From 2e0864bfb0c7698bd54cfc0e3922109a6d9e24d6 Mon Sep 17 00:00:00 2001 From: kt Date: Mon, 10 Jun 2019 08:29:54 -0700 Subject: [PATCH] Upgrade azure-sdk-for-go to v29.0.0 (#102) --- azuread/config.go | 5 +- azuread/data_application.go | 13 +- azuread/data_application_test.go | 2 +- azuread/helpers/ar/sender.go | 57 + azuread/resource_application.go | 88 +- azuread/resource_application_test.go | 10 +- azuread/resource_service_principal.go | 29 +- go.mod | 8 +- go.sum | 14 +- .../graphrbac/1.6/graphrbac/applications.go | 79 +- .../graphrbac/1.6/graphrbac/models.go | 1844 +++++++++-------- .../graphrbac/1.6/graphrbac/oauth2.go | 197 -- .../1.6/graphrbac/oauth2permissiongrant.go | 369 ++++ .../Azure/azure-sdk-for-go/version/version.go | 2 +- .../Azure/go-autorest/autorest/adal/token.go | 2 +- .../go-autorest/autorest/adal/version.go | 12 +- .../go-autorest/autorest/authorization.go | 27 + .../Azure/go-autorest/autorest/azure/async.go | 10 +- .../go-autorest/autorest/azure/cli/token.go | 8 +- .../autorest/azure/environments.go | 13 +- .../Azure/go-autorest/autorest/client.go | 6 + .../Azure/go-autorest/autorest/version.go | 2 +- vendor/github.com/google/uuid/README.md | 4 - vendor/github.com/google/uuid/go.mod | 1 + vendor/github.com/google/uuid/hash.go | 2 +- vendor/github.com/google/uuid/marshal.go | 2 - vendor/github.com/google/uuid/node.go | 33 +- vendor/github.com/google/uuid/node_js.go | 12 + vendor/github.com/google/uuid/node_net.go | 33 + vendor/github.com/google/uuid/time.go | 6 +- vendor/github.com/google/uuid/uuid.go | 92 +- vendor/github.com/google/uuid/version4.go | 2 +- .../authentication/auth_method.go | 2 +- .../auth_method_azure_cli_token.go | 2 +- .../authentication/auth_method_client_cert.go | 4 +- .../auth_method_client_secret.go | 3 +- .../authentication/auth_method_msi.go | 5 +- .../go-azure-helpers/authentication/config.go | 4 +- vendor/modules.txt | 8 +- 39 files changed, 1794 insertions(+), 1218 deletions(-) create mode 100644 azuread/helpers/ar/sender.go delete mode 100644 vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/oauth2.go create mode 100644 vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/oauth2permissiongrant.go create mode 100644 vendor/github.com/google/uuid/go.mod create mode 100644 vendor/github.com/google/uuid/node_js.go create mode 100644 vendor/github.com/google/uuid/node_net.go diff --git a/azuread/config.go b/azuread/config.go index d5d9d70e70..014ced5dca 100644 --- a/azuread/config.go +++ b/azuread/config.go @@ -15,6 +15,7 @@ import ( "github.com/hashicorp/go-azure-helpers/authentication" "github.com/hashicorp/go-azure-helpers/sender" "github.com/hashicorp/terraform/httpclient" + "github.com/terraform-providers/terraform-provider-azuread/azuread/helpers/ar" "github.com/terraform-providers/terraform-provider-azuread/version" ) @@ -50,6 +51,8 @@ func getArmClient(authCfg *authentication.Config) (*ArmClient, error) { environment: *env, } + sender := ar.BuildSender() + oauthConfig, err := adal.NewOAuthConfig(env.ActiveDirectoryEndpoint, client.tenantID) if err != nil { return nil, err @@ -62,7 +65,7 @@ func getArmClient(authCfg *authentication.Config) (*ArmClient, error) { // Graph Endpoints graphEndpoint := env.GraphEndpoint - graphAuthorizer, err := authCfg.GetAuthorizationToken(oauthConfig, graphEndpoint) + graphAuthorizer, err := authCfg.GetAuthorizationToken(sender, oauthConfig, graphEndpoint) if err != nil { return nil, err } diff --git a/azuread/data_application.go b/azuread/data_application.go index 13cbb1d7fd..6ef2267e4d 100644 --- a/azuread/data_application.go +++ b/azuread/data_application.go @@ -233,19 +233,18 @@ func dataApplicationRead(d *schema.ResourceData, meta interface{}) error { return fmt.Errorf("Error setting `required_resource_access`: %+v", err) } - switch appType := app.AdditionalProperties["publicClient"]; appType { - case true: + if v := app.PublicClient; v != nil && *v { d.Set("type", "native") - default: + } else { d.Set("type", "webapp/api") } - if groupMembershipClaims, ok := app.AdditionalProperties["groupMembershipClaims"]; ok { - d.Set("group_membership_claims", groupMembershipClaims) + if err := d.Set("group_membership_claims", app.GroupMembershipClaims); err != nil { + return fmt.Errorf("Error setting `group_membership_claims`: %+v", err) } - if oauth2Permissions, ok := app.AdditionalProperties["oauth2Permissions"].([]interface{}); ok { - d.Set("oauth2_permissions", flattenADApplicationOauth2Permissions(oauth2Permissions)) + if err := d.Set("oauth2_permissions", flattenADApplicationOauth2Permissions(app.Oauth2Permissions)); err != nil { + return fmt.Errorf("Error setting `oauth2_permissions`: %+v", err) } return nil diff --git a/azuread/data_application_test.go b/azuread/data_application_test.go index e3722b4639..bef04cd035 100644 --- a/azuread/data_application_test.go +++ b/azuread/data_application_test.go @@ -32,7 +32,7 @@ func TestAccAzureADApplicationDataSource_byObjectId(t *testing.T) { resource.TestCheckResourceAttr(dataSourceName, "type", "webapp/api"), resource.TestCheckResourceAttr(dataSourceName, "oauth2_allow_implicit_flow", "false"), resource.TestCheckResourceAttr(dataSourceName, "oauth2_permissions.#", "1"), - resource.TestCheckResourceAttr(dataSourceName, "oauth2_permissions.0.admin_consent_description", fmt.Sprintf("Access %s", fmt.Sprintf("acctest%s", id))), + resource.TestCheckResourceAttr(dataSourceName, "oauth2_permissions.0.admin_consent_description", fmt.Sprintf("Allow the application to access %s on behalf of the signed-in user.", fmt.Sprintf("acctest%s", id))), resource.TestCheckResourceAttrSet(dataSourceName, "application_id"), ), }, diff --git a/azuread/helpers/ar/sender.go b/azuread/helpers/ar/sender.go new file mode 100644 index 0000000000..55be052378 --- /dev/null +++ b/azuread/helpers/ar/sender.go @@ -0,0 +1,57 @@ +package ar + +import ( + "log" + "net/http" + "net/http/httputil" + + "github.com/Azure/go-autorest/autorest" +) + +func BuildSender() autorest.Sender { + return autorest.DecorateSender(&http.Client{ + Transport: &http.Transport{ + Proxy: http.ProxyFromEnvironment, + }, + }, withRequestLogging()) +} + +func withRequestLogging() autorest.SendDecorator { + return func(s autorest.Sender) autorest.Sender { + return autorest.SenderFunc(func(r *http.Request) (*http.Response, error) { + // strip the authorization header prior to printing + authHeaderName := "Authorization" + auth := r.Header.Get(authHeaderName) + if auth != "" { + r.Header.Del(authHeaderName) + } + + // dump request to wire format + if dump, err := httputil.DumpRequestOut(r, true); err == nil { + log.Printf("[DEBUG] AzureAD Request: \n%s\n", dump) + } else { + // fallback to basic message + log.Printf("[DEBUG] AzureAD Request: %s to %s\n", r.Method, r.URL) + } + + // add the auth header back + if auth != "" { + r.Header.Add(authHeaderName, auth) + } + + resp, err := s.Do(r) + if resp != nil { + // dump response to wire format + if dump, err2 := httputil.DumpResponse(resp, true); err2 == nil { + log.Printf("[DEBUG] AzureAD Response for %s: \n%s\n", r.URL, dump) + } else { + // fallback to basic message + log.Printf("[DEBUG] AzureAD Response: %s for %s\n", resp.Status, r.URL) + } + } else { + log.Printf("[DEBUG] Request to %s completed with no response", r.URL) + } + return resp, err + }) + } +} diff --git a/azuread/resource_application.go b/azuread/resource_application.go index 9e6a73b1fe..4f2e45c13c 100644 --- a/azuread/resource_application.go +++ b/azuread/resource_application.go @@ -81,7 +81,7 @@ func resourceApplication() *schema.Resource { Type: schema.TypeString, Optional: true, ValidateFunc: validation.StringInSlice( - []string{"None", "SecurityGroup", "All"}, + []string{"All", "None", "SecurityGroup", "DirectoryRole", "DistributionGroup"}, false, ), }, @@ -199,7 +199,6 @@ func resourceApplicationCreate(d *schema.ResourceData, meta interface{}) error { } properties := graphrbac.ApplicationCreateParameters{ - AdditionalProperties: make(map[string]interface{}), DisplayName: &name, IdentifierUris: tf.ExpandStringSlicePtr(identUrls.([]interface{})), ReplyUrls: tf.ExpandStringSlicePtr(d.Get("reply_urls").(*schema.Set).List()), @@ -222,7 +221,7 @@ func resourceApplicationCreate(d *schema.ResourceData, meta interface{}) error { } if v, ok := d.GetOk("group_membership_claims"); ok { - properties.AdditionalProperties["groupMembershipClaims"] = v + properties.GroupMembershipClaims = v } app, err := client.Create(ctx, properties) @@ -249,9 +248,7 @@ func resourceApplicationCreate(d *schema.ResourceData, meta interface{}) error { properties := graphrbac.ApplicationUpdateParameters{ Homepage: nil, IdentifierUris: &[]string{}, - AdditionalProperties: map[string]interface{}{ - "publicClient": true, - }, + PublicClient: p.Bool(true), } if _, err := client.Patch(ctx, *app.ObjectID, properties); err != nil { return err @@ -268,7 +265,6 @@ func resourceApplicationUpdate(d *schema.ResourceData, meta interface{}) error { name := d.Get("name").(string) var properties graphrbac.ApplicationUpdateParameters - properties.AdditionalProperties = make(map[string]interface{}) if d.HasChange("name") { properties.DisplayName = &name @@ -301,22 +297,16 @@ func resourceApplicationUpdate(d *schema.ResourceData, meta interface{}) error { } if d.HasChange("group_membership_claims") { - groupMembershipClaims := d.Get("group_membership_claims").(string) - - if len(groupMembershipClaims) == 0 { - properties.AdditionalProperties["groupMembershipClaims"] = nil - } else { - properties.AdditionalProperties["groupMembershipClaims"] = groupMembershipClaims - } + properties.GroupMembershipClaims = d.Get("group_membership_claims") } if d.HasChange("type") { switch appType := d.Get("type"); appType { case "webapp/api": - properties.AdditionalProperties["publicClient"] = false + properties.PublicClient = p.Bool(false) properties.IdentifierUris = tf.ExpandStringSlicePtr(d.Get("identifier_uris").([]interface{})) case "native": - properties.AdditionalProperties["publicClient"] = true + properties.PublicClient = p.Bool(true) properties.IdentifierUris = &[]string{} default: return fmt.Errorf("Error paching Azure AD Application with ID %q: Unknow application type %v. Supported types are [webapp/api, native]", d.Id(), appType) @@ -335,9 +325,9 @@ func resourceApplicationRead(d *schema.ResourceData, meta interface{}) error { client := meta.(*ArmClient).applicationsClient ctx := meta.(*ArmClient).StopContext - resp, err := client.Get(ctx, d.Id()) + app, err := client.Get(ctx, d.Id()) if err != nil { - if ar.ResponseWasNotFound(resp.Response) { + if ar.ResponseWasNotFound(app.Response) { log.Printf("[DEBUG] Azure AD Application with ID %q was not found - removing from state", d.Id()) d.SetId("") return nil @@ -346,38 +336,37 @@ func resourceApplicationRead(d *schema.ResourceData, meta interface{}) error { return fmt.Errorf("Error retrieving Azure AD Application with ID %q: %+v", d.Id(), err) } - d.Set("name", resp.DisplayName) - d.Set("application_id", resp.AppID) - d.Set("homepage", resp.Homepage) - d.Set("available_to_other_tenants", resp.AvailableToOtherTenants) - d.Set("oauth2_allow_implicit_flow", resp.Oauth2AllowImplicitFlow) - d.Set("object_id", resp.ObjectID) - - if groupMembershipClaims, ok := resp.AdditionalProperties["groupMembershipClaims"]; ok { - d.Set("group_membership_claims", groupMembershipClaims) - } + d.Set("name", app.DisplayName) + d.Set("application_id", app.AppID) + d.Set("homepage", app.Homepage) + d.Set("available_to_other_tenants", app.AvailableToOtherTenants) + d.Set("oauth2_allow_implicit_flow", app.Oauth2AllowImplicitFlow) + d.Set("object_id", app.ObjectID) - switch appType := resp.AdditionalProperties["publicClient"]; appType { - case true: + if v := app.PublicClient; v != nil && *v { d.Set("type", "native") - default: + } else { d.Set("type", "webapp/api") } - if err := d.Set("identifier_uris", tf.FlattenStringSlicePtr(resp.IdentifierUris)); err != nil { + if err := d.Set("group_membership_claims", app.GroupMembershipClaims); err != nil { + return fmt.Errorf("Error setting `group_membership_claims`: %+v", err) + } + + if err := d.Set("identifier_uris", tf.FlattenStringSlicePtr(app.IdentifierUris)); err != nil { return fmt.Errorf("Error setting `identifier_uris`: %+v", err) } - if err := d.Set("reply_urls", tf.FlattenStringSlicePtr(resp.ReplyUrls)); err != nil { + if err := d.Set("reply_urls", tf.FlattenStringSlicePtr(app.ReplyUrls)); err != nil { return fmt.Errorf("Error setting `reply_urls`: %+v", err) } - if err := d.Set("required_resource_access", flattenADApplicationRequiredResourceAccess(resp.RequiredResourceAccess)); err != nil { + if err := d.Set("required_resource_access", flattenADApplicationRequiredResourceAccess(app.RequiredResourceAccess)); err != nil { return fmt.Errorf("Error setting `required_resource_access`: %+v", err) } - if oauth2Permissions, ok := resp.AdditionalProperties["oauth2Permissions"].([]interface{}); ok { - d.Set("oauth2_permissions", flattenADApplicationOauth2Permissions(oauth2Permissions)) + if err := d.Set("oauth2_permissions", flattenADApplicationOauth2Permissions(app.Oauth2Permissions)); err != nil { + return fmt.Errorf("Error setting `oauth2_permissions`: %+v", err) } return nil @@ -489,37 +478,36 @@ func flattenADApplicationResourceAccess(in *[]graphrbac.ResourceAccess) []interf return accesses } -func flattenADApplicationOauth2Permissions(in []interface{}) []map[string]interface{} { +func flattenADApplicationOauth2Permissions(in *[]graphrbac.OAuth2Permission) []map[string]interface{} { if in == nil { return []map[string]interface{}{} } - result := make([]map[string]interface{}, 0, len(in)) - for _, oauth2Permissions := range in { - rawPermission := oauth2Permissions.(map[string]interface{}) + result := make([]map[string]interface{}, 0) + for _, p := range *in { permission := make(map[string]interface{}) - if v := rawPermission["adminConsentDescription"]; v != nil { + if v := p.AdminConsentDescription; v != nil { permission["admin_consent_description"] = v } - if v := rawPermission["adminConsentDisplayName"]; v != nil { - permission["admin_consent_description"] = v + if v := p.AdminConsentDisplayName; v != nil { + permission["admin_consent_display_name"] = v } - if v := rawPermission["id"]; v != nil { + if v := p.ID; v != nil { permission["id"] = v } - if v := rawPermission["isEnabled"]; v != nil { - permission["is_enabled"] = v.