app_roles: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. :type app_roles: list[~azure.graphrbac.models.AppRole] :param app_permissions: The application permissions. :type app_permissions: list[str] - :param available_to_other_tenants: Whether the application is be available - to other tenants. + :param available_to_other_tenants: Whether the application is available to + other tenants. :type available_to_other_tenants: bool :param display_name: The display name of the application. :type display_name: str - :param identifier_uris: A collection of URIs for the application. - :type identifier_uris: list[str] - :param reply_urls: A collection of reply URLs for the application. - :type reply_urls: list[str] + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. + :type group_membership_claims: object :param homepage: The home page of the application. :type homepage: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] + :param informational_urls: urls with more informations of the application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow for OAuth2 :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorizaed applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] :param required_resource_access: Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. :type required_resource_access: list[~azure.graphrbac.models.RequiredResourceAccess] - :param key_credentials: A collection of KeyCredential objects. - :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: A collection of PasswordCredential objects - :type password_credentials: - list[~azure.graphrbac.models.PasswordCredential] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganizatio, AzureADAllorganizations, + AzureADAndMicrosofAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str """ _validation = { @@ -77,31 +142,71 @@ class Application(DirectoryObject): 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, 'object_type': {'key': 'objectType', 'type': 'str'}, 'app_id': {'key': 'appId', 'type': 'str'}, + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, 'display_name': {'key': 'displayName', 'type': 'str'}, - 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'object'}, 'homepage': {'key': 'homepage', 'type': 'str'}, - 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, - 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, } - def __init__(self, *, additional_properties=None, app_id: str=None, app_roles=None, app_permissions=None, available_to_other_tenants: bool=None, display_name: str=None, identifier_uris=None, reply_urls=None, homepage: str=None, oauth2_allow_implicit_flow: bool=None, required_resource_access=None, key_credentials=None, password_credentials=None, **kwargs) -> None: + def __init__(self, *, additional_properties=None, app_id: str=None, allow_guests_sign_in: bool=None, allow_passthrough_users: bool=None, app_logo_url: str=None, app_roles=None, app_permissions=None, available_to_other_tenants: bool=None, display_name: str=None, error_url: str=None, group_membership_claims=None, homepage: str=None, identifier_uris=None, informational_urls=None, is_device_only_auth_supported: bool=None, key_credentials=None, known_client_applications=None, logout_url: str=None, oauth2_allow_implicit_flow: bool=None, oauth2_allow_url_path_matching: bool=None, oauth2_permissions=None, oauth2_require_post_response: bool=None, org_restrictions=None, optional_claims=None, password_credentials=None, pre_authorized_applications=None, public_client: bool=None, publisher_domain: str=None, reply_urls=None, required_resource_access=None, saml_metadata_url: str=None, sign_in_audience: str=None, www_homepage: str=None, **kwargs) -> None: super(Application, self).__init__(additional_properties=additional_properties, **kwargs) self.app_id = app_id + self.allow_guests_sign_in = allow_guests_sign_in + self.allow_passthrough_users = allow_passthrough_users + self.app_logo_url = app_logo_url self.app_roles = app_roles self.app_permissions = app_permissions self.available_to_other_tenants = available_to_other_tenants self.display_name = display_name - self.identifier_uris = identifier_uris - self.reply_urls = reply_urls + self.error_url = error_url + self.group_membership_claims = group_membership_claims self.homepage = homepage - self.oauth2_allow_implicit_flow = oauth2_allow_implicit_flow - self.required_resource_access = required_resource_access + self.identifier_uris = identifier_uris + self.informational_urls = informational_urls + self.is_device_only_auth_supported = is_device_only_auth_supported self.key_credentials = key_credentials + self.known_client_applications = known_client_applications + self.logout_url = logout_url + self.oauth2_allow_implicit_flow = oauth2_allow_implicit_flow + self.oauth2_allow_url_path_matching = oauth2_allow_url_path_matching + self.oauth2_permissions = oauth2_permissions + self.oauth2_require_post_response = oauth2_require_post_response + self.org_restrictions = org_restrictions + self.optional_claims = optional_claims self.password_credentials = password_credentials + self.pre_authorized_applications = pre_authorized_applications + self.public_client = public_client + self.publisher_domain = publisher_domain + self.reply_urls = reply_urls + self.required_resource_access = required_resource_access + self.saml_metadata_url = saml_metadata_url + self.sign_in_audience = sign_in_audience + self.www_homepage = www_homepage self.object_type = 'Application' diff --git a/azure-graphrbac/azure/graphrbac/models/application_update_parameters.py b/azure-graphrbac/azure/graphrbac/models/application_update_parameters.py index ecb1068d31c7..a6cecb6d4f9f 100644 --- a/azure-graphrbac/azure/graphrbac/models/application_update_parameters.py +++ b/azure-graphrbac/azure/graphrbac/models/application_update_parameters.py @@ -9,70 +9,145 @@ # regenerated. # -------------------------------------------------------------------------- -from msrest.serialization import Model +from .application_base import ApplicationBase -class ApplicationUpdateParameters(Model): - """Request parameters for updating an existing application. +class ApplicationUpdateParameters(ApplicationBase): + """Request parameters for updating a new application. - :param additional_properties: Unmatched properties from the message are - deserialized this collection - :type additional_properties: dict[str, object] + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str :param app_roles: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] :param available_to_other_tenants: Whether the application is available to - other tenants + other tenants. :type available_to_other_tenants: bool - :param display_name: The display name of the application. - :type display_name: str + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. + :type group_membership_claims: object :param homepage: The home page of the application. :type homepage: str - :param identifier_uris: A collection of URIs for the application. - :type identifier_uris: list[str] - :param reply_urls: A collection of reply URLs for the application. - :type reply_urls: list[str] - :param key_credentials: The list of KeyCredential objects. + :param informational_urls: urls with more informations of the application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: The list of PasswordCredential objects. - :type password_credentials: - list[~azure.graphrbac.models.PasswordCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow for OAuth2 :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorizaed applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] :param required_resource_access: Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. :type required_resource_access: list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganizatio, AzureADAllorganizations, + AzureADAndMicrosofAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + :param display_name: The display name of the application. + :type display_name: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] """ _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'object'}, 'homepage': {'key': 'homepage', 'type': 'str'}, - 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, - 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, } def __init__(self, **kwargs): super(ApplicationUpdateParameters, self).__init__(**kwargs) - self.additional_properties = kwargs.get('additional_properties', None) - self.app_roles = kwargs.get('app_roles', None) - self.available_to_other_tenants = kwargs.get('available_to_other_tenants', None) self.display_name = kwargs.get('display_name', None) - self.homepage = kwargs.get('homepage', None) self.identifier_uris = kwargs.get('identifier_uris', None) - self.reply_urls = kwargs.get('reply_urls', None) - self.key_credentials = kwargs.get('key_credentials', None) - self.password_credentials = kwargs.get('password_credentials', None) - self.oauth2_allow_implicit_flow = kwargs.get('oauth2_allow_implicit_flow', None) - self.required_resource_access = kwargs.get('required_resource_access', None) diff --git a/azure-graphrbac/azure/graphrbac/models/application_update_parameters_py3.py b/azure-graphrbac/azure/graphrbac/models/application_update_parameters_py3.py index c8efcf211d61..9e4fe34197c1 100644 --- a/azure-graphrbac/azure/graphrbac/models/application_update_parameters_py3.py +++ b/azure-graphrbac/azure/graphrbac/models/application_update_parameters_py3.py @@ -9,70 +9,145 @@ # regenerated. # -------------------------------------------------------------------------- -from msrest.serialization import Model +from .application_base_py3 import ApplicationBase -class ApplicationUpdateParameters(Model): - """Request parameters for updating an existing application. +class ApplicationUpdateParameters(ApplicationBase): + """Request parameters for updating a new application. - :param additional_properties: Unmatched properties from the message are - deserialized this collection - :type additional_properties: dict[str, object] + :param allow_guests_sign_in: A property on the application to indicate if + the application accepts other IDPs or not or partially accepts. + :type allow_guests_sign_in: bool + :param allow_passthrough_users: Indicates that the application supports + pass through users who have no presence in the resource tenant. + :type allow_passthrough_users: bool + :param app_logo_url: The url for the application logo image stored in a + CDN. + :type app_logo_url: str :param app_roles: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. :type app_roles: list[~azure.graphrbac.models.AppRole] + :param app_permissions: The application permissions. + :type app_permissions: list[str] :param available_to_other_tenants: Whether the application is available to - other tenants + other tenants. :type available_to_other_tenants: bool - :param display_name: The display name of the application. - :type display_name: str + :param error_url: A URL provided by the author of the application to + report errors when using the application. + :type error_url: str + :param group_membership_claims: Configures the groups claim issued in a + user or OAuth 2.0 access token that the app expects. + :type group_membership_claims: object :param homepage: The home page of the application. :type homepage: str - :param identifier_uris: A collection of URIs for the application. - :type identifier_uris: list[str] - :param reply_urls: A collection of reply URLs for the application. - :type reply_urls: list[str] - :param key_credentials: The list of KeyCredential objects. + :param informational_urls: urls with more informations of the application. + :type informational_urls: ~azure.graphrbac.models.InformationalUrl + :param is_device_only_auth_supported: Specifies whether this application + supports device authentication without a user. The default is false. + :type is_device_only_auth_supported: bool + :param key_credentials: A collection of KeyCredential objects. :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: The list of PasswordCredential objects. - :type password_credentials: - list[~azure.graphrbac.models.PasswordCredential] + :param known_client_applications: Client applications that are tied to + this resource application. Consent to any of the known client applications + will result in implicit consent to the resource application through a + combined consent dialog (showing the OAuth permission scopes required by + the client and the resource). + :type known_client_applications: list[str] + :param logout_url: the url of the logout page + :type logout_url: str :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow for OAuth2 :type oauth2_allow_implicit_flow: bool + :param oauth2_allow_url_path_matching: Specifies whether during a token + Request Azure AD will allow path matching of the redirect URI against the + applications collection of replyURLs. The default is false. + :type oauth2_allow_url_path_matching: bool + :param oauth2_permissions: The collection of OAuth 2.0 permission scopes + that the web API (resource) application exposes to client applications. + These permission scopes may be granted to client applications during + consent. + :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission] + :param oauth2_require_post_response: Specifies whether, as part of OAuth + 2.0 token requests, Azure AD will allow POST requests, as opposed to GET + requests. The default is false, which specifies that only GET requests + will be allowed. + :type oauth2_require_post_response: bool + :param org_restrictions: A list of tenants allowed to access application. + :type org_restrictions: list[str] + :param optional_claims: + :type optional_claims: ~azure.graphrbac.models.OptionalClaims + :param password_credentials: A collection of PasswordCredential objects + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param pre_authorized_applications: list of pre-authorizaed applications. + :type pre_authorized_applications: + list[~azure.graphrbac.models.PreAuthorizedApplication] + :param public_client: Specifies whether this application is a public + client (such as an installed application running on a mobile device). + Default is false. + :type public_client: bool + :param publisher_domain: Reliable domain which can be used to identify an + application. + :type publisher_domain: str + :param reply_urls: A collection of reply URLs for the application. + :type reply_urls: list[str] :param required_resource_access: Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. :type required_resource_access: list[~azure.graphrbac.models.RequiredResourceAccess] + :param saml_metadata_url: The URL to the SAML metadata for the + application. + :type saml_metadata_url: str + :param sign_in_audience: Audience for signing in to the application + (AzureADMyOrganizatio, AzureADAllorganizations, + AzureADAndMicrosofAccounts). + :type sign_in_audience: str + :param www_homepage: The primary Web page. + :type www_homepage: str + :param display_name: The display name of the application. + :type display_name: str + :param identifier_uris: A collection of URIs for the application. + :type identifier_uris: list[str] """ _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, + 'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'}, + 'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'}, + 'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'}, 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'app_permissions': {'key': 'appPermissions', 'type': '[str]'}, 'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'object'}, 'homepage': {'key': 'homepage', 'type': 'str'}, - 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'}, + 'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, - 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, 'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'}, + 'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'}, + 'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'}, + 'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'}, + 'public_client': {'key': 'publicClient', 'type': 'bool'}, + 'publisher_domain': {'key': 'publisherDomain', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, 'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, + 'sign_in_audience': {'key': 'signInAudience', 'type': 'str'}, + 'www_homepage': {'key': 'wwwHomepage', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'identifier_uris': {'key': 'identifierUris', 'type': '[str]'}, } - def __init__(self, *, additional_properties=None, app_roles=None, available_to_other_tenants: bool=None, display_name: str=None, homepage: str=None, identifier_uris=None, reply_urls=None, key_credentials=None, password_credentials=None, oauth2_allow_implicit_flow: bool=None, required_resource_access=None, **kwargs) -> None: - super(ApplicationUpdateParameters, self).__init__(**kwargs) - self.additional_properties = additional_properties - self.app_roles = app_roles - self.available_to_other_tenants = available_to_other_tenants + def __init__(self, *, allow_guests_sign_in: bool=None, allow_passthrough_users: bool=None, app_logo_url: str=None, app_roles=None, app_permissions=None, available_to_other_tenants: bool=None, error_url: str=None, group_membership_claims=None, homepage: str=None, informational_urls=None, is_device_only_auth_supported: bool=None, key_credentials=None, known_client_applications=None, logout_url: str=None, oauth2_allow_implicit_flow: bool=None, oauth2_allow_url_path_matching: bool=None, oauth2_permissions=None, oauth2_require_post_response: bool=None, org_restrictions=None, optional_claims=None, password_credentials=None, pre_authorized_applications=None, public_client: bool=None, publisher_domain: str=None, reply_urls=None, required_resource_access=None, saml_metadata_url: str=None, sign_in_audience: str=None, www_homepage: str=None, display_name: str=None, identifier_uris=None, **kwargs) -> None: + super(ApplicationUpdateParameters, self).__init__(allow_guests_sign_in=allow_guests_sign_in, allow_passthrough_users=allow_passthrough_users, app_logo_url=app_logo_url, app_roles=app_roles, app_permissions=app_permissions, available_to_other_tenants=available_to_other_tenants, error_url=error_url, group_membership_claims=group_membership_claims, homepage=homepage, informational_urls=informational_urls, is_device_only_auth_supported=is_device_only_auth_supported, key_credentials=key_credentials, known_client_applications=known_client_applications, logout_url=logout_url, oauth2_allow_implicit_flow=oauth2_allow_implicit_flow, oauth2_allow_url_path_matching=oauth2_allow_url_path_matching, oauth2_permissions=oauth2_permissions, oauth2_require_post_response=oauth2_require_post_response, org_restrictions=org_restrictions, optional_claims=optional_claims, password_credentials=password_credentials, pre_authorized_applications=pre_authorized_applications, public_client=public_client, publisher_domain=publisher_domain, reply_urls=reply_urls, required_resource_access=required_resource_access, saml_metadata_url=saml_metadata_url, sign_in_audience=sign_in_audience, www_homepage=www_homepage, **kwargs) self.display_name = display_name - self.homepage = homepage self.identifier_uris = identifier_uris - self.reply_urls = reply_urls - self.key_credentials = key_credentials - self.password_credentials = password_credentials - self.oauth2_allow_implicit_flow = oauth2_allow_implicit_flow - self.required_resource_access = required_resource_access diff --git a/azure-graphrbac/azure/graphrbac/models/graph_rbac_management_client_enums.py b/azure-graphrbac/azure/graphrbac/models/graph_rbac_management_client_enums.py index 8c62d75101a2..d8ca3cce3747 100644 --- a/azure-graphrbac/azure/graphrbac/models/graph_rbac_management_client_enums.py +++ b/azure-graphrbac/azure/graphrbac/models/graph_rbac_management_client_enums.py @@ -16,3 +16,9 @@ class UserType(str, Enum): member = "Member" guest = "Guest" + + +class ConsentType(str, Enum): + + all_principals = "AllPrincipals" + principal = "Principal" diff --git a/azure-graphrbac/azure/graphrbac/models/informational_url.py b/azure-graphrbac/azure/graphrbac/models/informational_url.py new file mode 100644 index 000000000000..b08cc5b01481 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/informational_url.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class InformationalUrl(Model): + """Represents a group of URIs that provide terms of service, marketing, + support and privacy policy information about an application. The default + value for each string is null. + + :param terms_of_service: The terms of service URI + :type terms_of_service: str + :param marketing: The marketing URI + :type marketing: str + :param privacy: The privacy policy URI + :type privacy: str + :param support: The support URI + :type support: str + """ + + _attribute_map = { + 'terms_of_service': {'key': 'termsOfService', 'type': 'str'}, + 'marketing': {'key': 'marketing', 'type': 'str'}, + 'privacy': {'key': 'privacy', 'type': 'str'}, + 'support': {'key': 'support', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(InformationalUrl, self).__init__(**kwargs) + self.terms_of_service = kwargs.get('terms_of_service', None) + self.marketing = kwargs.get('marketing', None) + self.privacy = kwargs.get('privacy', None) + self.support = kwargs.get('support', None) diff --git a/azure-graphrbac/azure/graphrbac/models/informational_url_py3.py b/azure-graphrbac/azure/graphrbac/models/informational_url_py3.py new file mode 100644 index 000000000000..d7d52b6256a1 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/informational_url_py3.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class InformationalUrl(Model): + """Represents a group of URIs that provide terms of service, marketing, + support and privacy policy information about an application. The default + value for each string is null. + + :param terms_of_service: The terms of service URI + :type terms_of_service: str + :param marketing: The marketing URI + :type marketing: str + :param privacy: The privacy policy URI + :type privacy: str + :param support: The support URI + :type support: str + """ + + _attribute_map = { + 'terms_of_service': {'key': 'termsOfService', 'type': 'str'}, + 'marketing': {'key': 'marketing', 'type': 'str'}, + 'privacy': {'key': 'privacy', 'type': 'str'}, + 'support': {'key': 'support', 'type': 'str'}, + } + + def __init__(self, *, terms_of_service: str=None, marketing: str=None, privacy: str=None, support: str=None, **kwargs) -> None: + super(InformationalUrl, self).