(bool) + if v := p.IsEnabled; v != nil { + permission["is_enabled"] = *v } - if v := rawPermission["type"]; v != nil { + if v := p.Type; v != nil { permission["type"] = v } - if v := rawPermission["userConsentDescription"]; v != nil { + if v := p.UserConsentDescription; v != nil { permission["user_consent_description"] = v } - if v := rawPermission["userConsentDisplayName"]; v != nil { + if v := p.UserConsentDisplayName; v != nil { permission["user_consent_display_name"] = v } - if v := rawPermission["value"]; v != nil { + if v := p.Value; v != nil { permission["value"] = v } diff --git a/azuread/resource_application_test.go b/azuread/resource_application_test.go index 7796ead99c..8a992164e4 100644 --- a/azuread/resource_application_test.go +++ b/azuread/resource_application_test.go @@ -28,7 +28,7 @@ func TestAccAzureADApplication_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "homepage", fmt.Sprintf("https://acctest%s", id)), resource.TestCheckResourceAttr(resourceName, "type", "webapp/api"), resource.TestCheckResourceAttr(resourceName, "oauth2_permissions.#", "1"), - resource.TestCheckResourceAttr(resourceName, "oauth2_permissions.0.admin_consent_description", fmt.Sprintf("Access %s", fmt.Sprintf("acctest%s", id))), + resource.TestCheckResourceAttr(resourceName, "oauth2_permissions.0.admin_consent_description", fmt.Sprintf("Allow the application to access %s on behalf of the signed-in user.", fmt.Sprintf("acctest%s", id))), resource.TestCheckResourceAttrSet(resourceName, "application_id"), resource.TestCheckResourceAttrSet(resourceName, "object_id"), ), @@ -153,10 +153,10 @@ func TestAccAzureADApplication_groupMembershipClaimsUpdate(t *testing.T) { ), }, { - Config: testAccADApplication_withGroupMembershipClaimsAll(id), + Config: testAccADApplication_withGroupMembershipClaimsDirectoryRole(id), Check: resource.ComposeTestCheckFunc( testCheckADApplicationExists(resourceName), - resource.TestCheckResourceAttr(resourceName, "group_membership_claims", "All"), + resource.TestCheckResourceAttr(resourceName, "group_membership_claims", "DirectoryRole"), ), }, { @@ -376,11 +376,11 @@ resource "azuread_application" "test" { `, id, id) } -func testAccADApplication_withGroupMembershipClaimsAll(id string) string { +func testAccADApplication_withGroupMembershipClaimsDirectoryRole(id string) string { return fmt.Sprintf(` resource "azuread_application" "test" { name = "acctest%s" - group_membership_claims = "All" + group_membership_claims = "DirectoryRole" } `, id) } diff --git a/azuread/resource_service_principal.go b/azuread/resource_service_principal.go index fcf0b6e7be..35cbaf3f36 100644 --- a/azuread/resource_service_principal.go +++ b/azuread/resource_service_principal.go @@ -36,16 +36,6 @@ func resourceServicePrincipal() *schema.Resource { ValidateFunc: validate.UUID, }, - "tags": { - Type: schema.TypeSet, - Optional: true, - Set: schema.HashString, - ForceNew: true, - Elem: &schema.Schema{ - Type: schema.TypeString, - }, - }, - "display_name": { Type: schema.TypeString, Computed: true, @@ -55,6 +45,16 @@ func resourceServicePrincipal() *schema.Resource { Type: schema.TypeString, Computed: true, }, + + "tags": { + Type: schema.TypeSet, + Optional: true, + Set: schema.HashString, + ForceNew: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, }, } } @@ -113,14 +113,9 @@ func resourceServicePrincipalRead(d *schema.ResourceData, meta interface{}) erro d.Set("application_id", app.AppID) d.Set("display_name", app.DisplayName) d.Set("object_id", app.ObjectID) - // tags doesn't exist as a property, so extract it - if iTags, ok := app.AdditionalProperties["tags"]; ok { - if tags, ok := iTags.([]interface{}); ok { - if err := d.Set("tags", tf.ExpandStringSlicePtr(tags)); err != nil { - return fmt.Errorf("Error setting `tags`: %+v", err) - } - } + if err := d.Set("tags", app.Tags); err != nil { + return fmt.Errorf("Error setting `tags`: %+v", err) } return nil diff --git a/go.mod b/go.mod index 3be9b0aa4f..a3ba06eff6 100644 --- a/go.mod +++ b/go.mod @@ -2,10 +2,10 @@ module github.com/terraform-providers/terraform-provider-azuread require ( contrib.go.opencensus.io/exporter/ocagent v0.4.2 // indirect - github.com/Azure/azure-sdk-for-go v24.1.0+incompatible - github.com/Azure/go-autorest v11.2.8+incompatible - github.com/google/uuid v0.0.0-20170814143639-7e072fc3a7be - github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2 + github.com/Azure/azure-sdk-for-go v29.0.0+incompatible + github.com/Azure/go-autorest v11.7.0+incompatible + github.com/google/uuid v1.1.1 + github.com/hashicorp/go-azure-helpers v0.4.1 github.com/hashicorp/go-uuid v1.0.1 github.com/hashicorp/terraform v0.12.0 ) diff --git a/go.sum b/go.sum index 94741fcc25..e254623a03 100644 --- a/go.sum +++ b/go.sum @@ -11,11 +11,11 @@ dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1 dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU= git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg= github.com/Azure/azure-sdk-for-go v21.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v24.1.0+incompatible h1:P7GocB7bhkyGbRL1tCy0m9FDqb1V/dqssch3jZieUHk= -github.com/Azure/azure-sdk-for-go v24.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v29.0.0+incompatible h1:CYPU39ULbGjQBo3gXIqiWouK0C4F+Pt2Zx5CqGvqknE= +github.com/Azure/azure-sdk-for-go v29.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-autorest v10.15.4+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest v11.2.8+incompatible h1:Q2feRPMlcfVcqz3pF87PJzkm5lZrL+x6BDtzhODzNJM= -github.com/Azure/go-autorest v11.2.8+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest v11.7.0+incompatible h1:gzma19dc9ejB75D90E5S+/wXouzpZyA+CV+/MJPSD/k= +github.com/Azure/go-autorest v11.7.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-ntlmssp v0.0.0-20180810175552-4a21cbd618b4 h1:pSm8mp0T2OH2CPmPDPtwHPr3VAQaOwVF/JbllOPP4xA= github.com/Azure/go-ntlmssp v0.0.0-20180810175552-4a21cbd618b4/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= @@ -122,8 +122,8 @@ github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/uuid v0.0.0-20170814143639-7e072fc3a7be h1:JX31ns0WPRsUGmZXMlMoJta76MW+0UM7+JnCmqxDUVs= -github.com/google/uuid v0.0.0-20170814143639-7e072fc3a7be/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go v2.0.0+incompatible h1:j0GKcs05QVmm7yesiZq2+9cxHkNK9YM6zKx4D2qucQU= github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= github.com/googleapis/gax-go/v2 v2.0.3 h1:siORttZ36U2R/WjiJuDz8znElWBiAlO9rVt+mqJt0Cc= @@ -150,6 +150,8 @@ github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/U github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2 h1:VBRx+yPYUZaobnn5ANBcOUf4hhWpTHSQgftG4TcDkhI= github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2/go.mod h1:lu62V//auUow6k0IykxLK2DCNW8qTmpm8KqhYVWattA= +github.com/hashicorp/go-azure-helpers v0.4.1 h1:aEWYW4hxAVVmxmq7nPXGK8F44A6HBXQ4m0vB1M3/20g= +github.com/hashicorp/go-azure-helpers v0.4.1/go.mod h1:lu62V//auUow6k0IykxLK2DCNW8qTmpm8KqhYVWattA= github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU= github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg= github.com/hashicorp/go-cleanhttp v0.5.0 h1:wvCrVc9TjDls6+YGAF2hAifE1E5U1+b4tH6KdvN3Gig= diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/applications.go b/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/applications.go index fc6dfc571d..36a3275fda 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/applications.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/applications.go @@ -142,9 +142,7 @@ func (client ApplicationsClient) Create(ctx context.Context, parameters Applicat } if err := validation.Validate([]validation.Validation{ {TargetValue: parameters, - Constraints: []validation.Constraint{{Target: "parameters.AvailableToOtherTenants", Name: validation.Null, Rule: true, Chain: nil}, - {Target: "parameters.DisplayName", Name: validation.Null, Rule: true, Chain: nil}, - {Target: "parameters.IdentifierUris", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil { + Constraints: []validation.Constraint{{Target: "parameters.DisplayName", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil { return result, validation.NewError("graphrbac.ApplicationsClient", "Create", err.Error()) } @@ -359,6 +357,81 @@ func (client ApplicationsClient) GetResponder(resp *http.Response) (result Appli return } +// GetServicePrincipalsIDByAppID gets an object id for a given application id from the current tenant. +// Parameters: +// applicationID - the application ID. +func (client ApplicationsClient) GetServicePrincipalsIDByAppID(ctx context.Context, applicationID string) (result ServicePrincipalObjectResult, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/ApplicationsClient.GetServicePrincipalsIDByAppID") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + req, err := client.GetServicePrincipalsIDByAppIDPreparer(ctx, applicationID) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.ApplicationsClient", "GetServicePrincipalsIDByAppID", nil, "Failure preparing request") + return + } + + resp, err := client.GetServicePrincipalsIDByAppIDSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "graphrbac.ApplicationsClient", "GetServicePrincipalsIDByAppID", resp, "Failure sending request") + return + } + + result, err = client.GetServicePrincipalsIDByAppIDResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.ApplicationsClient", "GetServicePrincipalsIDByAppID", resp, "Failure responding to request") + } + + return +} + +// GetServicePrincipalsIDByAppIDPreparer prepares the GetServicePrincipalsIDByAppID request. +func (client ApplicationsClient) GetServicePrincipalsIDByAppIDPreparer(ctx context.Context, applicationID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "applicationID": autorest.Encode("path", applicationID), + "tenantID": autorest.Encode("path", client.TenantID), + } + + const APIVersion = "1.6" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/{tenantID}/servicePrincipalsByAppId/{applicationID}/objectId", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetServicePrincipalsIDByAppIDSender sends the GetServicePrincipalsIDByAppID request. The method will close the +// http.Response Body if it receives an error. +func (client ApplicationsClient) GetServicePrincipalsIDByAppIDSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// GetServicePrincipalsIDByAppIDResponder handles the response to the GetServicePrincipalsIDByAppID request. The method always +// closes the http.Response Body. +func (client ApplicationsClient) GetServicePrincipalsIDByAppIDResponder(resp *http.Response) (result ServicePrincipalObjectResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + // List lists applications by filter parameters. // Parameters: // filter - the filters to apply to the operation. diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/models.go index 66c76b8ef6..e6b583d96f 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/models.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/models.go @@ -30,6 +30,21 @@ import ( // The package's fully qualified name. const fqdn = "github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac" +// ConsentType enumerates the values for consent type. +type ConsentType string + +const ( + // AllPrincipals ... + AllPrincipals ConsentType = "AllPrincipals" + // Principal ... + Principal ConsentType = "Principal" +) + +// PossibleConsentTypeValues returns an array of possible values for the ConsentType const type. +func PossibleConsentTypeValues() []ConsentType { + return []ConsentType{AllPrincipals, Principal} +} + // ObjectType enumerates the values for object type. type ObjectType string @@ -137,9 +152,9 @@ type ADGroup struct { Mail *string `json:"mail,omitempty"` // AdditionalProperties - Unmatched properties from the message are deserialized this collection AdditionalProperties map[string]interface{} `json:""` - // ObjectID - The object ID. + // ObjectID - READ-ONLY; The object ID. ObjectID *string `json:"objectId,omitempty"` - // DeletionTimestamp - The time at which the directory object was deleted. + // DeletionTimestamp - READ-ONLY; The time at which the directory object was deleted. DeletionTimestamp *date.Time `json:"deletionTimestamp,omitempty"` // ObjectType - Possible values include: 'ObjectTypeDirectoryObject', 'ObjectTypeApplication', 'ObjectTypeGroup', 'ObjectTypeServicePrincipal', 'ObjectTypeUser' ObjectType ObjectType `json:"objectType,omitempty"` @@ -164,12 +179,6 @@ func (ag ADGroup) MarshalJSON() ([]byte, error) { if ag.Mail != nil { objectMap["mail"] = ag.Mail } - if ag.ObjectID != nil { - objectMap["objectId"] = ag.ObjectID - } - if ag.DeletionTimestamp != nil { - objectMap["deletionTimestamp"] = ag.DeletionTimestamp - } if ag.ObjectType != "" { objectMap["objectType"] = ag.ObjectType } @@ -313,33 +322,72 @@ type Application struct { autorest.Response `json:"-"` // AppID - The application ID. AppID *string `json:"appId,omitempty"` + // AllowGuestsSignIn - A property on the application to indicate if the application accepts other IDPs or not or partially accepts. + AllowGuestsSignIn *bool `json:"allowGuestsSignIn,omitempty"` + // AllowPassthroughUsers - Indicates that the application supports pass through users who have no presence in the resource tenant. + AllowPassthroughUsers *bool `json:"allowPassthroughUsers,omitempty"` + // AppLogoURL - The url for the application logo image stored in a CDN. + AppLogoURL *string `json:"appLogoUrl,omitempty"` // AppRoles - The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. AppRoles *[]AppRole `json:"appRoles,omitempty"` // AppPermissions - The application permissions. AppPermissions *[]string `json:"appPermissions,omitempty"` - // AvailableToOtherTenants - Whether the application is be available to other tenants. + // AvailableToOtherTenants - Whether the application is available to other tenants. AvailableToOtherTenants *bool `json:"availableToOtherTenants,omitempty"` // DisplayName - The display name of the application. DisplayName *string `json:"displayName,omitempty"` - // IdentifierUris - A collection of URIs for the application. - IdentifierUris *[]string `json:"identifierUris,omitempty"` - // ReplyUrls - A collection of reply URLs for the application. - ReplyUrls *[]string `json:"replyUrls,omitempty"` + // ErrorURL - A URL provided by the author of the application to report errors when using the application. + ErrorURL *string `json:"errorUrl,omitempty"` + // GroupMembershipClaims - Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. + GroupMembershipClaims