__init__(**kwargs) + self.terms_of_service = terms_of_service + self.marketing = marketing + self.privacy = privacy + self.support = support diff --git a/azure-graphrbac/azure/graphrbac/models/oauth2_permission.py b/azure-graphrbac/azure/graphrbac/models/oauth2_permission.py new file mode 100644 index 000000000000..755b8e4d2aa2 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/oauth2_permission.py @@ -0,0 +1,73 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OAuth2Permission(Model): + """Represents an OAuth 2.0 delegated permission scope. The specified OAuth 2.0 + delegated permission scopes may be requested by client applications + (through the requiredResourceAccess collection on the Application object) + when calling a resource application. The oauth2Permissions property of the + ServicePrincipal entity and of the Application entity is a collection of + OAuth2Permission. + + :param admin_consent_description: Permission help text that appears in the + admin consent and app assignment experiences. + :type admin_consent_description: str + :param admin_consent_display_name: Display name for the permission that + appears in the admin consent and app assignment experiences. + :type admin_consent_display_name: str + :param id: Unique scope permission identifier inside the oauth2Permissions + collection. + :type id: str + :param is_enabled: When creating or updating a permission, this property + must be set to true (which is the default). To delete a permission, this + property must first be set to false. At that point, in a subsequent call, + the permission may be removed. + :type is_enabled: bool + :param type: Specifies whether this scope permission can be consented to + by an end user, or whether it is a tenant-wide permission that must be + consented to by a Company Administrator. Possible values are "User" or + "Admin". + :type type: str + :param user_consent_description: Permission help text that appears in the + end user consent experience. + :type user_consent_description: str + :param user_consent_display_name: Display name for the permission that + appears in the end user consent experience. + :type user_consent_display_name: str + :param value: The value of the scope claim that the resource application + should expect in the OAuth 2.0 access token. + :type value: str + """ + + _attribute_map = { + 'admin_consent_description': {'key': 'adminConsentDescription', 'type': 'str'}, + 'admin_consent_display_name': {'key': 'adminConsentDisplayName', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'type': {'key': 'type', 'type': 'str'}, + 'user_consent_description': {'key': 'userConsentDescription', 'type': 'str'}, + 'user_consent_display_name': {'key': 'userConsentDisplayName', 'type': 'str'}, + 'value': {'key': 'value', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(OAuth2Permission, self).__init__(**kwargs) + self.admin_consent_description = kwargs.get('admin_consent_description', None) + self.admin_consent_display_name = kwargs.get('admin_consent_display_name', None) + self.id = kwargs.get('id', None) + self.is_enabled = kwargs.get('is_enabled', None) + self.type = kwargs.get('type', None) + self.user_consent_description = kwargs.get('user_consent_description', None) + self.user_consent_display_name = kwargs.get('user_consent_display_name', None) + self.value = kwargs.get('value', None) diff --git a/azure-graphrbac/azure/graphrbac/models/permissions.py b/azure-graphrbac/azure/graphrbac/models/oauth2_permission_grant.py similarity index 58% rename from azure-graphrbac/azure/graphrbac/models/permissions.py rename to azure-graphrbac/azure/graphrbac/models/oauth2_permission_grant.py index d433d559b540..97844769d368 100644 --- a/azure-graphrbac/azure/graphrbac/models/permissions.py +++ b/azure-graphrbac/azure/graphrbac/models/oauth2_permission_grant.py @@ -12,21 +12,30 @@ from msrest.serialization import Model -class Permissions(Model): - """Permissions. +class OAuth2PermissionGrant(Model): + """OAuth2PermissionGrant. :param odatatype: Microsoft.DirectoryServices.OAuth2PermissionGrant :type odatatype: str - :param client_id: The objectId of the Service Principal associated with - the app + :param client_id: The id of the resource's service principal granted + consent to impersonate the user when accessing the resource (represented + by the resourceId property). :type client_id: str - :param consent_type: Typically set to AllPrincipals - :type consent_type: str - :param principal_id: Set to null if AllPrincipals is set - :type principal_id: object - :param resource_id: Service Principal Id of the resource you want to grant + :param object_id: The id of the permission grant + :type object_id: str + :param consent_type: Indicates if consent was provided by the + administrator (on behalf of the organization) or by an individual. + Possible values include: 'AllPrincipals', 'Principal' + :type consent_type: str or ~azure.graphrbac.models.ConsentType + :param principal_id: When consent type is Principal, this property + specifies the id of the user that granted consent and applies only for + that user. + :type principal_id: str + :param resource_id: Object Id of the resource you want to grant :type resource_id: str - :param scope: Typically set to user_impersonation + :param scope: Specifies the value of the scope claim that the resource + application should expect in the OAuth 2.0 access token. For example, + User.Read :type scope: str :param start_time: Start time for TTL :type start_time: str @@ -37,8 +46,9 @@ class Permissions(Model): _attribute_map = { 'odatatype': {'key': 'odata\\.type', 'type': 'str'}, 'client_id': {'key': 'clientId', 'type': 'str'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, 'consent_type': {'key': 'consentType', 'type': 'str'}, - 'principal_id': {'key': 'principalId', 'type': 'object'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, 'resource_id': {'key': 'resourceId', 'type': 'str'}, 'scope': {'key': 'scope', 'type': 'str'}, 'start_time': {'key': 'startTime', 'type': 'str'}, @@ -46,9 +56,10 @@ class Permissions(Model): } def __init__(self, **kwargs): - super(Permissions, self).__init__(**kwargs) + super(OAuth2PermissionGrant, self).__init__(**kwargs) self.odatatype = kwargs.get('odatatype', None) self.client_id = kwargs.get('client_id', None) + self.object_id = kwargs.get('object_id', None) self.consent_type = kwargs.get('consent_type', None) self.principal_id = kwargs.get('principal_id', None) self.resource_id = kwargs.get('resource_id', None) diff --git a/azure-graphrbac/azure/graphrbac/models/oauth2_permission_grant_paged.py b/azure-graphrbac/azure/graphrbac/models/oauth2_permission_grant_paged.py new file mode 100644 index 000000000000..29c4f6171685 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/oauth2_permission_grant_paged.py @@ -0,0 +1,27 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.paging import Paged + + +class OAuth2PermissionGrantPaged(Paged): + """ + A paging container for iterating over a list of :class:`OAuth2PermissionGrant ` object + """ + + _attribute_map = { + 'next_link': {'key': 'odata\\.nextLink', 'type': 'str'}, + 'current_page': {'key': 'value', 'type': '[OAuth2PermissionGrant]'} + } + + def __init__(self, *args, **kwargs): + + super(OAuth2PermissionGrantPaged, self).__init__(*args, **kwargs) diff --git a/azure-graphrbac/azure/graphrbac/models/permissions_py3.py b/azure-graphrbac/azure/graphrbac/models/oauth2_permission_grant_py3.py similarity index 53% rename from azure-graphrbac/azure/graphrbac/models/permissions_py3.py rename to azure-graphrbac/azure/graphrbac/models/oauth2_permission_grant_py3.py index 6f3211d46a1c..cb745c9195ff 100644 --- a/azure-graphrbac/azure/graphrbac/models/permissions_py3.py +++ b/azure-graphrbac/azure/graphrbac/models/oauth2_permission_grant_py3.py @@ -12,21 +12,30 @@ from msrest.serialization import Model -class Permissions(Model): - """Permissions. +class OAuth2PermissionGrant(Model): + """OAuth2PermissionGrant. :param odatatype: Microsoft.DirectoryServices.OAuth2PermissionGrant :type odatatype: str - :param client_id: The objectId of the Service Principal associated with - the app + :param client_id: The id of the resource's service principal granted + consent to impersonate the user when accessing the resource (represented + by the resourceId property). :type client_id: str - :param consent_type: Typically set to AllPrincipals - :type consent_type: str - :param principal_id: Set to null if AllPrincipals is set - :type principal_id: object - :param resource_id: Service Principal Id of the resource you want to grant + :param object_id: The id of the permission grant + :type object_id: str + :param consent_type: Indicates if consent was provided by the + administrator (on behalf of the organization) or by an individual. + Possible values include: 'AllPrincipals', 'Principal' + :type consent_type: str or ~azure.graphrbac.models.ConsentType + :param principal_id: When consent type is Principal, this property + specifies the id of the user that granted consent and applies only for + that user. + :type principal_id: str + :param resource_id: Object Id of the resource you want to grant :type resource_id: str - :param scope: Typically set to user_impersonation + :param scope: Specifies the value of the scope claim that the resource + application should expect in the OAuth 2.0 access token. For example, + User.Read :type scope: str :param start_time: Start time for TTL :type start_time: str @@ -37,18 +46,20 @@ class Permissions(Model): _attribute_map = { 'odatatype': {'key': 'odata\\.type', 'type': 'str'}, 'client_id': {'key': 'clientId', 'type': 'str'}, + 'object_id': {'key': 'objectId', 'type': 'str'}, 'consent_type': {'key': 'consentType', 'type': 'str'}, - 'principal_id': {'key': 'principalId', 'type': 'object'}, + 'principal_id': {'key': 'principalId', 'type': 'str'}, 'resource_id': {'key': 'resourceId', 'type': 'str'}, 'scope': {'key': 'scope', 'type': 'str'}, 'start_time': {'key': 'startTime', 'type': 'str'}, 'expiry_time': {'key': 'expiryTime', 'type': 'str'}, } - def __init__(self, *, odatatype: str=None, client_id: str=None, consent_type: str=None, principal_id=None, resource_id: str=None, scope: str=None, start_time: str=None, expiry_time: str=None, **kwargs) -> None: - super(Permissions, self).__init__(**kwargs) + def __init__(self, *, odatatype: str=None, client_id: str=None, object_id: str=None, consent_type=None, principal_id: str=None, resource_id: str=None, scope: str=None, start_time: str=None, expiry_time: str=None, **kwargs) -> None: + super(OAuth2PermissionGrant, self).__init__(**kwargs) self.odatatype = odatatype self.client_id = client_id + self.object_id = object_id self.consent_type = consent_type self.principal_id = principal_id self.resource_id = resource_id diff --git a/azure-graphrbac/azure/graphrbac/models/oauth2_permission_py3.py b/azure-graphrbac/azure/graphrbac/models/oauth2_permission_py3.py new file mode 100644 index 000000000000..c8c8488cd331 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/oauth2_permission_py3.py @@ -0,0 +1,73 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OAuth2Permission(Model): + """Represents an OAuth 2.0 delegated permission scope. The specified OAuth 2.0 + delegated permission scopes may be requested by client applications + (through the requiredResourceAccess collection on the Application object) + when calling a resource application. The oauth2Permissions property of the + ServicePrincipal entity and of the Application entity is a collection of + OAuth2Permission. + + :param admin_consent_description: Permission help text that appears in the + admin consent and app assignment experiences. + :type admin_consent_description: str + :param admin_consent_display_name: Display name for the permission that + appears in the admin consent and app assignment experiences. + :type admin_consent_display_name: str + :param id: Unique scope permission identifier inside the oauth2Permissions + collection. + :type id: str + :param is_enabled: When creating or updating a permission, this property + must be set to true (which is the default). To delete a permission, this + property must first be set to false. At that point, in a subsequent call, + the permission may be removed. + :type is_enabled: bool + :param type: Specifies whether this scope permission can be consented to + by an end user, or whether it is a tenant-wide permission that must be + consented to by a Company Administrator. Possible values are "User" or + "Admin". + :type type: str + :param user_consent_description: Permission help text that appears in the + end user consent experience. + :type user_consent_description: str + :param user_consent_display_name: Display name for the permission that + appears in the end user consent experience. + :type user_consent_display_name: str + :param value: The value of the scope claim that the resource application + should expect in the OAuth 2.0 access token. + :type value: str + """ + + _attribute_map = { + 'admin_consent_description': {'key': 'adminConsentDescription', 'type': 'str'}, + 'admin_consent_display_name': {'key': 'adminConsentDisplayName', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'type': {'key': 'type', 'type': 'str'}, + 'user_consent_description': {'key': 'userConsentDescription', 'type': 'str'}, + 'user_consent_display_name': {'key': 'userConsentDisplayName', 'type': 'str'}, + 'value': {'key': 'value', 'type': 'str'}, + } + + def __init__(self, *, admin_consent_description: str=None, admin_consent_display_name: str=None, id: str=None, is_enabled: bool=None, type: str=None, user_consent_description: str=None, user_consent_display_name: str=None, value: str=None, **kwargs) -> None: + super(OAuth2Permission, self).__init__(**kwargs) + self.admin_consent_description = admin_consent_description + self.admin_consent_display_name = admin_consent_display_name + self.id = id + self.is_enabled = is_enabled + self.type = type + self.user_consent_description = user_consent_description + self.user_consent_display_name = user_consent_display_name + self.value = value diff --git a/azure-graphrbac/azure/graphrbac/models/optional_claim.py b/azure-graphrbac/azure/graphrbac/models/optional_claim.py new file mode 100644 index 000000000000..5df4bf78ec84 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/optional_claim.py @@ -0,0 +1,40 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OptionalClaim(Model): + """Specifying the claims to be included in a token. + + :param name: Claim name. + :type name: str + :param source: Claim source. + :type source: str + :param essential: Is this a requied claim. + :type essential: bool + :param additional_properties: + :type additional_properties: object + """ + + _attribute_map = { + 'name': {'key': 'name', 'type': 'str'}, + 'source': {'key': 'source', 'type': 'str'}, + 'essential': {'key': 'essential', 'type': 'bool'}, + 'additional_properties': {'key': 'additionalProperties', 'type': 'object'}, + } + + def __init__(self, **kwargs): + super(OptionalClaim, self).__init__(**kwargs) + self.name = kwargs.get('name', None) + self.source = kwargs.get('source', None) + self.essential = kwargs.get('essential', None) + self.additional_properties = kwargs.get('additional_properties', None) diff --git a/azure-graphrbac/azure/graphrbac/models/optional_claim_py3.py b/azure-graphrbac/azure/graphrbac/models/optional_claim_py3.py new file mode 100644 index 000000000000..be59c84e9113 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/optional_claim_py3.py @@ -0,0 +1,40 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OptionalClaim(Model): + """Specifying the claims to be included in a token. + + :param name: Claim name. + :type name: str + :param source: Claim source. + :type source: str + :param essential: Is this a requied claim. + :type essential: bool + :param additional_properties: + :type additional_properties: object + """ + + _attribute_map = { + 'name': {'key': 'name', 'type': 'str'}, + 'source': {'key': 'source', 'type': 'str'}, + 'essential': {'key': 'essential', 'type': 'bool'}, + 'additional_properties': {'key': 'additionalProperties', 'type': 'object'}, + } + + def __init__(self, *, name: str=None, source: str=None, essential: bool=None, additional_properties=None, **kwargs) -> None: + super(OptionalClaim, self).__init__(**kwargs) + self.name = name + self.source = source + self.essential = essential + self.additional_properties = additional_properties diff --git a/azure-graphrbac/azure/graphrbac/models/optional_claims.py b/azure-graphrbac/azure/graphrbac/models/optional_claims.py new file mode 100644 index 000000000000..ce1c9e151ed0 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/optional_claims.py @@ -0,0 +1,38 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OptionalClaims(Model): + """Specifying the claims to be included in the token. + + :param id_token: Optional claims requested to be included in the id token. + :type id_token: list[~azure.graphrbac.models.OptionalClaim] + :param access_token: Optional claims requested to be included in the + access token. + :type access_token: list[~azure.graphrbac.models.OptionalClaim] + :param saml_token: Optional claims requested to be included in the saml + token. + :type saml_token: list[~azure.graphrbac.models.OptionalClaim] + """ + + _attribute_map = { + 'id_token': {'key': 'idToken', 'type': '[OptionalClaim]'}, + 'access_token': {'key': 'accessToken', 'type': '[OptionalClaim]'}, + 'saml_token': {'key': 'samlToken', 'type': '[OptionalClaim]'}, + } + + def __init__(self, **kwargs): + super(OptionalClaims, self).__init__(**kwargs) + self.id_token = kwargs.get('id_token', None) + self.access_token = kwargs.get('access_token', None) + self.saml_token = kwargs.get('saml_token', None) diff --git a/azure-graphrbac/azure/graphrbac/models/optional_claims_py3.py b/azure-graphrbac/azure/graphrbac/models/optional_claims_py3.py new file mode 100644 index 000000000000..9d8289b4c85b --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/optional_claims_py3.py @@ -0,0 +1,38 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class OptionalClaims(Model): + """Specifying the claims to be included in the token. + + :param id_token: Optional claims requested to be included in the id token. + :type id_token: list[~azure.graphrbac.models.OptionalClaim] + :param access_token: Optional claims requested to be included in the + access token. + :type access_token: list[~azure.graphrbac.models.OptionalClaim] + :param saml_token: Optional claims requested to be included in the saml + token. + :type saml_token: list[~azure.graphrbac.models.OptionalClaim] + """ + + _attribute_map = { + 'id_token': {'key': 'idToken', 'type': '[OptionalClaim]'}, + 'access_token': {'key': 'accessToken', 'type': '[OptionalClaim]'}, + 'saml_token': {'key': 'samlToken', 'type': '[OptionalClaim]'}, + } + + def __init__(self, *, id_token=None, access_token=None, saml_token=None, **kwargs) -> None: + super(OptionalClaims, self).__init__(**kwargs) + self.id_token = id_token + self.access_token = access_token + self.saml_token = saml_token diff --git a/azure-graphrbac/azure/graphrbac/models/pre_authorized_application.py b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application.py new file mode 100644 index 000000000000..b29b2a4e96e5 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application.py @@ -0,0 +1,39 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class PreAuthorizedApplication(Model): + """Contains information about pre authorized client application. + + :param app_id: Represents the application id. + :type app_id: str + :param permissions: Collection of required app permissions/entitlements + from the resource application. + :type permissions: + list[~azure.graphrbac.models.PreAuthorizedApplicationPermission] + :param extensions: Collection of extensions from the resource application. + :type extensions: + list[~azure.graphrbac.models.PreAuthorizedApplicationExtension] + """ + + _attribute_map = { + 'app_id': {'key': 'appId', 'type': 'str'}, + 'permissions': {'key': 'permissions', 'type': '[PreAuthorizedApplicationPermission]'}, + 'extensions': {'key': 'extensions', 'type': '[PreAuthorizedApplicationExtension]'}, + } + + def __init__(self, **kwargs): + super(PreAuthorizedApplication, self).__init__(**kwargs) + self.app_id = kwargs.get('app_id', None) + self.permissions = kwargs.get('permissions', None) + self.extensions = kwargs.get('extensions', None) diff --git a/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_extension.py b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_extension.py new file mode 100644 index 000000000000..8ec8d4124fbf --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_extension.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class PreAuthorizedApplicationExtension(Model): + """Representation of an app PreAuthorizedApplicationExtension required by a + pre authorized client app. + + :param conditions: The extension's conditions. + :type conditions: list[str] + """ + + _attribute_map = { + 'conditions': {'key': 'conditions', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(PreAuthorizedApplicationExtension, self).__init__(**kwargs) + self.conditions = kwargs.get('conditions', None) diff --git a/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_extension_py3.py b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_extension_py3.py new file mode 100644 index 000000000000..060fbdf41396 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_extension_py3.py @@ -0,0 +1,29 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class PreAuthorizedApplicationExtension(Model): + """Representation of an app PreAuthorizedApplicationExtension required by a + pre authorized client app. + + :param conditions: The extension's conditions. + :type conditions: list[str] + """ + + _attribute_map = { + 'conditions': {'key': 'conditions', 'type': '[str]'}, + } + + def __init__(self, *, conditions=None, **kwargs) -> None: + super(PreAuthorizedApplicationExtension, self).__init__(**kwargs) + self.conditions = conditions diff --git a/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_permission.py b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_permission.py new file mode 100644 index 000000000000..04c4420a2dbb --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_permission.py @@ -0,0 +1,33 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class PreAuthorizedApplicationPermission(Model): + """Contains information about the pre-authorized permissions. + + :param direct_access_grant: Indicates whether the permission set is + DirectAccess or impersonation. + :type direct_access_grant: bool + :param access_grants: The list of permissions. + :type access_grants: list[str] + """ + + _attribute_map = { + 'direct_access_grant': {'key': 'directAccessGrant', 'type': 'bool'}, + 'access_grants': {'key': 'accessGrants', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(PreAuthorizedApplicationPermission, self).