interface{} `json:"groupMembershipClaims,omitempty"` // Homepage - The home page of the application. Homepage *string `json:"homepage,omitempty"` - // Oauth2AllowImplicitFlow - Whether to allow implicit grant flow for OAuth2 - Oauth2AllowImplicitFlow *bool `json:"oauth2AllowImplicitFlow,omitempty"` - // RequiredResourceAccess - Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. - RequiredResourceAccess *[]RequiredResourceAccess `json:"requiredResourceAccess,omitempty"` + // IdentifierUris - A collection of URIs for the application. + IdentifierUris *[]string `json:"identifierUris,omitempty"` + // InformationalUrls - URLs with more information about the application. + InformationalUrls *InformationalURL `json:"informationalUrls,omitempty"` + // IsDeviceOnlyAuthSupported - Specifies whether this application supports device authentication without a user. The default is false. + IsDeviceOnlyAuthSupported *bool `json:"isDeviceOnlyAuthSupported,omitempty"` // KeyCredentials - A collection of KeyCredential objects. KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` + // KnownClientApplications - Client applications that are tied to this resource application. Consent to any of the known client applications will result in implicit consent to the resource application through a combined consent dialog (showing the OAuth permission scopes required by the client and the resource). + KnownClientApplications *[]string `json:"knownClientApplications,omitempty"` + // LogoutURL - the url of the logout page + LogoutURL *string `json:"logoutUrl,omitempty"` + // Oauth2AllowImplicitFlow - Whether to allow implicit grant flow for OAuth2 + Oauth2AllowImplicitFlow *bool `json:"oauth2AllowImplicitFlow,omitempty"` + // Oauth2AllowURLPathMatching - Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. + Oauth2AllowURLPathMatching *bool `json:"oauth2AllowUrlPathMatching,omitempty"` + // Oauth2Permissions - The collection of OAuth 2.0 permission scopes that the web API (resource) application exposes to client applications. These permission scopes may be granted to client applications during consent. + Oauth2Permissions *[]OAuth2Permission `json:"oauth2Permissions,omitempty"` + // Oauth2RequirePostResponse - Specifies whether, as part of OAuth 2.0 token requests, Azure AD will allow POST requests, as opposed to GET requests. The default is false, which specifies that only GET requests will be allowed. + Oauth2RequirePostResponse *bool `json:"oauth2RequirePostResponse,omitempty"` + // OrgRestrictions - A list of tenants allowed to access application. + OrgRestrictions *[]string `json:"orgRestrictions,omitempty"` + OptionalClaims *OptionalClaims `json:"optionalClaims,omitempty"` // PasswordCredentials - A collection of PasswordCredential objects PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` + // PreAuthorizedApplications - list of pre-authorized applications. + PreAuthorizedApplications *[]PreAuthorizedApplication `json:"preAuthorizedApplications,omitempty"` + // PublicClient - Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. + PublicClient *bool `json:"publicClient,omitempty"` + // PublisherDomain - Reliable domain which can be used to identify an application. + PublisherDomain *string `json:"publisherDomain,omitempty"` + // ReplyUrls - A collection of reply URLs for the application. + ReplyUrls *[]string `json:"replyUrls,omitempty"` + // RequiredResourceAccess - Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. + RequiredResourceAccess *[]RequiredResourceAccess `json:"requiredResourceAccess,omitempty"` + // SamlMetadataURL - The URL to the SAML metadata for the application. + SamlMetadataURL *string `json:"samlMetadataUrl,omitempty"` + // SignInAudience - Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). + SignInAudience *string `json:"signInAudience,omitempty"` + // WwwHomepage - The primary Web page. + WwwHomepage *string `json:"wwwHomepage,omitempty"` // AdditionalProperties - Unmatched properties from the message are deserialized this collection AdditionalProperties map[string]interface{} `json:""` - // ObjectID - The object ID. + // ObjectID - READ-ONLY; The object ID. ObjectID *string `json:"objectId,omitempty"` - // DeletionTimestamp - The time at which the directory object was deleted. + // DeletionTimestamp - READ-ONLY; The time at which the directory object was deleted. DeletionTimestamp *date.Time `json:"deletionTimestamp,omitempty"` // ObjectType - Possible values include: 'ObjectTypeDirectoryObject', 'ObjectTypeApplication', 'ObjectTypeGroup', 'ObjectTypeServicePrincipal', 'ObjectTypeUser' ObjectType ObjectType `json:"objectType,omitempty"` @@ -352,6 +400,15 @@ func (a Application) MarshalJSON() ([]byte, error) { if a.AppID != nil { objectMap["appId"] = a.AppID } + if a.AllowGuestsSignIn != nil { + objectMap["allowGuestsSignIn"] = a.AllowGuestsSignIn + } + if a.AllowPassthroughUsers != nil { + objectMap["allowPassthroughUsers"] = a.AllowPassthroughUsers + } + if a.AppLogoURL != nil { + objectMap["appLogoUrl"] = a.AppLogoURL + } if a.AppRoles != nil { objectMap["appRoles"] = a.AppRoles } @@ -364,32 +421,77 @@ func (a Application) MarshalJSON() ([]byte, error) { if a.DisplayName != nil { objectMap["displayName"] = a.DisplayName } - if a.IdentifierUris != nil { - objectMap["identifierUris"] = a.IdentifierUris + if a.ErrorURL != nil { + objectMap["errorUrl"] = a.ErrorURL } - if a.ReplyUrls != nil { - objectMap["replyUrls"] = a.ReplyUrls + if a.GroupMembershipClaims != nil { + objectMap["groupMembershipClaims"] = a.GroupMembershipClaims } if a.Homepage != nil { objectMap["homepage"] = a.Homepage } - if a.Oauth2AllowImplicitFlow != nil { - objectMap["oauth2AllowImplicitFlow"] = a.Oauth2AllowImplicitFlow + if a.IdentifierUris != nil { + objectMap["identifierUris"] = a.IdentifierUris } - if a.RequiredResourceAccess != nil { - objectMap["requiredResourceAccess"] = a.RequiredResourceAccess + if a.InformationalUrls != nil { + objectMap["informationalUrls"] = a.InformationalUrls + } + if a.IsDeviceOnlyAuthSupported != nil { + objectMap["isDeviceOnlyAuthSupported"] = a.IsDeviceOnlyAuthSupported } if a.KeyCredentials != nil { objectMap["keyCredentials"] = a.KeyCredentials } + if a.KnownClientApplications != nil { + objectMap["knownClientApplications"] = a.KnownClientApplications + } + if a.LogoutURL != nil { + objectMap["logoutUrl"] = a.LogoutURL + } + if a.Oauth2AllowImplicitFlow != nil { + objectMap["oauth2AllowImplicitFlow"] = a.Oauth2AllowImplicitFlow + } + if a.Oauth2AllowURLPathMatching != nil { + objectMap["oauth2AllowUrlPathMatching"] = a.Oauth2AllowURLPathMatching + } + if a.Oauth2Permissions != nil { + objectMap["oauth2Permissions"] = a.Oauth2Permissions + } + if a.Oauth2RequirePostResponse != nil { + objectMap["oauth2RequirePostResponse"] = a.Oauth2RequirePostResponse + } + if a.OrgRestrictions != nil { + objectMap["orgRestrictions"] = a.OrgRestrictions + } + if a.OptionalClaims != nil { + objectMap["optionalClaims"] = a.OptionalClaims + } if a.PasswordCredentials != nil { objectMap["passwordCredentials"] = a.PasswordCredentials } - if a.ObjectID != nil { - objectMap["objectId"] = a.ObjectID + if a.PreAuthorizedApplications != nil { + objectMap["preAuthorizedApplications"] = a.PreAuthorizedApplications + } + if a.PublicClient != nil { + objectMap["publicClient"] = a.PublicClient + } + if a.PublisherDomain != nil { + objectMap["publisherDomain"] = a.PublisherDomain + } + if a.ReplyUrls != nil { + objectMap["replyUrls"] = a.ReplyUrls + } + if a.RequiredResourceAccess != nil { + objectMap["requiredResourceAccess"] = a.RequiredResourceAccess + } + if a.SamlMetadataURL != nil { + objectMap["samlMetadataUrl"] = a.SamlMetadataURL } - if a.DeletionTimestamp != nil { - objectMap["deletionTimestamp"] = a.DeletionTimestamp + if a.SignInAudience != nil { + objectMap["signInAudience"] = a.SignInAudience + } + if a.WwwHomepage != nil { + objectMap["wwwHomepage"] = a.WwwHomepage } if a.ObjectType != "" { objectMap["objectType"] = a.ObjectType @@ -448,6 +550,33 @@ func (a *Application) UnmarshalJSON(body []byte) error { } a.AppID = &appID } + case "allowGuestsSignIn": + if v != nil { + var allowGuestsSignIn bool + err = json.Unmarshal(*v, &allowGuestsSignIn) + if err != nil { + return err + } + a.AllowGuestsSignIn = &allowGuestsSignIn + } + case "allowPassthroughUsers": + if v != nil { + var allowPassthroughUsers bool + err = json.Unmarshal(*v, &allowPassthroughUsers) + if err != nil { + return err + } + a.AllowPassthroughUsers = &allowPassthroughUsers + } + case "appLogoUrl": + if v != nil { + var appLogoURL string + err = json.Unmarshal(*v, &appLogoURL) + if err != nil { + return err + } + a.AppLogoURL = &appLogoURL + } case "appRoles": if v != nil { var appRoles []AppRole @@ -484,23 +613,23 @@ func (a *Application) UnmarshalJSON(body []byte) error { } a.DisplayName = &displayName } - case "identifierUris": + case "errorUrl": if v != nil { - var identifierUris []string - err = json.Unmarshal(*v, &identifierUris) + var errorURL string + err = json.Unmarshal(*v, &errorURL) if err != nil { return err } - a.IdentifierUris = &identifierUris + a.ErrorURL = &errorURL } - case "replyUrls": + case "groupMembershipClaims": if v != nil { - var replyUrls []string - err = json.Unmarshal(*v, &replyUrls) + var groupMembershipClaims interface{} + err = json.Unmarshal(*v, &groupMembershipClaims) if err != nil { return err } - a.ReplyUrls = &replyUrls + a.GroupMembershipClaims = groupMembershipClaims } case "homepage": if v != nil { @@ -511,23 +640,32 @@ func (a *Application) UnmarshalJSON(body []byte) error { } a.Homepage = &homepage } - case "oauth2AllowImplicitFlow": + case "identifierUris": if v != nil { - var oauth2AllowImplicitFlow bool - err = json.Unmarshal(*v, &oauth2AllowImplicitFlow) + var identifierUris []string + err = json.Unmarshal(*v, &identifierUris) if err != nil { return err } - a.Oauth2AllowImplicitFlow = &oauth2AllowImplicitFlow + a.IdentifierUris = &identifierUris } - case "requiredResourceAccess": + case "informationalUrls": if v != nil { - var requiredResourceAccess []RequiredResourceAccess - err = json.Unmarshal(*v, &requiredResourceAccess) + var informationalUrls InformationalURL + err = json.Unmarshal(*v, &informationalUrls) if err != nil { return err } - a.RequiredResourceAccess = &requiredResourceAccess + a.InformationalUrls = &informationalUrls + } + case "isDeviceOnlyAuthSupported": + if v != nil { + var isDeviceOnlyAuthSupported bool + err = json.Unmarshal(*v, &isDeviceOnlyAuthSupported) + if err != nil { + return err + } + a.IsDeviceOnlyAuthSupported = &isDeviceOnlyAuthSupported } case "keyCredentials": if v != nil { @@ -538,190 +676,113 @@ func (a *Application) UnmarshalJSON(body []byte) error { } a.KeyCredentials = &keyCredentials } - case "passwordCredentials": + case "knownClientApplications": if v != nil { - var passwordCredentials []PasswordCredential - err = json.Unmarshal(*v, &passwordCredentials) + var knownClientApplications []string + err = json.Unmarshal(*v, &knownClientApplications) if err != nil { return err } - a.PasswordCredentials = &passwordCredentials + a.KnownClientApplications = &knownClientApplications } - default: + case "logoutUrl": if v != nil { - var additionalProperties interface{} - err = json.Unmarshal(*v, &additionalProperties) + var logoutURL string + err = json.Unmarshal(*v, &logoutURL) if err != nil { return err } - if a.AdditionalProperties == nil { - a.AdditionalProperties = make(map[string]interface{}) - } - a.AdditionalProperties[k] = additionalProperties + a.LogoutURL = &logoutURL } - case "objectId": + case "oauth2AllowImplicitFlow": if v != nil { - var objectID string - err = json.Unmarshal(*v, &objectID) + var oauth2AllowImplicitFlow bool + err = json.Unmarshal(*v, &oauth2AllowImplicitFlow) if err != nil { return err } - a.ObjectID = &objectID + a.Oauth2AllowImplicitFlow = &oauth2AllowImplicitFlow } - case "deletionTimestamp": + case "oauth2AllowUrlPathMatching": if v != nil { - var deletionTimestamp date.Time - err = json.Unmarshal(*v, &deletionTimestamp) + var oauth2AllowURLPathMatching bool + err = json.Unmarshal(*v, &oauth2AllowURLPathMatching) if err != nil { return err } - a.DeletionTimestamp = &deletionTimestamp + a.Oauth2AllowURLPathMatching = &oauth2AllowURLPathMatching } - case "objectType": + case "oauth2Permissions": if v != nil { - var objectType ObjectType - err = json.Unmarshal(*v, &objectType) + var oauth2Permissions []OAuth2Permission + err = json.Unmarshal(*v, &oauth2Permissions) if err != nil { return err } - a.ObjectType = objectType + a.Oauth2Permissions = &oauth2Permissions } - } - } - - return nil -} - -// ApplicationCreateParameters request parameters for creating a new application. -type ApplicationCreateParameters struct { - // AdditionalProperties - Unmatched properties from the message are deserialized this collection - AdditionalProperties map[string]interface{} `json:""` - // AppRoles - The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. - AppRoles *[]AppRole `json:"appRoles,omitempty"` - // AvailableToOtherTenants - Whether the application is available to other tenants. - AvailableToOtherTenants *bool `json:"availableToOtherTenants,omitempty"` - // DisplayName - The display name of the application. - DisplayName *string `json:"displayName,omitempty"` - // Homepage - The home page of the application. - Homepage *string `json:"homepage,omitempty"` - // IdentifierUris - A collection of URIs for the application. - IdentifierUris *[]string `json:"identifierUris,omitempty"` - // ReplyUrls - A collection of reply URLs for the application. - ReplyUrls *[]string `json:"replyUrls,omitempty"` - // KeyCredentials - The list of KeyCredential objects. - KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` - // PasswordCredentials - The list of PasswordCredential objects. - PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` - // Oauth2AllowImplicitFlow - Whether to allow implicit grant flow for OAuth2 - Oauth2AllowImplicitFlow *bool `json:"oauth2AllowImplicitFlow,omitempty"` - // RequiredResourceAccess - Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. - RequiredResourceAccess *[]RequiredResourceAccess `json:"requiredResourceAccess,omitempty"` -} - -// MarshalJSON is the custom marshaler for ApplicationCreateParameters. -func (acp ApplicationCreateParameters) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if acp.AppRoles != nil { - objectMap["appRoles"] = acp.AppRoles - } - if acp.AvailableToOtherTenants != nil { - objectMap["availableToOtherTenants"] = acp.AvailableToOtherTenants - } - if acp.DisplayName != nil { - objectMap["displayName"] = acp.DisplayName - } - if acp.Homepage != nil { - objectMap["homepage"] = acp.Homepage - } - if acp.IdentifierUris != nil { - objectMap["identifierUris"] = acp.IdentifierUris - } - if acp.ReplyUrls != nil { - objectMap["replyUrls"] = acp.ReplyUrls - } - if acp.KeyCredentials != nil { - objectMap["keyCredentials"] = acp.KeyCredentials - } - if acp.PasswordCredentials != nil { - objectMap["passwordCredentials"] = acp.PasswordCredentials - } - if acp.Oauth2AllowImplicitFlow != nil { - objectMap["oauth2AllowImplicitFlow"] = acp.Oauth2AllowImplicitFlow - } - if acp.RequiredResourceAccess != nil { - objectMap["requiredResourceAccess"] = acp.RequiredResourceAccess - } - for k, v := range acp.AdditionalProperties { - objectMap[k] = v - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for ApplicationCreateParameters struct. -func (acp *ApplicationCreateParameters) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - default: + case "oauth2RequirePostResponse": if v != nil { - var additionalProperties interface{} - err = json.Unmarshal(*v, &additionalProperties) + var oauth2RequirePostResponse bool + err = json.Unmarshal(*v, &oauth2RequirePostResponse) if err != nil { return err } - if acp.AdditionalProperties == nil { - acp.AdditionalProperties = make(map[string]interface{}) + a.Oauth2RequirePostResponse = &oauth2RequirePostResponse + } + case "orgRestrictions": + if v != nil { + var orgRestrictions []string + err = json.Unmarshal(*v, &orgRestrictions) + if err != nil { + return err } - acp.AdditionalProperties[k] = additionalProperties + a.OrgRestrictions = &orgRestrictions } - case "appRoles": + case "optionalClaims": if v != nil { - var appRoles []AppRole - err = json.Unmarshal(*v, &appRoles) + var optionalClaims OptionalClaims + err = json.Unmarshal(*v, &optionalClaims) if err != nil { return err } - acp.AppRoles = &appRoles + a.OptionalClaims = &optionalClaims } - case "availableToOtherTenants": + case "passwordCredentials": if v != nil { - var availableToOtherTenants bool - err = json.Unmarshal(*v, &availableToOtherTenants) + var passwordCredentials []PasswordCredential + err = json.Unmarshal(*v, &passwordCredentials) if err != nil { return err } - acp.AvailableToOtherTenants = &availableToOtherTenants + a.PasswordCredentials = &passwordCredentials } - case "displayName": + case "preAuthorizedApplications": if v != nil { - var displayName string - err = json.Unmarshal(*v, &displayName) + var preAuthorizedApplications []PreAuthorizedApplication + err = json.Unmarshal(*v, &preAuthorizedApplications) if err != nil { return err } - acp.DisplayName = &displayName + a.PreAuthorizedApplications = &preAuthorizedApplications } - case "homepage": + case "publicClient": if v != nil { - var homepage string - err = json.Unmarshal(*v, &homepage) + var publicClient bool + err = json.Unmarshal(*v, &publicClient) if err != nil { return err } - acp.Homepage = &homepage + a.PublicClient = &publicClient } - case "identifierUris": + case "publisherDomain": if v != nil { - var identifierUris []string - err = json.Unmarshal(*v, &identifierUris) + var publisherDomain string + err = json.Unmarshal(*v, &publisherDomain) if err != nil { return err } - acp.IdentifierUris = &identifierUris + a.PublisherDomain = &publisherDomain } case "replyUrls": if v != nil { @@ -730,72 +791,237 @@ func (acp *ApplicationCreateParameters) UnmarshalJSON(body []byte) error { if err != nil { return err } - acp.ReplyUrls = &replyUrls + a.ReplyUrls = &replyUrls } - case "keyCredentials": + case "requiredResourceAccess": if v != nil { - var keyCredentials []KeyCredential - err = json.Unmarshal(*v, &keyCredentials) + var requiredResourceAccess []RequiredResourceAccess + err = json.Unmarshal(*v, &requiredResourceAccess) if err != nil { return err } - acp.KeyCredentials = &keyCredentials + a.RequiredResourceAccess = &requiredResourceAccess } - case "passwordCredentials": + case "samlMetadataUrl": if v != nil { - var passwordCredentials []PasswordCredential - err = json.Unmarshal(*v, &passwordCredentials) + var samlMetadataURL string + err = json.Unmarshal(*v, &samlMetadataURL) if err != nil { return err } - acp.PasswordCredentials = &passwordCredentials + a.SamlMetadataURL = &samlMetadataURL } - case "oauth2AllowImplicitFlow": + case "signInAudience": if v != nil { - var oauth2AllowImplicitFlow bool - err = json.Unmarshal(*v, &oauth2AllowImplicitFlow) + var signInAudience string + err = json.Unmarshal(*v, &signInAudience) if err != nil { return err } - acp.Oauth2AllowImplicitFlow = &oauth2AllowImplicitFlow + a.SignInAudience = &signInAudience } - case "requiredResourceAccess": + case "wwwHomepage": if v != nil { - var requiredResourceAccess []RequiredResourceAccess - err = json.Unmarshal(*v, &requiredResourceAccess) + var wwwHomepage string + err = json.Unmarshal(*v, &wwwHomepage) if err != nil { return err } - acp.RequiredResourceAccess = &requiredResourceAccess + a.WwwHomepage = &wwwHomepage } - } - } - - return nil -} - -// ApplicationListResult application list operation result. -type ApplicationListResult struct { - autorest.Response `json:"-"` - // Value - A collection of applications. - Value *[]Application `json:"value,omitempty"` - // OdataNextLink - The URL to get the next set of results. - OdataNextLink *string `json:"odata.nextLink,omitempty"` -} - -// ApplicationListResultIterator provides access to a complete listing of Application values. -type ApplicationListResultIterator struct { - i int - page ApplicationListResultPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *ApplicationListResultIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ApplicationListResultIterator.NextWithContext") - defer func() { - sc := -1 + default: + if v != nil { + var additionalProperties interface{} + err = json.Unmarshal(*v, &additionalProperties) + if err != nil { + return err + } + if a.AdditionalProperties == nil { + a.AdditionalProperties = make(map[string]interface{}) + } + a.AdditionalProperties[k] = additionalProperties + } + case "objectId": + if v != nil { + var objectID string + err = json.Unmarshal(*v, &objectID) + if err != nil { + return err + } + a.ObjectID = &objectID + } + case "deletionTimestamp": + if v != nil { + var deletionTimestamp date.Time + err = json.Unmarshal(*v, &deletionTimestamp) + if err != nil { + return err + } + a.DeletionTimestamp = &deletionTimestamp + } + case "objectType": + if v != nil { + var objectType ObjectType + err = json.Unmarshal(*v, &objectType) + if err != nil { + return err + } + a.ObjectType = objectType + } + } + } + + return nil +} + +// ApplicationBase active Directive Application common properties shared among GET, POST and PATCH +type ApplicationBase struct { + // AllowGuestsSignIn - A property on the application to indicate if the application accepts other IDPs or not or partially accepts. + AllowGuestsSignIn *bool `json:"allowGuestsSignIn,omitempty"` + // AllowPassthroughUsers - Indicates that the application supports pass through users who have no presence in the resource tenant. + AllowPassthroughUsers *bool `json:"allowPassthroughUsers,omitempty"` + // AppLogoURL - The url for the application logo image stored in a CDN. + AppLogoURL *string `json:"appLogoUrl,omitempty"` + // AppRoles - The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. + AppRoles *[]AppRole `json:"appRoles,omitempty"` + // AppPermissions - The application permissions. + AppPermissions *[]string `json:"appPermissions,omitempty"` + // AvailableToOtherTenants - Whether the application is available to other tenants. + AvailableToOtherTenants *bool `json:"availableToOtherTenants,omitempty"` + // ErrorURL - A URL provided by the author of the application to report errors when using the application. + ErrorURL *string `json:"errorUrl,omitempty"` + // GroupMembershipClaims - Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. + GroupMembershipClaims interface{} `json:"groupMembershipClaims,omitempty"` + // Homepage - The home page of the application. + Homepage *string `json:"homepage,omitempty"` + // InformationalUrls - URLs with more information about the application. + InformationalUrls *InformationalURL `json:"informationalUrls,omitempty"` + // IsDeviceOnlyAuthSupported - Specifies whether this application supports device authentication without a user. The default is false. + IsDeviceOnlyAuthSupported *bool `json:"isDeviceOnlyAuthSupported,omitempty"` + // KeyCredentials - A collection of KeyCredential objects. + KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` + // KnownClientApplications - Client applications that are tied to this resource application. Consent to any of the known client applications will result in implicit consent to the resource application through a combined consent dialog (showing the OAuth permission scopes required by the client and the resource). + KnownClientApplications *[]string `json:"knownClientApplications,omitempty"` + // LogoutURL - the url of the logout page + LogoutURL *string `json:"logoutUrl,omitempty"` + // Oauth2AllowImplicitFlow - Whether to allow implicit grant flow for OAuth2 + Oauth2AllowImplicitFlow *bool `json:"oauth2AllowImplicitFlow,omitempty"` + // Oauth2AllowURLPathMatching - Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. + Oauth2AllowURLPathMatching *bool `json:"oauth2AllowUrlPathMatching,omitempty"` + // Oauth2Permissions - The collection of OAuth 2.0 permission scopes that the web API (resource) application exposes to client applications. These permission scopes may be granted to client applications during consent. + Oauth2Permissions *[]OAuth2Permission `json:"oauth2Permissions,omitempty"` + // Oauth2RequirePostResponse - Specifies whether, as part of OAuth 2.0 token requests, Azure AD will allow POST requests, as opposed to GET requests. The default is false, which specifies that only GET requests will be allowed. + Oauth2RequirePostResponse *bool `json:"oauth2RequirePostResponse,omitempty"` + // OrgRestrictions - A list of tenants allowed to access application. + OrgRestrictions *[]string `json:"orgRestrictions,omitempty"` + OptionalClaims *OptionalClaims `json:"optionalClaims,omitempty"` + // PasswordCredentials - A collection of PasswordCredential objects + PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` + // PreAuthorizedApplications - list of pre-authorized applications. + PreAuthorizedApplications *[]PreAuthorizedApplication `json:"preAuthorizedApplications,omitempty"` + // PublicClient - Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. + PublicClient *bool `json:"publicClient,omitempty"` + // PublisherDomain - Reliable domain which can be used to identify an application. + PublisherDomain *string `json:"publisherDomain,omitempty"` + // ReplyUrls - A collection of reply URLs for the application. + ReplyUrls *[]string `json:"replyUrls,omitempty"` + // RequiredResourceAccess - Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. + RequiredResourceAccess *[]RequiredResourceAccess `json:"requiredResourceAccess,omitempty"` + // SamlMetadataURL - The URL to the SAML metadata for the application. + SamlMetadataURL *string `json:"samlMetadataUrl,omitempty"` + // SignInAudience - Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). + SignInAudience *string `json:"signInAudience,omitempty"` + // WwwHomepage - The primary Web page. + WwwHomepage *string `json:"wwwHomepage,omitempty"` +} + +// ApplicationCreateParameters request parameters for creating a new application. +type ApplicationCreateParameters struct { + // DisplayName - The display name of the application. + DisplayName *string `json:"displayName,omitempty"` + // IdentifierUris - A collection of URIs for the application. + IdentifierUris *[]string `json:"identifierUris,omitempty"` + // AllowGuestsSignIn - A property on the application to indicate if the application accepts other IDPs or not or partially accepts. + AllowGuestsSignIn *bool `json:"allowGuestsSignIn,omitempty"` + // AllowPassthroughUsers - Indicates that the application supports pass through users who have no presence in the resource tenant. + AllowPassthroughUsers *bool `json:"allowPassthroughUsers,omitempty"` + // AppLogoURL - The url for the application logo image stored in a CDN. + AppLogoURL *string `json:"appLogoUrl,omitempty"` + // AppRoles - The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. + AppRoles *[]AppRole `json:"appRoles,omitempty"` + // AppPermissions - The application permissions. + AppPermissions *[]string `json:"appPermissions,omitempty"` + // AvailableToOtherTenants - Whether the application is available to other tenants. + AvailableToOtherTenants *bool `json:"availableToOtherTenants,omitempty"` + // ErrorURL - A URL provided by the author of the application to report errors when using the application. + ErrorURL *string `json:"errorUrl,omitempty"` + // GroupMembershipClaims - Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. + GroupMembershipClaims interface{} `json:"groupMembershipClaims,omitempty"` + // Homepage - The home page of the application. + Homepage *string `json:"homepage,omitempty"` + // InformationalUrls - URLs with more information about the application. + InformationalUrls *InformationalURL `json:"informationalUrls,omitempty"` + // IsDeviceOnlyAuthSupported - Specifies whether this application supports device authentication without a user. The default is false. + IsDeviceOnlyAuthSupported *bool `json:"isDeviceOnlyAuthSupported,omitempty"` + // KeyCredentials - A collection of KeyCredential objects. + KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` + // KnownClientApplications - Client applications that are tied to this resource application. Consent to any of the known client applications will result in implicit consent to the resource application through a combined consent dialog (showing the OAuth permission scopes required by the client and the resource). + KnownClientApplications *[]string `json:"knownClientApplications,omitempty"` + // LogoutURL - the url of the logout page + LogoutURL *string `json:"logoutUrl,omitempty"` + // Oauth2AllowImplicitFlow - Whether to allow implicit grant flow for OAuth2 + Oauth2AllowImplicitFlow *bool `json:"oauth2AllowImplicitFlow,omitempty"` + // Oauth2AllowURLPathMatching - Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. + Oauth2AllowURLPathMatching *bool `json:"oauth2AllowUrlPathMatching,omitempty"` + // Oauth2Permissions - The collection of OAuth 2.0 permission scopes that the web API (resource) application exposes to client applications. These permission scopes may be granted to client applications during consent. + Oauth2Permissions *[]OAuth2Permission `json:"oauth2Permissions,omitempty"` + // Oauth2RequirePostResponse - Specifies whether, as part of OAuth 2.0 token requests, Azure AD will allow POST requests, as opposed to GET requests. The default is false, which specifies that only GET requests will be allowed. + Oauth2RequirePostResponse *bool `json:"oauth2RequirePostResponse,omitempty"` + // OrgRestrictions - A list of tenants allowed to access application. + OrgRestrictions *[]string `json:"orgRestrictions,omitempty"` + OptionalClaims *OptionalClaims `json:"optionalClaims,omitempty"` + // PasswordCredentials - A collection of PasswordCredential objects + PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` + // PreAuthorizedApplications - list of pre-authorized applications. + PreAuthorizedApplications *[]PreAuthorizedApplication `json:"preAuthorizedApplications,omitempty"` + // PublicClient - Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. + PublicClient *bool `json:"publicClient,omitempty"` + // PublisherDomain - Reliable domain which can be used to identify an application. + PublisherDomain *string `json:"publisherDomain,omitempty"` + // ReplyUrls - A collection of reply URLs for the application. + ReplyUrls *[]string `json:"replyUrls,omitempty"` + // RequiredResourceAccess - Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. + RequiredResourceAccess *[]RequiredResourceAccess `json:"requiredResourceAccess,omitempty"` + // SamlMetadataURL - The URL to the SAML metadata for the application. + SamlMetadataURL *string `json:"samlMetadataUrl,omitempty"` + // SignInAudience - Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). + SignInAudience *string `json:"signInAudience,omitempty"` + // WwwHomepage - The primary Web page. + WwwHomepage *string `json:"wwwHomepage,omitempty"` +} + +// ApplicationListResult application list operation result. +type ApplicationListResult struct { + autorest.Response `json:"-"` + // Value - A collection of applications. + Value *[]Application `json:"value,omitempty"` + // OdataNextLink - The URL to get the next set of results. + OdataNextLink *string `json:"odata.nextLink,omitempty"` +} + +// ApplicationListResultIterator provides access to a complete listing of Application values. +type ApplicationListResultIterator struct { + i int + page ApplicationListResultPage +} + +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *ApplicationListResultIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/ApplicationListResultIterator.NextWithContext") + defer func() { + sc := -1 if iter.Response().Response.Response != nil { sc = iter.Response().Response.Response.StatusCode } @@ -908,186 +1134,69 @@ func NewApplicationListResultPage(getNextPage func(context.Context, ApplicationL return ApplicationListResultPage{fn: getNextPage} } -// ApplicationUpdateParameters request parameters for updating an existing application. +// ApplicationUpdateParameters request parameters for updating a new application. type ApplicationUpdateParameters struct { - // AdditionalProperties - Unmatched properties from the message are deserialized this collection - AdditionalProperties map[string]interface{} `json:""` + // DisplayName - The display name of the application. + DisplayName *string `json:"displayName,omitempty"` + // IdentifierUris - A collection of URIs for the application. + IdentifierUris *[]string `json:"identifierUris,omitempty"` + // AllowGuestsSignIn - A property on the application to indicate if the application accepts other IDPs or not or partially accepts. + AllowGuestsSignIn *bool `json:"allowGuestsSignIn,omitempty"` + // AllowPassthroughUsers - Indicates that the application supports pass through users who have no presence in the resource tenant. + AllowPassthroughUsers *bool `json:"allowPassthroughUsers,omitempty"` + // AppLogoURL - The url for the application logo image stored in a CDN. + AppLogoURL *string `json:"appLogoUrl,omitempty"` // AppRoles - The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. AppRoles *[]AppRole `json:"appRoles,omitempty"` - // AvailableToOtherTenants - Whether the application is available to other tenants + // AppPermissions - The application permissions. + AppPermissions *[]string `json:"appPermissions,omitempty"` + // AvailableToOtherTenants - Whether the application is available to other tenants. AvailableToOtherTenants *bool `json:"availableToOtherTenants,omitempty"` - // DisplayName - The display name of the application. - DisplayName *string `json:"displayName,omitempty"` + // ErrorURL - A URL provided by the author of the application to report errors when using the application. + ErrorURL *string `json:"errorUrl,omitempty"` + // GroupMembershipClaims - Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. + GroupMembershipClaims interface{} `json:"groupMembershipClaims,omitempty"` // Homepage - The home page of the application. Homepage *string `json:"homepage,omitempty"` - // IdentifierUris - A collection of URIs for the application. - IdentifierUris *[]string `json:"identifierUris,omitempty"` - // ReplyUrls - A collection of reply URLs for the application. - ReplyUrls *[]string `json:"replyUrls,omitempty"` - // KeyCredentials - The list of KeyCredential objects. + // InformationalUrls - URLs with more information about the application. + InformationalUrls *InformationalURL `json:"informationalUrls,omitempty"` + // IsDeviceOnlyAuthSupported - Specifies whether this application supports device authentication without a user. The default is false. + IsDeviceOnlyAuthSupported *bool `json:"isDeviceOnlyAuthSupported,omitempty"` + // KeyCredentials - A collection of KeyCredential objects. KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` - // PasswordCredentials - The list of PasswordCredential objects. - PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` + // KnownClientApplications - Client applications that are tied to this resource application. Consent to any of the known client applications will result in implicit consent to the resource application through a combined consent dialog (showing the OAuth permission scopes required by the client and the resource). + KnownClientApplications *[]string `json:"knownClientApplications,omitempty"` + // LogoutURL - the url of the logout page + LogoutURL *string `json:"logoutUrl,omitempty"` // Oauth2AllowImplicitFlow - Whether to allow implicit grant flow for OAuth2 Oauth2AllowImplicitFlow *bool `json:"oauth2AllowImplicitFlow,omitempty"` + // Oauth2AllowURLPathMatching - Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. + Oauth2AllowURLPathMatching *bool `json:"oauth2AllowUrlPathMatching,omitempty"` + // Oauth2Permissions - The collection of OAuth 2.0 permission scopes that the web API (resource) application exposes to client applications. These permission scopes may be granted to client applications during consent. + Oauth2Permissions *[]OAuth2Permission `json:"oauth2Permissions,omitempty"` + // Oauth2RequirePostResponse - Specifies whether, as part of OAuth 2.0 token requests, Azure AD will allow POST requests, as opposed to GET requests. The default is false, which specifies that only GET requests will be allowed. + Oauth2RequirePostResponse *bool `json:"oauth2RequirePostResponse,omitempty"` + // OrgRestrictions - A list of tenants allowed to access application. + OrgRestrictions *[]string `json:"orgRestrictions,omitempty"` + OptionalClaims *OptionalClaims `json:"optionalClaims,omitempty"` + // PasswordCredentials - A collection of PasswordCredential objects + PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` + // PreAuthorizedApplications - list of pre-authorized applications. + PreAuthorizedApplications *[]PreAuthorizedApplication `json:"preAuthorizedApplications,omitempty"` + // PublicClient - Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. + PublicClient *bool `json:"publicClient,omitempty"` + // PublisherDomain - Reliable domain which can be used to identify an application. + PublisherDomain *string `json:"publisherDomain,omitempty"` + // ReplyUrls - A collection of reply URLs for the application. + ReplyUrls *[]string `json:"replyUrls,omitempty"` // RequiredResourceAccess - Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. RequiredResourceAccess *[]RequiredResourceAccess `json:"requiredResourceAccess,omitempty"` -} - -// MarshalJSON is the custom marshaler for ApplicationUpdateParameters. -func (aup ApplicationUpdateParameters) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if aup.AppRoles != nil { - objectMap["appRoles"] = aup.AppRoles - } - if aup.AvailableToOtherTenants != nil { - objectMap["availableToOtherTenants"] = aup.AvailableToOtherTenants - } - if aup.DisplayName != nil { - objectMap["displayName"] = aup.DisplayName - } - if aup.Homepage != nil { - objectMap["homepage"] = aup.Homepage - } - if aup.IdentifierUris != nil { - objectMap["identifierUris"] = aup.IdentifierUris - } - if aup.ReplyUrls != nil { - objectMap["replyUrls"] = aup.ReplyUrls - } - if aup.KeyCredentials != nil { - objectMap["keyCredentials"] = aup.KeyCredentials - } - if aup.PasswordCredentials != nil { - objectMap["passwordCredentials"] = aup.PasswordCredentials - } - if aup.Oauth2AllowImplicitFlow != nil { - objectMap["oauth2AllowImplicitFlow"] = aup.Oauth2AllowImplicitFlow - } - if aup.RequiredResourceAccess != nil { - objectMap["requiredResourceAccess"] = aup.RequiredResourceAccess - } - for k, v := range aup.AdditionalProperties { - objectMap[k] = v - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for ApplicationUpdateParameters struct. -func (aup *ApplicationUpdateParameters) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - default: - if v != nil { - var additionalProperties interface{} - err = json.Unmarshal(*v, &additionalProperties) - if err != nil { - return err - } - if aup.AdditionalProperties == nil { - aup.AdditionalProperties = make(map[string]interface{}) - } - aup.AdditionalProperties[k] = additionalProperties - } - case "appRoles": - if v != nil { - var appRoles []AppRole - err = json.Unmarshal(*v, &appRoles) - if err != nil { - return err - } - aup.AppRoles = &appRoles - } - case "availableToOtherTenants": - if v != nil { - var availableToOtherTenants bool - err = json.Unmarshal(*v, &availableToOtherTenants) - if err != nil { - return err - } - aup.AvailableToOtherTenants = &availableToOtherTenants - } - case "displayName": - if v != nil { - var displayName string - err = json.Unmarshal(*v, &displayName) - if err != nil { - return err - } - aup.DisplayName = &displayName - } - case "homepage": - if v != nil { - var homepage string - err = json.Unmarshal(*v, &homepage) - if err != nil { - return err - } - aup.Homepage = &homepage - } - case "identifierUris": - if v != nil { - var identifierUris []string - err = json.Unmarshal(*v, &identifierUris) - if err != nil { - return err - } - aup.IdentifierUris = &identifierUris - } - case "replyUrls": - if v != nil { - var replyUrls []string - err = json.Unmarshal(*v, &replyUrls) - if err != nil { - return err - } - aup.ReplyUrls = &replyUrls - } - case "keyCredentials": - if v != nil { - var keyCredentials []KeyCredential - err = json.Unmarshal(*v, &keyCredentials) - if err != nil { - return err - } - aup.KeyCredentials = &keyCredentials - } - case "passwordCredentials": - if v != nil { - var passwordCredentials []PasswordCredential - err = json.Unmarshal(*v, &passwordCredentials) - if err != nil { - return err - } - aup.PasswordCredentials = &passwordCredentials - } - case "oauth2AllowImplicitFlow": - if v != nil { - var oauth2AllowImplicitFlow bool - err = json.Unmarshal(*v, &oauth2AllowImplicitFlow) - if err != nil { - return err - } - aup.Oauth2AllowImplicitFlow = &oauth2AllowImplicitFlow - } - case "requiredResourceAccess": - if v != nil { - var requiredResourceAccess []RequiredResourceAccess - err = json.Unmarshal(*v, &requiredResourceAccess) - if err != nil { - return err - } - aup.RequiredResourceAccess = &requiredResourceAccess - } - } - } - - return nil + // SamlMetadataURL - The URL to the SAML metadata for the application. + SamlMetadataURL *string `json:"samlMetadataUrl,omitempty"` + // SignInAudience - Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). + SignInAudience *string `json:"signInAudience,omitempty"` + // WwwHomepage - The primary Web page. + WwwHomepage *string `json:"wwwHomepage,omitempty"` } // AppRole ... @@ -1246,9 +1355,9 @@ type BasicDirectoryObject interface { type DirectoryObject struct { // AdditionalProperties - Unmatched properties from the message are deserialized this collection AdditionalProperties map[string]interface{} `json:""` - // ObjectID - The object ID. + // ObjectID - READ-ONLY; The object ID. ObjectID *string `json:"objectId,omitempty"` - // DeletionTimestamp - The time at which the directory object was deleted. + // DeletionTimestamp - READ-ONLY; The time at which the directory object was deleted. DeletionTimestamp *date.Time `json:"deletionTimestamp,omitempty"` // ObjectType - Possible values include: 'ObjectTypeDirectoryObject', 'ObjectTypeApplication', 'ObjectTypeGroup', 'ObjectTypeServicePrincipal', 'ObjectTypeUser' ObjectType ObjectType `json:"objectType,omitempty"` @@ -1307,12 +1416,6 @@ func unmarshalBasicDirectoryObjectArray(body []byte) ([]BasicDirectoryObject, er func (do DirectoryObject) MarshalJSON() ([]byte, error) { do.ObjectType = ObjectTypeDirectoryObject objectMap := make(map[string]interface{}) - if do.ObjectID != nil { - objectMap["objectId"] = do.ObjectID - } - if do.DeletionTimestamp != nil { - objectMap["deletionTimestamp"] = do.DeletionTimestamp - } if do.ObjectType != "" { objectMap["objectType"] = do.ObjectType } @@ -1589,11 +1692,11 @@ type Domain struct { autorest.Response `json:"-"` // AdditionalProperties - Unmatched properties from the message are deserialized this collection AdditionalProperties map[string]interface{} `json:""` - // AuthenticationType - the type of the authentication into the domain. + // AuthenticationType - READ-ONLY; the type of the authentication into the domain. AuthenticationType *string `json:"authenticationType,omitempty"` - // IsDefault - if this is the default