__init__(**kwargs) + self.direct_access_grant = kwargs.get('direct_access_grant', None) + self.access_grants = kwargs.get('access_grants', None) diff --git a/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_permission_py3.py b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_permission_py3.py new file mode 100644 index 000000000000..c87d6f127b69 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_permission_py3.py @@ -0,0 +1,33 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class PreAuthorizedApplicationPermission(Model): + """Contains information about the pre-authorized permissions. + + :param direct_access_grant: Indicates whether the permission set is + DirectAccess or impersonation. + :type direct_access_grant: bool + :param access_grants: The list of permissions. + :type access_grants: list[str] + """ + + _attribute_map = { + 'direct_access_grant': {'key': 'directAccessGrant', 'type': 'bool'}, + 'access_grants': {'key': 'accessGrants', 'type': '[str]'}, + } + + def __init__(self, *, direct_access_grant: bool=None, access_grants=None, **kwargs) -> None: + super(PreAuthorizedApplicationPermission, self).__init__(**kwargs) + self.direct_access_grant = direct_access_grant + self.access_grants = access_grants diff --git a/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_py3.py b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_py3.py new file mode 100644 index 000000000000..40d90876f933 --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/pre_authorized_application_py3.py @@ -0,0 +1,39 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class PreAuthorizedApplication(Model): + """Contains information about pre authorized client application. + + :param app_id: Represents the application id. + :type app_id: str + :param permissions: Collection of required app permissions/entitlements + from the resource application. + :type permissions: + list[~azure.graphrbac.models.PreAuthorizedApplicationPermission] + :param extensions: Collection of extensions from the resource application. + :type extensions: + list[~azure.graphrbac.models.PreAuthorizedApplicationExtension] + """ + + _attribute_map = { + 'app_id': {'key': 'appId', 'type': 'str'}, + 'permissions': {'key': 'permissions', 'type': '[PreAuthorizedApplicationPermission]'}, + 'extensions': {'key': 'extensions', 'type': '[PreAuthorizedApplicationExtension]'}, + } + + def __init__(self, *, app_id: str=None, permissions=None, extensions=None, **kwargs) -> None: + super(PreAuthorizedApplication, self).__init__(**kwargs) + self.app_id = app_id + self.permissions = permissions + self.extensions = extensions diff --git a/azure-graphrbac/azure/graphrbac/models/service_principal.py b/azure-graphrbac/azure/graphrbac/models/service_principal.py index d68f9140ce40..f7542397efca 100644 --- a/azure-graphrbac/azure/graphrbac/models/service_principal.py +++ b/azure-graphrbac/azure/graphrbac/models/service_principal.py @@ -30,22 +30,76 @@ class ServicePrincipal(DirectoryObject): :vartype deletion_timestamp: datetime :param object_type: Required. Constant filled by server. :type object_type: str - :param display_name: The display name of the service principal. - :type display_name: str + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: str + :param alternative_names: altenative names + :type alternative_names: list[str] + :ivar app_display_name: The display name exposed by the associated + application. + :vartype app_display_name: str :param app_id: The application ID. :type app_id: str + :ivar app_owner_tenant_id: + :vartype app_owner_tenant_id: str + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool :param app_roles: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. :type app_roles: list[~azure.graphrbac.models.AppRole] + :param display_name: The display name of the service principal. + :type display_name: str + :param error_url: A URL provided by the author of the associated + application to report errors when using the application. + :type error_url: str + :param homepage: The URL to the homepage of the associated application. + :type homepage: str + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param logout_url: A URL provided by the author of the associated + application to logout + :type logout_url: str + :ivar oauth2_permissions: The OAuth 2.0 permissions exposed by the + associated application. + :vartype oauth2_permissions: + list[~azure.graphrbac.models.OAuth2Permission] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param preferred_token_signing_key_thumbprint: The thubmbprint of + preferred certificate to sign the token + :type preferred_token_signing_key_thumbprint: str + :param publisher_name: The publisher's name of the associated application + :type publisher_name: str + :param reply_urls: The URLs that user tokens are sent to for sign in with + the associated application. The redirect URIs that the oAuth 2.0 + authorization code and access tokens are sent to for the associated + application. + :type reply_urls: list[str] + :param saml_metadata_url: The URL to the SAML metadata of the associated + application + :type saml_metadata_url: str :param service_principal_names: A collection of service principal names. :type service_principal_names: list[str] + :param service_principal_type: the type of the servie principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] """ _validation = { 'object_id': {'readonly': True}, 'deletion_timestamp': {'readonly': True}, 'object_type': {'required': True}, + 'app_display_name': {'readonly': True}, + 'app_owner_tenant_id': {'readonly': True}, + 'oauth2_permissions': {'readonly': True}, } _attribute_map = { @@ -53,16 +107,50 @@ class ServicePrincipal(DirectoryObject): 'object_id': {'key': 'objectId', 'type': 'str'}, 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, 'object_type': {'key': 'objectType', 'type': 'str'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'str'}, + 'alternative_names': {'key': 'alternativeNames', 'type': '[str]'}, + 'app_display_name': {'key': 'appDisplayName', 'type': 'str'}, 'app_id': {'key': 'appId', 'type': 'str'}, + 'app_owner_tenant_id': {'key': 'appOwnerTenantId', 'type': 'str'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'preferred_token_signing_key_thumbprint': {'key': 'preferredTokenSigningKeyThumbprint', 'type': 'str'}, + 'publisher_name': {'key': 'publisherName', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, 'service_principal_names': {'key': 'servicePrincipalNames', 'type': '[str]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, } def __init__(self, **kwargs): super(ServicePrincipal, self).__init__(**kwargs) - self.display_name = kwargs.get('display_name', None) + self.account_enabled = kwargs.get('account_enabled', None) + self.alternative_names = kwargs.get('alternative_names', None) + self.app_display_name = None self.app_id = kwargs.get('app_id', None) + self.app_owner_tenant_id = None + self.app_role_assignment_required = kwargs.get('app_role_assignment_required', None) self.app_roles = kwargs.get('app_roles', None) + self.display_name = kwargs.get('display_name', None) + self.error_url = kwargs.get('error_url', None) + self.homepage = kwargs.get('homepage', None) + self.key_credentials = kwargs.get('key_credentials', None) + self.logout_url = kwargs.get('logout_url', None) + self.oauth2_permissions = None + self.password_credentials = kwargs.get('password_credentials', None) + self.preferred_token_signing_key_thumbprint = kwargs.get('preferred_token_signing_key_thumbprint', None) + self.publisher_name = kwargs.get('publisher_name', None) + self.reply_urls = kwargs.get('reply_urls', None) + self.saml_metadata_url = kwargs.get('saml_metadata_url', None) self.service_principal_names = kwargs.get('service_principal_names', None) + self.service_principal_type = kwargs.get('service_principal_type', None) + self.tags = kwargs.get('tags', None) self.object_type = 'ServicePrincipal' diff --git a/azure-graphrbac/azure/graphrbac/models/service_principal_base.py b/azure-graphrbac/azure/graphrbac/models/service_principal_base.py new file mode 100644 index 000000000000..9fe3cc28c87a --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/service_principal_base.py @@ -0,0 +1,56 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ServicePrincipalBase(Model): + """Active Directory service principal common perperties shared among GET, POST + and PATCH. + + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: str + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param service_principal_type: the type of the servie principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + """ + + _attribute_map = { + 'account_enabled': {'key': 'accountEnabled', 'type': 'str'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + } + + def __init__(self, **kwargs): + super(ServicePrincipalBase, self).__init__(**kwargs) + self.account_enabled = kwargs.get('account_enabled', None) + self.app_role_assignment_required = kwargs.get('app_role_assignment_required', None) + self.key_credentials = kwargs.get('key_credentials', None) + self.password_credentials = kwargs.get('password_credentials', None) + self.service_principal_type = kwargs.get('service_principal_type', None) + self.tags = kwargs.get('tags', None) diff --git a/azure-graphrbac/azure/graphrbac/models/service_principal_base_py3.py b/azure-graphrbac/azure/graphrbac/models/service_principal_base_py3.py new file mode 100644 index 000000000000..4c16c5cc0ced --- /dev/null +++ b/azure-graphrbac/azure/graphrbac/models/service_principal_base_py3.py @@ -0,0 +1,56 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model + + +class ServicePrincipalBase(Model): + """Active Directory service principal common perperties shared among GET, POST + and PATCH. + + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: str + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param service_principal_type: the type of the servie principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] + """ + + _attribute_map = { + 'account_enabled': {'key': 'accountEnabled', 'type': 'str'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, + } + + def __init__(self, *, account_enabled: str=None, app_role_assignment_required: bool=None, key_credentials=None, password_credentials=None, service_principal_type: str=None, tags=None, **kwargs) -> None: + super(ServicePrincipalBase, self).