domain in the tenant. + // IsDefault - READ-ONLY; if this is the default domain in the tenant. IsDefault *bool `json:"isDefault,omitempty"` - // IsVerified - if this domain's ownership is verified. + // IsVerified - READ-ONLY; if this domain's ownership is verified. IsVerified *bool `json:"isVerified,omitempty"` // Name - the domain name. Name *string `json:"name,omitempty"` @@ -1602,17 +1705,8 @@ type Domain struct { // MarshalJSON is the custom marshaler for Domain. func (d Domain) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if d.AuthenticationType != nil { - objectMap["authenticationType"] = d.AuthenticationType - } - if d.IsDefault != nil { - objectMap["isDefault"] = d.IsDefault - } - if d.IsVerified != nil { - objectMap["isVerified"] = d.IsVerified - } - if d.Name != nil { - objectMap["name"] = d.Name + if d.Name != nil { + objectMap["name"] = d.Name } for k, v := range d.AdditionalProperties { objectMap[k] = v @@ -2170,6 +2264,19 @@ func NewGroupListResultPage(getNextPage func(context.Context, GroupListResult) ( return GroupListResultPage{fn: getNextPage} } +// InformationalURL represents a group of URIs that provide terms of service, marketing, support and +// privacy policy information about an application. The default value for each string is null. +type InformationalURL struct { + // TermsOfService - The terms of service URI + TermsOfService *string `json:"termsOfService,omitempty"` + // Marketing - The marketing URI + Marketing *string `json:"marketing,omitempty"` + // Privacy - The privacy policy URI + Privacy *string `json:"privacy,omitempty"` + // Support - The support URI + Support *string `json:"support,omitempty"` +} + // KeyCredential active Directory Key Credential information. type KeyCredential struct { // AdditionalProperties - Unmatched properties from the message are deserialized this collection @@ -2323,6 +2430,187 @@ type KeyCredentialsUpdateParameters struct { Value *[]KeyCredential `json:"value,omitempty"` } +// OAuth2Permission represents an OAuth 2.0 delegated permission scope. The specified OAuth 2.0 delegated +// permission scopes may be requested by client applications (through the requiredResourceAccess collection +// on the Application object) when calling a resource application. The oauth2Permissions property of the +// ServicePrincipal entity and of the Application entity is a collection of OAuth2Permission. +type OAuth2Permission struct { + // AdminConsentDescription - Permission help text that appears in the admin consent and app assignment experiences. + AdminConsentDescription *string `json:"adminConsentDescription,omitempty"` + // AdminConsentDisplayName - Display name for the permission that appears in the admin consent and app assignment experiences. + AdminConsentDisplayName *string `json:"adminConsentDisplayName,omitempty"` + // ID - Unique scope permission identifier inside the oauth2Permissions collection. + ID *string `json:"id,omitempty"` + // IsEnabled - When creating or updating a permission, this property must be set to true (which is the default). To delete a permission, this property must first be set to false. At that point, in a subsequent call, the permission may be removed. + IsEnabled *bool `json:"isEnabled,omitempty"` + // Type - Specifies whether this scope permission can be consented to by an end user, or whether it is a tenant-wide permission that must be consented to by a Company Administrator. Possible values are "User" or "Admin". + Type *string `json:"type,omitempty"` + // UserConsentDescription - Permission help text that appears in the end user consent experience. + UserConsentDescription *string `json:"userConsentDescription,omitempty"` + // UserConsentDisplayName - Display name for the permission that appears in the end user consent experience. + UserConsentDisplayName *string `json:"userConsentDisplayName,omitempty"` + // Value - The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. + Value *string `json:"value,omitempty"` +} + +// OAuth2PermissionGrant ... +type OAuth2PermissionGrant struct { + autorest.Response `json:"-"` + // OdataType - Microsoft.DirectoryServices.OAuth2PermissionGrant + OdataType *string `json:"odata.type,omitempty"` + // ClientID - The id of the resource's service principal granted consent to impersonate the user when accessing the resource (represented by the resourceId property). + ClientID *string `json:"clientId,omitempty"` + // ObjectID - The id of the permission grant + ObjectID *string `json:"objectId,omitempty"` + // ConsentType - Indicates if consent was provided by the administrator (on behalf of the organization) or by an individual. Possible values include: 'AllPrincipals', 'Principal' + ConsentType ConsentType `json:"consentType,omitempty"` + // PrincipalID - When consent type is Principal, this property specifies the id of the user that granted consent and applies only for that user. + PrincipalID *string `json:"principalId,omitempty"` + // ResourceID - Object Id of the resource you want to grant + ResourceID *string `json:"resourceId,omitempty"` + // Scope - Specifies the value of the scope claim that the resource application should expect in the OAuth 2.0 access token. For example, User.Read + Scope *string `json:"scope,omitempty"` + // StartTime - Start time for TTL + StartTime *string `json:"startTime,omitempty"` + // ExpiryTime - Expiry time for TTL + ExpiryTime *string `json:"expiryTime,omitempty"` +} + +// OAuth2PermissionGrantListResult server response for get oauth2 permissions grants +type OAuth2PermissionGrantListResult struct { + autorest.Response `json:"-"` + // Value - the list of oauth2 permissions grants + Value *[]OAuth2PermissionGrant `json:"value,omitempty"` + // OdataNextLink - the URL to get the next set of results. + OdataNextLink *string `json:"odata.nextLink,omitempty"` +} + +// OAuth2PermissionGrantListResultIterator provides access to a complete listing of OAuth2PermissionGrant +// values. +type OAuth2PermissionGrantListResultIterator struct { + i int + page OAuth2PermissionGrantListResultPage +} + +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *OAuth2PermissionGrantListResultIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OAuth2PermissionGrantListResultIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil +} + +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *OAuth2PermissionGrantListResultIterator) Next() error { + return iter.NextWithContext(context.Background()) +} + +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter OAuth2PermissionGrantListResultIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) +} + +// Response returns the raw server response from the last page request. +func (iter OAuth2PermissionGrantListResultIterator) Response() OAuth2PermissionGrantListResult { + return iter.page.Response() +} + +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter OAuth2PermissionGrantListResultIterator) Value() OAuth2PermissionGrant { + if !iter.page.NotDone() { + return OAuth2PermissionGrant{} + } + return iter.page.Values()[iter.i] +} + +// Creates a new instance of the OAuth2PermissionGrantListResultIterator type. +func NewOAuth2PermissionGrantListResultIterator(page OAuth2PermissionGrantListResultPage) OAuth2PermissionGrantListResultIterator { + return OAuth2PermissionGrantListResultIterator{page: page} +} + +// IsEmpty returns true if the ListResult contains no values. +func (oa2pglr OAuth2PermissionGrantListResult) IsEmpty() bool { + return oa2pglr.Value == nil || len(*oa2pglr.Value) == 0 +} + +// OAuth2PermissionGrantListResultPage contains a page of OAuth2PermissionGrant values. +type OAuth2PermissionGrantListResultPage struct { + fn func(context.Context, OAuth2PermissionGrantListResult) (OAuth2PermissionGrantListResult, error) + oa2pglr OAuth2PermissionGrantListResult +} + +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *OAuth2PermissionGrantListResultPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OAuth2PermissionGrantListResultPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + next, err := page.fn(ctx, page.oa2pglr) + if err != nil { + return err + } + page.oa2pglr = next + return nil +} + +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *OAuth2PermissionGrantListResultPage) Next() error { + return page.NextWithContext(context.Background()) +} + +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page OAuth2PermissionGrantListResultPage) NotDone() bool { + return !page.oa2pglr.IsEmpty() +} + +// Response returns the raw server response from the last page request. +func (page OAuth2PermissionGrantListResultPage) Response() OAuth2PermissionGrantListResult { + return page.oa2pglr +} + +// Values returns the slice of values for the current page or nil if there are no values. +func (page OAuth2PermissionGrantListResultPage) Values() []OAuth2PermissionGrant { + if page.oa2pglr.IsEmpty() { + return nil + } + return *page.oa2pglr.Value +} + +// Creates a new instance of the OAuth2PermissionGrantListResultPage type. +func NewOAuth2PermissionGrantListResultPage(getNextPage func(context.Context, OAuth2PermissionGrantListResult) (OAuth2PermissionGrantListResult, error)) OAuth2PermissionGrantListResultPage { + return OAuth2PermissionGrantListResultPage{fn: getNextPage} +} + // OdataError active Directory OData error information. type OdataError struct { // Code - Error code. @@ -2376,6 +2664,27 @@ func (oe *OdataError) UnmarshalJSON(body []byte) error { return nil } +// OptionalClaim specifying the claims to be included in a token. +type OptionalClaim struct { + // Name - Claim name. + Name *string `json:"name,omitempty"` + // Source - Claim source. + Source *string `json:"source,omitempty"` + // Essential - Is this a required claim. + Essential *bool `json:"essential,omitempty"` + AdditionalProperties interface{} `json:"additionalProperties,omitempty"` +} + +// OptionalClaims specifying the claims to be included in the token. +type OptionalClaims struct { + // IDToken - Optional claims requested to be included in the id token. + IDToken *[]OptionalClaim `json:"idToken,omitempty"` + // AccessToken - Optional claims requested to be included in the access token. + AccessToken *[]OptionalClaim `json:"accessToken,omitempty"` + // SamlToken - Optional claims requested to be included in the saml token. + SamlToken *[]OptionalClaim `json:"samlToken,omitempty"` +} + // PasswordCredential active Directory Password Credential information. type PasswordCredential struct { // AdditionalProperties - Unmatched properties from the message are deserialized this collection @@ -2571,25 +2880,29 @@ func (pp *PasswordProfile) UnmarshalJSON(body []byte) error { return nil } -// Permissions ... -type Permissions struct { - autorest.Response `json:"-"` - // OdataType - Microsoft.DirectoryServices.OAuth2PermissionGrant - OdataType *string `json:"odata.type,omitempty"` - // ClientID - The objectId of the Service Principal associated with the app - ClientID *string `json:"clientId,omitempty"` - // ConsentType - Typically set to AllPrincipals - ConsentType *string `json:"consentType,omitempty"` - // PrincipalID - Set to null if AllPrincipals is set - PrincipalID interface{} `json:"principalId,omitempty"` - // ResourceID - Service Principal Id of the resource you want to grant - ResourceID *string `json:"resourceId,omitempty"` - // Scope - Typically set to user_impersonation - Scope *string `json:"scope,omitempty"` - // StartTime - Start time for TTL - StartTime *string `json:"startTime,omitempty"` - // ExpiryTime - Expiry time for TTL - ExpiryTime *string `json:"expiryTime,omitempty"` +// PreAuthorizedApplication contains information about pre authorized client application. +type PreAuthorizedApplication struct { + // AppID - Represents the application id. + AppID *string `json:"appId,omitempty"` + // Permissions - Collection of required app permissions/entitlements from the resource application. + Permissions *[]PreAuthorizedApplicationPermission `json:"permissions,omitempty"` + // Extensions - Collection of extensions from the resource application. + Extensions *[]PreAuthorizedApplicationExtension `json:"extensions,omitempty"` +} + +// PreAuthorizedApplicationExtension representation of an app PreAuthorizedApplicationExtension required by +// a pre authorized client app. +type PreAuthorizedApplicationExtension struct { + // Conditions - The extension's conditions. + Conditions *[]string `json:"conditions,omitempty"` +} + +// PreAuthorizedApplicationPermission contains information about the pre-authorized permissions. +type PreAuthorizedApplicationPermission struct { + // DirectAccessGrant - Indicates whether the permission set is DirectAccess or impersonation. + DirectAccessGrant *bool `json:"directAccessGrant,omitempty"` + // AccessGrants - The list of permissions. + AccessGrants *[]string `json:"accessGrants,omitempty"` } // RequiredResourceAccess specifies the set of OAuth 2.0 permission scopes and app roles under the @@ -2740,19 +3053,53 @@ func (ra *ResourceAccess) UnmarshalJSON(body []byte) error { // ServicePrincipal active Directory service principal information. type ServicePrincipal struct { autorest.Response `json:"-"` - // DisplayName - The display name of the service principal. - DisplayName *string `json:"displayName,omitempty"` + // AccountEnabled - whether or not the service principal account is enabled + AccountEnabled *bool `json:"accountEnabled,omitempty"` + // AlternativeNames - alternative names + AlternativeNames *[]string `json:"alternativeNames,omitempty"` + // AppDisplayName - READ-ONLY; The display name exposed by the associated application. + AppDisplayName *string `json:"appDisplayName,omitempty"` // AppID - The application ID. AppID *string `json:"appId,omitempty"` + // AppOwnerTenantID - READ-ONLY + AppOwnerTenantID *string `json:"appOwnerTenantId,omitempty"` + // AppRoleAssignmentRequired - Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. + AppRoleAssignmentRequired *bool `json:"appRoleAssignmentRequired,omitempty"` // AppRoles - The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. AppRoles *[]AppRole `json:"appRoles,omitempty"` + // DisplayName - The display name of the service principal. + DisplayName *string `json:"displayName,omitempty"` + // ErrorURL - A URL provided by the author of the associated application to report errors when using the application. + ErrorURL *string `json:"errorUrl,omitempty"` + // Homepage - The URL to the homepage of the associated