__init__(**kwargs) + self.account_enabled = account_enabled + self.app_role_assignment_required = app_role_assignment_required + self.key_credentials = key_credentials + self.password_credentials = password_credentials + self.service_principal_type = service_principal_type + self.tags = tags diff --git a/azure-graphrbac/azure/graphrbac/models/service_principal_create_parameters.py b/azure-graphrbac/azure/graphrbac/models/service_principal_create_parameters.py index 40661faa8b45..5fa832186639 100644 --- a/azure-graphrbac/azure/graphrbac/models/service_principal_create_parameters.py +++ b/azure-graphrbac/azure/graphrbac/models/service_principal_create_parameters.py @@ -9,47 +9,35 @@ # regenerated. # -------------------------------------------------------------------------- -from msrest.serialization import Model +from .service_principal_base import ServicePrincipalBase -class ServicePrincipalCreateParameters(Model): +class ServicePrincipalCreateParameters(ServicePrincipalBase): """Request parameters for creating a new service principal. All required parameters must be populated in order to send to Azure. - :param additional_properties: Unmatched properties from the message are - deserialized this collection - :type additional_properties: dict[str, object] - :param account_enabled: Whether the account is enabled - :type account_enabled: bool - :param app_id: Required. application Id - :type app_id: str + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: str :param app_role_assignment_required: Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. :type app_role_assignment_required: bool - :param display_name: The display name for the service principal. - :type display_name: str - :param error_url: - :type error_url: str - :param homepage: The URL to the homepage of the associated application. - :type homepage: str - :param key_credentials: A collection of KeyCredential objects. + :param key_credentials: The collection of key credentials associated with + the service principal. :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: A collection of PasswordCredential objects + :param password_credentials: The collection of password credentials + associated with the service principal. :type password_credentials: list[~azure.graphrbac.models.PasswordCredential] - :param publisher_name: The display name of the tenant in which the - associated application is specified. - :type publisher_name: str - :param reply_urls: A collection of reply URLs for the service principal. - :type reply_urls: list[str] - :param saml_metadata_url: - :type saml_metadata_url: str - :param service_principal_names: A collection of service principal names. - :type service_principal_names: list[str] - :param tags: + :param service_principal_type: the type of the servie principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. :type tags: list[str] + :param app_id: Required. The application ID. + :type app_id: str """ _validation = { @@ -57,35 +45,15 @@ class ServicePrincipalCreateParameters(Model): } _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, - 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, - 'app_id': {'key': 'appId', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'str'}, 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'error_url': {'key': 'errorUrl', 'type': 'str'}, - 'homepage': {'key': 'homepage', 'type': 'str'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, - 'publisher_name': {'key': 'publisherName', 'type': 'str'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, - 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, - 'service_principal_names': {'key': 'servicePrincipalNames', 'type': '[str]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, 'tags': {'key': 'tags', 'type': '[str]'}, + 'app_id': {'key': 'appId', 'type': 'str'}, } def __init__(self, **kwargs): super(ServicePrincipalCreateParameters, self).__init__(**kwargs) - self.additional_properties = kwargs.get('additional_properties', None) - self.account_enabled = kwargs.get('account_enabled', None) self.app_id = kwargs.get('app_id', None) - self.app_role_assignment_required = kwargs.get('app_role_assignment_required', None) - self.display_name = kwargs.get('display_name', None) - self.error_url = kwargs.get('error_url', None) - self.homepage = kwargs.get('homepage', None) - self.key_credentials = kwargs.get('key_credentials', None) - self.password_credentials = kwargs.get('password_credentials', None) - self.publisher_name = kwargs.get('publisher_name', None) - self.reply_urls = kwargs.get('reply_urls', None) - self.saml_metadata_url = kwargs.get('saml_metadata_url', None) - self.service_principal_names = kwargs.get('service_principal_names', None) - self.tags = kwargs.get('tags', None) diff --git a/azure-graphrbac/azure/graphrbac/models/service_principal_create_parameters_py3.py b/azure-graphrbac/azure/graphrbac/models/service_principal_create_parameters_py3.py index ee22eac837f2..f67c72e394cc 100644 --- a/azure-graphrbac/azure/graphrbac/models/service_principal_create_parameters_py3.py +++ b/azure-graphrbac/azure/graphrbac/models/service_principal_create_parameters_py3.py @@ -9,47 +9,35 @@ # regenerated. # -------------------------------------------------------------------------- -from msrest.serialization import Model +from .service_principal_base_py3 import ServicePrincipalBase -class ServicePrincipalCreateParameters(Model): +class ServicePrincipalCreateParameters(ServicePrincipalBase): """Request parameters for creating a new service principal. All required parameters must be populated in order to send to Azure. - :param additional_properties: Unmatched properties from the message are - deserialized this collection - :type additional_properties: dict[str, object] - :param account_enabled: Whether the account is enabled - :type account_enabled: bool - :param app_id: Required. application Id - :type app_id: str + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: str :param app_role_assignment_required: Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. :type app_role_assignment_required: bool - :param display_name: The display name for the service principal. - :type display_name: str - :param error_url: - :type error_url: str - :param homepage: The URL to the homepage of the associated application. - :type homepage: str - :param key_credentials: A collection of KeyCredential objects. + :param key_credentials: The collection of key credentials associated with + the service principal. :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: A collection of PasswordCredential objects + :param password_credentials: The collection of password credentials + associated with the service principal. :type password_credentials: list[~azure.graphrbac.models.PasswordCredential] - :param publisher_name: The display name of the tenant in which the - associated application is specified. - :type publisher_name: str - :param reply_urls: A collection of reply URLs for the service principal. - :type reply_urls: list[str] - :param saml_metadata_url: - :type saml_metadata_url: str - :param service_principal_names: A collection of service principal names. - :type service_principal_names: list[str] - :param tags: + :param service_principal_type: the type of the servie principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. :type tags: list[str] + :param app_id: Required. The application ID. + :type app_id: str """ _validation = { @@ -57,35 +45,15 @@ class ServicePrincipalCreateParameters(Model): } _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, - 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, - 'app_id': {'key': 'appId', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'str'}, 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'error_url': {'key': 'errorUrl', 'type': 'str'}, - 'homepage': {'key': 'homepage', 'type': 'str'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, - 'publisher_name': {'key': 'publisherName', 'type': 'str'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, - 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, - 'service_principal_names': {'key': 'servicePrincipalNames', 'type': '[str]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, 'tags': {'key': 'tags', 'type': '[str]'}, + 'app_id': {'key': 'appId', 'type': 'str'}, } - def __init__(self, *, app_id: str, additional_properties=None, account_enabled: bool=None, app_role_assignment_required: bool=None, display_name: str=None, error_url: str=None, homepage: str=None, key_credentials=None, password_credentials=None, publisher_name: str=None, reply_urls=None, saml_metadata_url: str=None, service_principal_names=None, tags=None, **kwargs) -> None: - super(ServicePrincipalCreateParameters, self).__init__(**kwargs) - self.additional_properties = additional_properties - self.account_enabled = account_enabled + def __init__(self, *, app_id: str, account_enabled: str=None, app_role_assignment_required: bool=None, key_credentials=None, password_credentials=None, service_principal_type: str=None, tags=None, **kwargs) -> None: + super(ServicePrincipalCreateParameters, self).__init__(account_enabled=account_enabled, app_role_assignment_required=app_role_assignment_required, key_credentials=key_credentials, password_credentials=password_credentials, service_principal_type=service_principal_type, tags=tags, **kwargs) self.app_id = app_id - self.app_role_assignment_required = app_role_assignment_required - self.display_name = display_name - self.error_url = error_url - self.homepage = homepage - self.key_credentials = key_credentials - self.password_credentials = password_credentials - self.publisher_name = publisher_name - self.reply_urls = reply_urls - self.saml_metadata_url = saml_metadata_url - self.service_principal_names = service_principal_names - self.tags = tags diff --git a/azure-graphrbac/azure/graphrbac/models/service_principal_py3.py b/azure-graphrbac/azure/graphrbac/models/service_principal_py3.py index d9dce61da9b8..88f59e18b400 100644 --- a/azure-graphrbac/azure/graphrbac/models/service_principal_py3.py +++ b/azure-graphrbac/azure/graphrbac/models/service_principal_py3.py @@ -30,22 +30,76 @@ class ServicePrincipal(DirectoryObject): :vartype deletion_timestamp: datetime :param object_type: Required. Constant filled by server. :type object_type: str - :param display_name: The display name of the service principal. - :type display_name: str + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: str + :param alternative_names: altenative names + :type alternative_names: list[str] + :ivar app_display_name: The display name exposed by the associated + application. + :vartype app_display_name: str :param app_id: The application ID. :type app_id: str + :ivar app_owner_tenant_id: + :vartype app_owner_tenant_id: str + :param app_role_assignment_required: Specifies whether an + AppRoleAssignment to a user or group is required before Azure AD will + issue a user or access token to the application. + :type app_role_assignment_required: bool :param app_roles: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. :type app_roles: list[~azure.graphrbac.models.AppRole] + :param display_name: The display name of the service principal. + :type display_name: str + :param error_url: A URL provided by the author of the associated + application to report errors when using the application. + :type error_url: str + :param homepage: The URL to the homepage of the associated application. + :type homepage: str + :param key_credentials: The collection of key credentials associated with + the service principal. + :type key_credentials: list[~azure.graphrbac.models.KeyCredential] + :param logout_url: A URL provided by the author of the associated + application to logout + :type logout_url: str + :ivar oauth2_permissions: The OAuth 2.0 permissions exposed by the + associated application. + :vartype oauth2_permissions: + list[~azure.graphrbac.models.OAuth2Permission] + :param password_credentials: The collection of password credentials + associated with the service principal. + :type password_credentials: + list[~azure.graphrbac.models.PasswordCredential] + :param preferred_token_signing_key_thumbprint: The thubmbprint of + preferred certificate to sign the token + :type preferred_token_signing_key_thumbprint: str + :param publisher_name: The publisher's name of the associated application + :type publisher_name: str + :param reply_urls: The URLs that user tokens are sent to for sign in with + the associated application. The redirect URIs that the oAuth 2.0 + authorization code and access tokens are sent to for the associated + application. + :type reply_urls: list[str] + :param saml_metadata_url: The URL to the SAML metadata of the associated + application + :type saml_metadata_url: str :param service_principal_names: A collection of service principal names. :type service_principal_names: list[str] + :param service_principal_type: the type of the servie principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. + :type tags: list[str] """ _validation = { 'object_id': {'readonly': True}, 'deletion_timestamp': {'readonly': True}, 'object_type': {'required': True}, + 'app_display_name': {'readonly': True}, + 'app_owner_tenant_id': {'readonly': True}, + 'oauth2_permissions': {'readonly': True}, } _attribute_map = { @@ -53,16 +107,50 @@ class ServicePrincipal(DirectoryObject): 'object_id': {'key': 'objectId', 'type': 'str'}, 'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'}, 'object_type': {'key': 'objectType', 'type': 'str'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'str'}, + 'alternative_names': {'key': 'alternativeNames', 'type': '[str]'}, + 'app_display_name': {'key': 'appDisplayName', 'type': 'str'}, 'app_id': {'key': 'appId', 'type': 'str'}, + 'app_owner_tenant_id': {'key': 'appOwnerTenantId', 'type': 'str'}, + 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, 'app_roles': {'key': 'appRoles', 'type': '[AppRole]'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'error_url': {'key': 'errorUrl', 'type': 'str'}, + 'homepage': {'key': 'homepage', 'type': 'str'}, + 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, + 'logout_url': {'key': 'logoutUrl', 'type': 'str'}, + 'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'}, + 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, + 'preferred_token_signing_key_thumbprint': {'key': 'preferredTokenSigningKeyThumbprint', 'type': 'str'}, + 'publisher_name': {'key': 'publisherName', 'type': 'str'}, + 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, + 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, 'service_principal_names': {'key': 'servicePrincipalNames', 'type': '[str]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '[str]'}, } - def __init__(self, *, additional_properties=None, display_name: str=None, app_id: str=None, app_roles=None, service_principal_names=None, **kwargs) -> None: + def __init__(self, *, additional_properties=None, account_enabled: str=None, alternative_names=None, app_id: str=None, app_role_assignment_required: bool=None, app_roles=None, display_name: str=None, error_url: str=None, homepage: str=None, key_credentials=None, logout_url: str=None, password_credentials=None, preferred_token_signing_key_thumbprint: str=None, publisher_name: str=None, reply_urls=None, saml_metadata_url: str=None, service_principal_names=None, service_principal_type: str=None, tags=None, **kwargs) -> None: super(ServicePrincipal, self).__init__(additional_properties=additional_properties, **kwargs) - self.display_name = display_name + self.account_enabled = account_enabled + self.alternative_names = alternative_names + self.app_display_name = None self.app_id = app_id + self.app_owner_tenant_id = None + self.app_role_assignment_required = app_role_assignment_required self.app_roles = app_roles + self.display_name = display_name + self.error_url = error_url + self.homepage = homepage + self.key_credentials = key_credentials + self.logout_url = logout_url + self.oauth2_permissions = None + self.password_credentials = password_credentials + self.preferred_token_signing_key_thumbprint = preferred_token_signing_key_thumbprint + self.publisher_name = publisher_name + self.reply_urls = reply_urls + self.saml_metadata_url = saml_metadata_url self.service_principal_names = service_principal_names + self.service_principal_type = service_principal_type + self.tags = tags self.object_type = 'ServicePrincipal' diff --git a/azure-graphrbac/azure/graphrbac/models/service_principal_update_parameters.py b/azure-graphrbac/azure/graphrbac/models/service_principal_update_parameters.py index 80b66ea3e4a1..115da030b044 100644 --- a/azure-graphrbac/azure/graphrbac/models/service_principal_update_parameters.py +++ b/azure-graphrbac/azure/graphrbac/models/service_principal_update_parameters.py @@ -9,77 +9,41 @@ # regenerated. # -------------------------------------------------------------------------- -from msrest.serialization import Model +from .service_principal_base import ServicePrincipalBase -class ServicePrincipalUpdateParameters(Model): - """Request parameters for creating a new service principal. +class ServicePrincipalUpdateParameters(ServicePrincipalBase): + """Request parameters for update an existing service principal. - :param additional_properties: Unmatched properties from the message are - deserialized this collection - :type additional_properties: dict[str, object] - :param account_enabled: Whether the account is enabled - :type account_enabled: bool - :param app_id: application Id - :type app_id: str + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: str :param app_role_assignment_required: Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. :type app_role_assignment_required: bool - :param display_name: The display name for the service principal. - :type display_name: str - :param error_url: - :type error_url: str - :param homepage: The URL to the homepage of the associated application. - :type homepage: str - :param key_credentials: A collection of KeyCredential objects. + :param key_credentials: The collection of key credentials associated with + the service principal. :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: A collection of PasswordCredential objects + :param password_credentials: The collection of password credentials + associated with the service principal. :type password_credentials: list[~azure.graphrbac.models.PasswordCredential] - :param publisher_name: The display name of the tenant in which the - associated application is specified. - :type publisher_name: str - :param reply_urls: A collection of reply URLs for the service principal. - :type reply_urls: list[str] - :param saml_metadata_url: - :type saml_metadata_url: str - :param service_principal_names: A collection of service principal names. - :type service_principal_names: list[str] - :param tags: + :param service_principal_type: the type of the servie principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. :type tags: list[str] """ _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, - 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, - 'app_id': {'key': 'appId', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'str'}, 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'error_url': {'key': 'errorUrl', 'type': 'str'}, - 'homepage': {'key': 'homepage', 'type': 'str'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, - 'publisher_name': {'key': 'publisherName', 'type': 'str'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, - 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, - 'service_principal_names': {'key': 'servicePrincipalNames', 'type': '[str]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, 'tags': {'key': 'tags', 'type': '[str]'}, } def __init__(self, **kwargs): super(ServicePrincipalUpdateParameters, self).__init__(**kwargs) - self.additional_properties = kwargs.get('additional_properties', None) - self.account_enabled = kwargs.get('account_enabled', None) - self.app_id = kwargs.get('app_id', None) - self.app_role_assignment_required = kwargs.get('app_role_assignment_required', None) - self.display_name = kwargs.get('display_name', None) - self.error_url = kwargs.get('error_url', None) - self.homepage = kwargs.get('homepage', None) - self.key_credentials = kwargs.get('key_credentials', None) - self.password_credentials = kwargs.get('password_credentials', None) - self.publisher_name = kwargs.get('publisher_name', None) - self.reply_urls = kwargs.get('reply_urls', None) - self.saml_metadata_url = kwargs.get('saml_metadata_url', None) - self.service_principal_names = kwargs.get('service_principal_names', None) - self.tags = kwargs.get('tags', None) diff --git a/azure-graphrbac/azure/graphrbac/models/service_principal_update_parameters_py3.py b/azure-graphrbac/azure/graphrbac/models/service_principal_update_parameters_py3.py index 65312edc9dab..685a63cb9262 100644 --- a/azure-graphrbac/azure/graphrbac/models/service_principal_update_parameters_py3.py +++ b/azure-graphrbac/azure/graphrbac/models/service_principal_update_parameters_py3.py @@ -9,77 +9,41 @@ # regenerated. # -------------------------------------------------------------------------- -from msrest.serialization import Model +from .service_principal_base_py3 import ServicePrincipalBase -class ServicePrincipalUpdateParameters(Model): - """Request parameters for creating a new service principal. +class ServicePrincipalUpdateParameters(ServicePrincipalBase): + """Request parameters for update an existing service principal. - :param additional_properties: Unmatched properties from the message are - deserialized this collection - :type additional_properties: dict[str, object] - :param account_enabled: Whether the account is enabled - :type account_enabled: bool - :param app_id: application Id - :type app_id: str + :param account_enabled: whether or not the service principal account is + enabled + :type account_enabled: str :param app_role_assignment_required: Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. :type app_role_assignment_required: bool - :param display_name: The display name for the service principal. - :type display_name: str - :param error_url: - :type error_url: str - :param homepage: The URL to the homepage of the associated application. - :type homepage: str - :param key_credentials: A collection of KeyCredential objects. + :param key_credentials: The collection of key credentials associated with + the service principal. :type key_credentials: list[~azure.graphrbac.models.KeyCredential] - :param password_credentials: A collection of PasswordCredential objects + :param password_credentials: The collection of password credentials + associated with the service principal. :type password_credentials: list[~azure.graphrbac.models.PasswordCredential] - :param publisher_name: The display name of the tenant in which the - associated application is specified. - :type publisher_name: str - :param reply_urls: A collection of reply URLs for the service principal. - :type reply_urls: list[str] - :param saml_metadata_url: - :type saml_metadata_url: str - :param service_principal_names: A collection of service principal names. - :type service_principal_names: list[str] - :param tags: + :param service_principal_type: the type of the servie principal + :type service_principal_type: str + :param tags: Optional list of tags that you can apply to your service + principals. Not nullable. :type tags: list[str] """ _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, - 'account_enabled': {'key': 'accountEnabled', 'type': 'bool'}, - 'app_id': {'key': 'appId', 'type': 'str'}, + 'account_enabled': {'key': 'accountEnabled', 'type': 'str'}, 'app_role_assignment_required': {'key': 'appRoleAssignmentRequired', 'type': 'bool'}, - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'error_url': {'key': 'errorUrl', 'type': 'str'}, - 'homepage': {'key': 'homepage', 'type': 'str'}, 'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'}, 'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'}, - 'publisher_name': {'key': 'publisherName', 'type': 'str'}, - 'reply_urls': {'key': 'replyUrls', 'type': '[str]'}, - 'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'}, - 'service_principal_names': {'key': 'servicePrincipalNames', 'type': '[str]'}, + 'service_principal_type': {'key': 'servicePrincipalType', 'type': 'str'}, 'tags': {'key': 'tags', 'type': '[str]'}, } - def __init__(self, *, additional_properties=None, account_enabled: bool=None, app_id: str=None, app_role_assignment_required: bool=None, display_name: str=None, error_url: str=None, homepage: str=None, key_credentials=None, password_credentials=None, publisher_name: str=None, reply_urls=None, saml_metadata_url: str=None, service_principal_names=None, tags=None, **kwargs) -> None: - super(ServicePrincipalUpdateParameters, self).__init__(**kwargs) - self.additional_properties = additional_properties - self.account_enabled = account_enabled - self.app_id = app_id - self.app_role_assignment_required = app_role_assignment_required - self.display_name = display_name - self.error_url = error_url - self.homepage = homepage - self.key_credentials = key_credentials - self.password_credentials = password_credentials - self.publisher_name = publisher_name - self.reply_urls = reply_urls - self.saml_metadata_url = saml_metadata_url - self.service_principal_names = service_principal_names - self.tags = tags + def __init__(self, *, account_enabled: str=None, app_role_assignment_required: bool=None, key_credentials=None, password_credentials=None, service_principal_type: str=None, tags=None, **kwargs) -> None: + super(ServicePrincipalUpdateParameters, self).__init__(account_enabled=account_enabled, app_role_assignment_required=app_role_assignment_required, key_credentials=key_credentials, password_credentials=password_credentials, service_principal_type=service_principal_type, tags=tags, **kwargs) diff --git a/azure-graphrbac/azure/graphrbac/operations/__init__.py b/azure-graphrbac/azure/graphrbac/operations/__init__.py index 8ca6c17b5fa2..9da12da17c41 100644 --- a/azure-graphrbac/azure/graphrbac/operations/__init__.py +++ b/azure-graphrbac/azure/graphrbac/operations/__init__.py @@ -17,7 +17,7 @@ from .users_operations import UsersOperations from .objects_operations import ObjectsOperations from .domains_operations import DomainsOperations -from .oauth2_operations import OAuth2Operations +from .oauth2_permission_grant_operations import OAuth2PermissionGrantOperations __all__ = [ 'SignedInUserOperations', @@ -28,5 +28,5 @@ 'UsersOperations', 'ObjectsOperations', 'DomainsOperations', - 'OAuth2Operations', + 'OAuth2PermissionGrantOperations', ] diff --git a/azure-graphrbac/azure/graphrbac/operations/oauth2_operations.py b/azure-graphrbac/azure/graphrbac/operations/oauth2_permission_grant_operations.py similarity index 51% rename from azure-graphrbac/azure/graphrbac/operations/oauth2_operations.py rename to azure-graphrbac/azure/graphrbac/operations/oauth2_permission_grant_operations.py index 93034ae018d9..25df8716191a 100644 --- a/azure-graphrbac/azure/graphrbac/operations/oauth2_operations.py +++ b/azure-graphrbac/azure/graphrbac/operations/oauth2_permission_grant_operations.py @@ -16,8 +16,8 @@ from .. import models -class OAuth2Operations(object): - """OAuth2Operations operations. +class OAuth2PermissionGrantOperations(object): + """OAuth2PermissionGrantOperations operations. :param client: Client for service requests. :param config: Configuration of service client. @@ -37,9 +37,10 @@ def __init__(self, client, config, serializer, deserializer): self.config = config - def get( + def list( self, filter=None, custom_headers=None, raw=False, **operation_config): - """Queries OAuth2 permissions for the relevant SP ObjectId of an app. + """Queries OAuth2 permissions grants for the relevant SP ObjectId of an + app. :param filter: This is the Service Principal ObjectId associated with the app @@ -49,13 +50,88 @@ def get( deserialized response :param operation_config: :ref:`Operation configuration overrides`. - :return: Permissions or ClientRawResponse if raw=true - :rtype: ~azure.graphrbac.models.Permissions or + :return: An iterator like instance of OAuth2PermissionGrant + :rtype: + ~azure.graphrbac.models.OAuth2PermissionGrantPaged[~azure.graphrbac.models.OAuth2PermissionGrant] + :raises: :class:`CloudError` + """ + def internal_paging(next_link=None, raw=False): + + if not next_link: + # Construct URL + url = self.list.metadata['url'] + path_format_arguments = { + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + if filter is not None: + query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + else: + url = '/{tenantID}/{nextLink}' + path_format_arguments = { + 'nextLink': self._serialize.url("next_link", next_link, 'str', skip_quote=True), + 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + return response + + # Deserialize response + deserialized = models.OAuth2PermissionGrantPaged(internal_paging, self._deserialize.dependencies) + + if raw: + header_dict = {} + client_raw_response = models.OAuth2PermissionGrantPaged(internal_paging, self._deserialize.dependencies, header_dict) + return client_raw_response + + return deserialized + list.metadata = {'url': '/{tenantID}/oauth2PermissionGrants'} + + def create( + self, body=None, custom_headers=None, raw=False, **operation_config): + """Grants OAuth2 permissions for the relevant resource Ids of an app. + + :param body: The relevant app Service Principal Object Id and the + Service Principal Object Id you want to grant. + :type body: ~azure.graphrbac.models.OAuth2PermissionGrant + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: OAuth2PermissionGrant or ClientRawResponse if raw=true + :rtype: ~azure.graphrbac.models.OAuth2PermissionGrant or ~msrest.pipeline.ClientRawResponse :raises: :class:`CloudError` """ # Construct URL - url = self.get.metadata['url'] + url = self.create.metadata['url'] path_format_arguments = { 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') } @@ -63,13 +139,12 @@ def get( # Construct parameters query_parameters = {} - if filter is not None: - query_parameters['$filter'] = self._serialize.query("filter", filter, 'str') query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') # Construct headers header_parameters = {} header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -77,47 +152,54 @@ def get( if self.config.accept_language is not None: header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + # Construct body + if body is not None: + body_content = self._serialize.body(body, 'OAuth2PermissionGrant') + else: + body_content = None + # Construct and send request - request = self._client.get(url, query_parameters, header_parameters) + request = self._client.post(url, query_parameters, header_parameters, body_content) response = self._client.send(request, stream=False, **operation_config) - if response.status_code not in [200]: + if response.status_code not in [201]: exp = CloudError(response) exp.request_id = response.headers.get('x-ms-request-id') raise exp deserialized = None - if response.status_code == 200: - deserialized = self._deserialize('Permissions', response) + if response.status_code == 201: + deserialized = self._deserialize('OAuth2PermissionGrant', response) if raw: client_raw_response = ClientRawResponse(deserialized, response) return client_raw_response return deserialized - get.metadata = {'url': '/{tenantID}/oauth2PermissionGrants'} + create.metadata = {'url': '/{tenantID}/oauth2PermissionGrants'} - def grant( - self, body=None, custom_headers=None, raw=False, **operation_config): - """Grants OAuth2 permissions for the relevant resource Ids of an app. + def delete( + self, object_id, custom_headers=None, raw=False, **operation_config): + """Delete a OAuth2 permission grant for the relevant resource Ids of an + app. - :param body: The relevant app Service Principal Object Id and the - Service Principal Object Id you want to grant. - :type body: ~azure.graphrbac.models.Permissions + :param object_id: The object ID of a permission grant. + :type object_id: str :param dict custom_headers: headers that will be added to the request :param bool raw: returns the direct response alongside the deserialized response :param operation_config: :ref:`Operation configuration overrides`. - :return: Permissions or ClientRawResponse if raw=true - :rtype: ~azure.graphrbac.models.Permissions or - ~msrest.pipeline.ClientRawResponse - :raises: :class:`CloudError` + :return: None or ClientRawResponse if raw=true + :rtype: None or ~msrest.pipeline.ClientRawResponse + :raises: + :class:`GraphErrorException` """ # Construct URL - url = self.grant.metadata['url'] + url = self.delete.metadata['url'] path_format_arguments = { + 'objectId': self._serialize.url("object_id", object_id, 'str'), 'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str') } url = self._client.format_url(url, **path_format_arguments) @@ -128,8 +210,6 @@ def grant( # Construct headers header_parameters = {} - header_parameters['Accept'] = 'application/json' - header_parameters['Content-Type'] = 'application/json; charset=utf-8' if self.config.generate_client_request_id: header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) if custom_headers: @@ -137,29 +217,14 @@ def grant( if self.config.accept_language is not None: header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') - # Construct body - if body is not None: - body_content = self._serialize.body(body, 'Permissions') - else: - body_content = None - # Construct and send request - request = self._client.post(url, query_parameters, header_parameters, body_content) + request = self._client.delete(url, query_parameters, header_parameters) response = self._client.send(request, stream=False, **operation_config) - if response.status_code not in [201]: - exp = CloudError(response) - exp.request_id = response.headers.get('x-ms-request-id') - raise exp - - deserialized = None - - if response.status_code == 201: - deserialized = self._deserialize('Permissions', response) + if response.status_code not in [204]: + raise models.GraphErrorException(self._deserialize, response) if raw: - client_raw_response = ClientRawResponse(deserialized, response) + client_raw_response = ClientRawResponse(None, response) return client_raw_response - - return deserialized - grant.metadata = {'url': '/{tenantID}/oauth2PermissionGrants'} + delete.metadata = {'url': '/{tenantID}/oauth2PermissionGrants/{objectId}'}