application. + Homepage *string `json:"homepage,omitempty"` + // KeyCredentials - The collection of key credentials associated with the service principal. + KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` + // LogoutURL - A URL provided by the author of the associated application to logout + LogoutURL *string `json:"logoutUrl,omitempty"` + // Oauth2Permissions - READ-ONLY; The OAuth 2.0 permissions exposed by the associated application. + Oauth2Permissions *[]OAuth2Permission `json:"oauth2Permissions,omitempty"` + // PasswordCredentials - The collection of password credentials associated with the service principal. + PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` + // PreferredTokenSigningKeyThumbprint - The thumbprint of preferred certificate to sign the token + PreferredTokenSigningKeyThumbprint *string `json:"preferredTokenSigningKeyThumbprint,omitempty"` + // PublisherName - The publisher's name of the associated application + PublisherName *string `json:"publisherName,omitempty"` + // ReplyUrls - The URLs that user tokens are sent to for sign in with the associated application. The redirect URIs that the oAuth 2.0 authorization code and access tokens are sent to for the associated application. + ReplyUrls *[]string `json:"replyUrls,omitempty"` + // SamlMetadataURL - The URL to the SAML metadata of the associated application + SamlMetadataURL *string `json:"samlMetadataUrl,omitempty"` // ServicePrincipalNames - A collection of service principal names. ServicePrincipalNames *[]string `json:"servicePrincipalNames,omitempty"` + // ServicePrincipalType - the type of the service principal + ServicePrincipalType *string `json:"servicePrincipalType,omitempty"` + // Tags - Optional list of tags that you can apply to your service principals. Not nullable. + Tags *[]string `json:"tags,omitempty"` // AdditionalProperties - Unmatched properties from the message are deserialized this collection AdditionalProperties map[string]interface{} `json:""` - // ObjectID - The object ID. + // ObjectID - READ-ONLY; The object ID. ObjectID *string `json:"objectId,omitempty"` - // DeletionTimestamp - The time at which the directory object was deleted. + // DeletionTimestamp - READ-ONLY; The time at which the directory object was deleted. DeletionTimestamp *date.Time `json:"deletionTimestamp,omitempty"` // ObjectType - Possible values include: 'ObjectTypeDirectoryObject', 'ObjectTypeApplication', 'ObjectTypeGroup', 'ObjectTypeServicePrincipal', 'ObjectTypeUser' ObjectType ObjectType `json:"objectType,omitempty"` @@ -2762,23 +3109,59 @@ type ServicePrincipal struct { func (sp ServicePrincipal) MarshalJSON() ([]byte, error) { sp.ObjectType = ObjectTypeServicePrincipal objectMap := make(map[string]interface{}) - if sp.DisplayName != nil { - objectMap["displayName"] = sp.DisplayName + if sp.AccountEnabled != nil { + objectMap["accountEnabled"] = sp.AccountEnabled + } + if sp.AlternativeNames != nil { + objectMap["alternativeNames"] = sp.AlternativeNames } if sp.AppID != nil { objectMap["appId"] = sp.AppID } + if sp.AppRoleAssignmentRequired != nil { + objectMap["appRoleAssignmentRequired"] = sp.AppRoleAssignmentRequired + } if sp.AppRoles != nil { objectMap["appRoles"] = sp.AppRoles } + if sp.DisplayName != nil { + objectMap["displayName"] = sp.DisplayName + } + if sp.ErrorURL != nil { + objectMap["errorUrl"] = sp.ErrorURL + } + if sp.Homepage != nil { + objectMap["homepage"] = sp.Homepage + } + if sp.KeyCredentials != nil { + objectMap["keyCredentials"] = sp.KeyCredentials + } + if sp.LogoutURL != nil { + objectMap["logoutUrl"] = sp.LogoutURL + } + if sp.PasswordCredentials != nil { + objectMap["passwordCredentials"] = sp.PasswordCredentials + } + if sp.PreferredTokenSigningKeyThumbprint != nil { + objectMap["preferredTokenSigningKeyThumbprint"] = sp.PreferredTokenSigningKeyThumbprint + } + if sp.PublisherName != nil { + objectMap["publisherName"] = sp.PublisherName + } + if sp.ReplyUrls != nil { + objectMap["replyUrls"] = sp.ReplyUrls + } + if sp.SamlMetadataURL != nil { + objectMap["samlMetadataUrl"] = sp.SamlMetadataURL + } if sp.ServicePrincipalNames != nil { objectMap["servicePrincipalNames"] = sp.ServicePrincipalNames } - if sp.ObjectID != nil { - objectMap["objectId"] = sp.ObjectID + if sp.ServicePrincipalType != nil { + objectMap["servicePrincipalType"] = sp.ServicePrincipalType } - if sp.DeletionTimestamp != nil { - objectMap["deletionTimestamp"] = sp.DeletionTimestamp + if sp.Tags != nil { + objectMap["tags"] = sp.Tags } if sp.ObjectType != "" { objectMap["objectType"] = sp.ObjectType @@ -2828,14 +3211,32 @@ func (sp *ServicePrincipal) UnmarshalJSON(body []byte) error { } for k, v := range m { switch k { - case "displayName": + case "accountEnabled": if v != nil { - var displayName string - err = json.Unmarshal(*v, &displayName) + var accountEnabled bool + err = json.Unmarshal(*v, &accountEnabled) if err != nil { return err } - sp.DisplayName = &displayName + sp.AccountEnabled = &accountEnabled + } + case "alternativeNames": + if v != nil { + var alternativeNames []string + err = json.Unmarshal(*v, &alternativeNames) + if err != nil { + return err + } + sp.AlternativeNames = &alternativeNames + } + case "appDisplayName": + if v != nil { + var appDisplayName string + err = json.Unmarshal(*v, &appDisplayName) + if err != nil { + return err + } + sp.AppDisplayName = &appDisplayName } case "appId": if v != nil { @@ -2846,6 +3247,24 @@ func (sp *ServicePrincipal) UnmarshalJSON(body []byte) error { } sp.AppID = &appID } + case "appOwnerTenantId": + if v != nil { + var appOwnerTenantID string + err = json.Unmarshal(*v, &appOwnerTenantID) + if err != nil { + return err + } + sp.AppOwnerTenantID = &appOwnerTenantID + } + case "appRoleAssignmentRequired": + if v != nil { + var appRoleAssignmentRequired bool + err = json.Unmarshal(*v, &appRoleAssignmentRequired) + if err != nil { + return err + } + sp.AppRoleAssignmentRequired = &appRoleAssignmentRequired + } case "appRoles": if v != nil { var appRoles []AppRole @@ -2855,274 +3274,170 @@ func (sp *ServicePrincipal) UnmarshalJSON(body []byte) error { } sp.AppRoles = &appRoles } - case "servicePrincipalNames": + case "displayName": if v != nil { - var servicePrincipalNames []string - err = json.Unmarshal(*v, &servicePrincipalNames) + var displayName string + err = json.Unmarshal(*v, &displayName) if err != nil { return err } - sp.ServicePrincipalNames = &servicePrincipalNames + sp.DisplayName = &displayName } - default: + case "errorUrl": if v != nil { - var additionalProperties interface{} - err = json.Unmarshal(*v, &additionalProperties) + var errorURL string + err = json.Unmarshal(*v, &errorURL) if err != nil { return err } - if sp.AdditionalProperties == nil { - sp.AdditionalProperties = make(map[string]interface{}) + sp.ErrorURL = &errorURL + } + case "homepage": + if v != nil { + var homepage string + err = json.Unmarshal(*v, &homepage) + if err != nil { + return err } - sp.AdditionalProperties[k] = additionalProperties + sp.Homepage = &homepage } - case "objectId": + case "keyCredentials": if v != nil { - var objectID string - err = json.Unmarshal(*v, &objectID) + var keyCredentials []KeyCredential + err = json.Unmarshal(*v, &keyCredentials) if err != nil { return err } - sp.ObjectID = &objectID + sp.KeyCredentials = &keyCredentials } - case "deletionTimestamp": + case "logoutUrl": if v != nil { - var deletionTimestamp date.Time - err = json.Unmarshal(*v, &deletionTimestamp) + var logoutURL string + err = json.Unmarshal(*v, &logoutURL) if err != nil { return err } - sp.DeletionTimestamp = &deletionTimestamp + sp.LogoutURL = &logoutURL } - case "objectType": + case "oauth2Permissions": if v != nil { - var objectType ObjectType - err = json.Unmarshal(*v, &objectType) + var oauth2Permissions []OAuth2Permission + err = json.Unmarshal(*v, &oauth2Permissions) if err != nil { return err } - sp.ObjectType = objectType + sp.Oauth2Permissions = &oauth2Permissions } - } - } - - return nil -} - -// ServicePrincipalCreateParameters request parameters for creating a new service principal. -type ServicePrincipalCreateParameters struct { - // AdditionalProperties - Unmatched properties from the message are deserialized this collection - AdditionalProperties map[string]interface{} `json:""` - // AccountEnabled - Whether the account is enabled - AccountEnabled *bool `json:"accountEnabled,omitempty"` - // AppID - application Id - AppID *string `json:"appId,omitempty"` - // AppRoleAssignmentRequired - Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. - AppRoleAssignmentRequired *bool `json:"appRoleAssignmentRequired,omitempty"` - // DisplayName - The display name for the service principal. - DisplayName *string `json:"displayName,omitempty"` - ErrorURL *string `json:"errorUrl,omitempty"` - // Homepage - The URL to the homepage of the associated application. - Homepage *string `json:"homepage,omitempty"` - // KeyCredentials - A collection of KeyCredential objects. - KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` - // PasswordCredentials - A collection of PasswordCredential objects - PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` - // PublisherName - The display name of the tenant in which the associated application is specified. - PublisherName *string `json:"publisherName,omitempty"` - // ReplyUrls - A collection of reply URLs for the service principal. - ReplyUrls *[]string `json:"replyUrls,omitempty"` - SamlMetadataURL *string `json:"samlMetadataUrl,omitempty"` - // ServicePrincipalNames - A collection of service principal names. - ServicePrincipalNames *[]string `json:"servicePrincipalNames,omitempty"` - Tags *[]string `json:"tags,omitempty"` -} - -// MarshalJSON is the custom marshaler for ServicePrincipalCreateParameters. -func (spcp ServicePrincipalCreateParameters) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if spcp.AccountEnabled != nil { - objectMap["accountEnabled"] = spcp.AccountEnabled - } - if spcp.AppID != nil { - objectMap["appId"] = spcp.AppID - } - if spcp.AppRoleAssignmentRequired != nil { - objectMap["appRoleAssignmentRequired"] = spcp.AppRoleAssignmentRequired - } - if spcp.DisplayName != nil { - objectMap["displayName"] = spcp.DisplayName - } - if spcp.ErrorURL != nil { - objectMap["errorUrl"] = spcp.ErrorURL - } - if spcp.Homepage != nil { - objectMap["homepage"] = spcp.Homepage - } - if spcp.KeyCredentials != nil { - objectMap["keyCredentials"] = spcp.KeyCredentials - } - if spcp.PasswordCredentials != nil { - objectMap["passwordCredentials"] = spcp.PasswordCredentials - } - if spcp.PublisherName != nil { - objectMap["publisherName"] = spcp.PublisherName - } - if spcp.ReplyUrls != nil { - objectMap["replyUrls"] = spcp.ReplyUrls - } - if spcp.SamlMetadataURL != nil { - objectMap["samlMetadataUrl"] = spcp.SamlMetadataURL - } - if spcp.ServicePrincipalNames != nil { - objectMap["servicePrincipalNames"] = spcp.ServicePrincipalNames - } - if spcp.Tags != nil { - objectMap["tags"] = spcp.Tags - } - for k, v := range spcp.AdditionalProperties { - objectMap[k] = v - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for ServicePrincipalCreateParameters struct. -func (spcp *ServicePrincipalCreateParameters) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - default: - if v != nil { - var additionalProperties interface{} - err = json.Unmarshal(*v, &additionalProperties) - if err != nil { - return err - } - if spcp.AdditionalProperties == nil { - spcp.AdditionalProperties = make(map[string]interface{}) - } - spcp.AdditionalProperties[k] = additionalProperties - } - case "accountEnabled": + case "passwordCredentials": if v != nil { - var accountEnabled bool - err = json.Unmarshal(*v, &accountEnabled) + var passwordCredentials []PasswordCredential + err = json.Unmarshal(*v, &passwordCredentials) if err != nil { return err } - spcp.AccountEnabled = &accountEnabled + sp.PasswordCredentials = &passwordCredentials } - case "appId": + case "preferredTokenSigningKeyThumbprint": if v != nil { - var appID string - err = json.Unmarshal(*v, &appID) + var preferredTokenSigningKeyThumbprint string + err = json.Unmarshal(*v, &preferredTokenSigningKeyThumbprint) if err != nil { return err } - spcp.AppID = &appID + sp.PreferredTokenSigningKeyThumbprint = &preferredTokenSigningKeyThumbprint } - case "appRoleAssignmentRequired": + case "publisherName": if v != nil { - var appRoleAssignmentRequired bool - err = json.Unmarshal(*v, &appRoleAssignmentRequired) + var publisherName string + err = json.Unmarshal(*v, &publisherName) if err != nil { return err } - spcp.AppRoleAssignmentRequired = &appRoleAssignmentRequired + sp.PublisherName = &publisherName } - case "displayName": + case "replyUrls": if v != nil { - var displayName string - err = json.Unmarshal(*v, &displayName) + var replyUrls []string + err = json.Unmarshal(*v, &replyUrls) if err != nil { return err } - spcp.DisplayName = &displayName + sp.ReplyUrls = &replyUrls } - case "errorUrl": + case "samlMetadataUrl": if v != nil { - var errorURL string - err = json.Unmarshal(*v, &errorURL) + var samlMetadataURL string + err = json.Unmarshal(*v, &samlMetadataURL) if err != nil { return err } - spcp.ErrorURL = &errorURL + sp.SamlMetadataURL = &samlMetadataURL } - case "homepage": + case "servicePrincipalNames": if v != nil { - var homepage string - err = json.Unmarshal(*v, &homepage) + var servicePrincipalNames []string + err = json.Unmarshal(*v, &servicePrincipalNames) if err != nil { return err } - spcp.Homepage = &homepage + sp.ServicePrincipalNames = &servicePrincipalNames } - case "keyCredentials": + case "servicePrincipalType": if v != nil { - var keyCredentials []KeyCredential - err = json.Unmarshal(*v, &keyCredentials) + var servicePrincipalType string + err = json.Unmarshal(*v, &servicePrincipalType) if err != nil { return err } - spcp.KeyCredentials = &keyCredentials + sp.ServicePrincipalType = &servicePrincipalType } - case "passwordCredentials": + case "tags": if v != nil { - var passwordCredentials []PasswordCredential - err = json.Unmarshal(*v, &passwordCredentials) + var tags []string + err = json.Unmarshal(*v, &tags) if err != nil { return err } - spcp.PasswordCredentials = &passwordCredentials + sp.Tags = &tags } - case "publisherName": + default: if v != nil { - var publisherName string - err = json.Unmarshal(*v, &publisherName) + var additionalProperties interface{} + err = json.Unmarshal(*v, &additionalProperties) if err != nil { return err } - spcp.PublisherName = &publisherName - } - case "replyUrls": - if v != nil { - var replyUrls []string - err = json.Unmarshal(*v, &replyUrls) - if err != nil { - return err + if sp.AdditionalProperties == nil { + sp.AdditionalProperties = make(map[string]interface{}) } - spcp.ReplyUrls = &replyUrls + sp.AdditionalProperties[k] = additionalProperties } - case "samlMetadataUrl": + case "objectId": if v != nil { - var samlMetadataURL string - err = json.Unmarshal(*v, &samlMetadataURL) + var objectID string + err = json.Unmarshal(*v, &objectID) if err != nil { return err } - spcp.SamlMetadataURL = &samlMetadataURL + sp.ObjectID = &objectID } - case "servicePrincipalNames": + case "deletionTimestamp": if v != nil { - var servicePrincipalNames []string - err = json.Unmarshal(*v, &servicePrincipalNames) + var deletionTimestamp date.Time + err = json.Unmarshal(*v, &deletionTimestamp) if err != nil { return err } - spcp.ServicePrincipalNames = &servicePrincipalNames + sp.DeletionTimestamp = &deletionTimestamp } - case "tags": + case "objectType": if v != nil { - var tags []string - err = json.Unmarshal(*v, &tags) + var objectType ObjectType + err = json.Unmarshal(*v, &objectType) if err != nil { return err } - spcp.Tags = &tags + sp.ObjectType = objectType } } } @@ -3130,6 +3445,41 @@ func (spcp *ServicePrincipalCreateParameters) UnmarshalJSON(body []byte) error { return nil } +// ServicePrincipalBase active Directory service principal common properties shared among GET, POST and +// PATCH +type ServicePrincipalBase struct { + // AccountEnabled - whether or not the service principal account is enabled + AccountEnabled *bool `json:"accountEnabled,omitempty"` + // AppRoleAssignmentRequired - Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. + AppRoleAssignmentRequired *bool `json:"appRoleAssignmentRequired,omitempty"` + // KeyCredentials - The collection of key credentials associated with the service principal. + KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` + // PasswordCredentials - The collection of password credentials associated with the service principal. + PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` + // ServicePrincipalType - the type of the service principal + ServicePrincipalType *string `json:"servicePrincipalType,omitempty"` + // Tags - Optional list of tags that you can apply to your service principals. Not nullable. + Tags *[]string `json:"tags,omitempty"` +} + +// ServicePrincipalCreateParameters request parameters for creating a new service principal. +type ServicePrincipalCreateParameters struct { + // AppID - The application ID. + AppID *string `json:"appId,omitempty"` + // AccountEnabled - whether or not the service principal account is enabled + AccountEnabled *bool `json:"accountEnabled,omitempty"` + // AppRoleAssignmentRequired - Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. + AppRoleAssignmentRequired *bool `json:"appRoleAssignmentRequired,omitempty"` + // KeyCredentials - The collection of key credentials associated with the service principal. + KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` + // PasswordCredentials - The collection of password credentials associated with the service principal. + PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` + // ServicePrincipalType - the type of the service principal + ServicePrincipalType *string `json:"servicePrincipalType,omitempty"` + // Tags - Optional list of tags that you can apply to your service principals. Not nullable. + Tags *[]string `json:"tags,omitempty"` +} + // ServicePrincipalListResult server response for get tenant service principals API call. type ServicePrincipalListResult struct { autorest.Response `json:"-"` @@ -3264,225 +3614,29 @@ func NewServicePrincipalListResultPage(getNextPage func(context.Context, Service return ServicePrincipalListResultPage{fn: getNextPage} } -// ServicePrincipalUpdateParameters request parameters for creating a new service principal. +// ServicePrincipalObjectResult service Principal Object Result. +type ServicePrincipalObjectResult struct { + autorest.Response `json:"-"` + // Value - The Object ID of the service principal with the specified application ID. + Value *string `json:"value,omitempty"` + // OdataMetadata - The URL representing edm equivalent. + OdataMetadata *string `json:"odata.metadata,omitempty"` +} + +// ServicePrincipalUpdateParameters request parameters for update an existing service principal. type ServicePrincipalUpdateParameters struct { - // AdditionalProperties - Unmatched properties from the message are deserialized this collection - AdditionalProperties map[string]interface{} `json:""` - // AccountEnabled - Whether the account is enabled + // AccountEnabled - whether or not the service principal account is enabled AccountEnabled *bool `json:"accountEnabled,omitempty"` - // AppID - application Id - AppID *string `json:"appId,omitempty"` // AppRoleAssignmentRequired - Specifies whether an AppRoleAssignment to a user or group is required before Azure AD will issue a user or access token to the application. AppRoleAssignmentRequired *bool `json:"appRoleAssignmentRequired,omitempty"` - // DisplayName - The display name for the service principal. - DisplayName *string `json:"displayName,omitempty"` - ErrorURL *string `json:"errorUrl,omitempty"` - // Homepage - The URL to the homepage of the associated application. - Homepage *string `json:"homepage,omitempty"` - // KeyCredentials - A collection of KeyCredential objects. + // KeyCredentials - The collection of key credentials associated with the service principal. KeyCredentials *[]KeyCredential `json:"keyCredentials,omitempty"` - // PasswordCredentials - A collection of PasswordCredential objects + // PasswordCredentials - The collection of password credentials associated with the service principal. PasswordCredentials *[]PasswordCredential `json:"passwordCredentials,omitempty"` - // PublisherName - The display name of the tenant in which the associated application is specified. - PublisherName *string `json:"publisherName,omitempty"` - // ReplyUrls - A collection of reply URLs for the service principal. - ReplyUrls *[]string `json:"replyUrls,omitempty"` - SamlMetadataURL *string `json:"samlMetadataUrl,omitempty"` - // ServicePrincipalNames - A collection of service principal names. - ServicePrincipalNames *[]string `json:"servicePrincipalNames,omitempty"` - Tags *[]string `json:"tags,omitempty"` -} - -// MarshalJSON is the custom marshaler for ServicePrincipalUpdateParameters. -func (spup ServicePrincipalUpdateParameters) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if spup.AccountEnabled != nil { - objectMap["accountEnabled"] = spup.AccountEnabled - } - if spup.AppID != nil { - objectMap["appId"] = spup.AppID - } - if spup.AppRoleAssignmentRequired != nil { - objectMap["appRoleAssignmentRequired"] = spup.AppRoleAssignmentRequired - } - if spup.DisplayName != nil { - objectMap["displayName"] = spup.DisplayName - } - if spup.ErrorURL != nil { - objectMap["errorUrl"] = spup.ErrorURL - } - if spup.Homepage != nil { - objectMap["homepage"] = spup.Homepage - } - if spup.KeyCredentials != nil { - objectMap["keyCredentials"] = spup.KeyCredentials - } - if spup.PasswordCredentials != nil { - objectMap["passwordCredentials"] = spup.PasswordCredentials - } - if spup.PublisherName != nil { - objectMap["publisherName"] = spup.PublisherName - } - if spup.ReplyUrls != nil { - objectMap["replyUrls"] = spup.ReplyUrls - } - if spup.SamlMetadataURL != nil { - objectMap["samlMetadataUrl"] = spup.SamlMetadataURL - } - if spup.ServicePrincipalNames != nil { - objectMap["servicePrincipalNames"] = spup.ServicePrincipalNames - } - if spup.Tags != nil { - objectMap["tags"] = spup.Tags - } - for k, v := range spup.AdditionalProperties { - objectMap[k] = v - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for ServicePrincipalUpdateParameters struct. -func (spup *ServicePrincipalUpdateParameters) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - default: - if v != nil { - var additionalProperties interface{} - err = json.Unmarshal(*v, &additionalProperties) - if err != nil { - return err - } - if spup.AdditionalProperties == nil { - spup.AdditionalProperties = make(map[string]interface{}) - } - spup.AdditionalProperties[k] = additionalProperties - } - case "accountEnabled": - if v != nil { - var accountEnabled bool - err = json.Unmarshal(*v, &accountEnabled) - if err != nil { - return err - } - spup.AccountEnabled = &accountEnabled - } - case "appId": - if v != nil { - var appID string - err = json.Unmarshal(*v, &appID) - if err != nil { - return err - } - spup.AppID = &appID - } - case "appRoleAssignmentRequired": - if v != nil { - var appRoleAssignmentRequired bool - err = json.Unmarshal(*v, &appRoleAssignmentRequired) - if err != nil { - return err - } - spup.AppRoleAssignmentRequired = &appRoleAssignmentRequired - } - case "displayName": - if v != nil { - var displayName string - err = json.Unmarshal(*v, &displayName) - if err != nil { - return err - } - spup.DisplayName = &displayName - } - case "errorUrl": - if v != nil { - var errorURL string - err = json.Unmarshal(*v, &errorURL) - if err != nil { - return err - } - spup.ErrorURL = &errorURL - } - case "homepage": - if v != nil { - var homepage string - err = json.Unmarshal(*v, &homepage) - if err != nil { - return err - } - spup.Homepage = &homepage - } - case "keyCredentials": - if v != nil { - var keyCredentials []KeyCredential - err = json.Unmarshal(*v, &keyCredentials) - if err != nil { - return err - } - spup.KeyCredentials = &keyCredentials - } - case "passwordCredentials": - if v != nil { - var passwordCredentials []PasswordCredential - err = json.Unmarshal(*v, &passwordCredentials) - if err != nil { - return err - } - spup.PasswordCredentials = &passwordCredentials - } - case "publisherName": - if v != nil { - var publisherName string - err = json.Unmarshal(*v, &publisherName) - if err != nil { - return err - } - spup.PublisherName = &publisherName - } - case "replyUrls": - if v != nil { - var replyUrls []string - err = json.Unmarshal(*v, &replyUrls) - if err != nil { - return err - } - spup.ReplyUrls = &replyUrls - } - case "samlMetadataUrl": - if v != nil { - var samlMetadataURL string - err = json.Unmarshal(*v, &samlMetadataURL) - if err != nil { - return err - } - spup.SamlMetadataURL = &samlMetadataURL - } - case "servicePrincipalNames": - if v != nil { - var servicePrincipalNames []string - err = json.Unmarshal(*v, &servicePrincipalNames) - if err != nil { - return err - } - spup.ServicePrincipalNames = &servicePrincipalNames - } - case "tags": - if v != nil { - var tags []string - err = json.Unmarshal(*v, &tags) - if err != nil { - return err - } - spup.Tags = &tags - } - } - } - - return nil + // ServicePrincipalType - the type of the service principal + ServicePrincipalType *string `json:"servicePrincipalType,omitempty"` + // Tags - Optional list of tags that you can apply to your service principals. Not nullable. + Tags *[]string `json:"tags,omitempty"` } // SignInName contains information about a sign-in name of a local account user in an Azure Active @@ -3583,9 +3737,9 @@ type User struct { SignInNames *[]SignInName `json:"signInNames,omitempty"` // AdditionalProperties - Unmatched properties from the message are deserialized this collection AdditionalProperties map[string]interface{} `json:""` - // ObjectID - The object ID. + // ObjectID - READ-ONLY; The object ID. ObjectID *string `json:"objectId,omitempty"` - // DeletionTimestamp - The time at which the directory object was deleted. + // DeletionTimestamp - READ-ONLY; The time at which the directory object was deleted. DeletionTimestamp *date.Time `json:"deletionTimestamp,omitempty"` // ObjectType - Possible values include: 'ObjectTypeDirectoryObject', 'ObjectTypeApplication', 'ObjectTypeGroup', 'ObjectTypeServicePrincipal', 'ObjectTypeUser' ObjectType ObjectType `json:"objectType,omitempty"` @@ -3628,12 +3782,6 @@ func (u User) MarshalJSON() ([]byte, error) { if u.SignInNames != nil { objectMap["signInNames"] = u.SignInNames } - if u.ObjectID != nil { - objectMap["objectId"] = u.ObjectID - } - if u.DeletionTimestamp != nil { - objectMap["deletionTimestamp"] = u.DeletionTimestamp - } if u.ObjectType != "" { objectMap["objectType"] = u.ObjectType } diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/oauth2.go b/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/oauth2.go deleted file mode 100644 index 97e79c76dd..0000000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/oauth2.go +++ /dev/null @@ -1,197 +0,0 @@ -package graphrbac - -// Copyright (c) Microsoft and contributors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// -// See the License for the specific language governing permissions and -// limitations under the License. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// OAuth2Client is the the Graph RBAC Management Client -type OAuth2Client struct { - BaseClient -} - -// NewOAuth2Client creates an instance of the OAuth2Client client. -func NewOAuth2Client(tenantID string) OAuth2Client { - return NewOAuth2ClientWithBaseURI(DefaultBaseURI, tenantID) -} - -// NewOAuth2ClientWithBaseURI creates an instance of the OAuth2Client client. -func NewOAuth2ClientWithBaseURI(baseURI string, tenantID string) OAuth2Client { - return OAuth2Client{NewWithBaseURI(baseURI, tenantID)} -} - -// Get queries OAuth2 permissions for the relevant SP ObjectId of an app. -// Parameters: -// filter - this is the Service Principal ObjectId associated with the app -func (client OAuth2Client) Get(ctx context.Context, filter string) (result Permissions, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OAuth2Client.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.GetPreparer(ctx, filter) - if err != nil { - err = autorest.NewErrorWithError(err, "graphrbac.OAuth2Client", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "graphrbac.OAuth2Client", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "graphrbac.OAuth2Client", "Get", resp, "Failure responding to request") - } - - return -} - -// GetPreparer prepares the Get request. -func (client OAuth2Client) GetPreparer(ctx context.Context, filter string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "tenantID": autorest.Encode("path", client.TenantID), - } - - const APIVersion = "1.6" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if len(filter) > 0 { - queryParameters["$filter"] = autorest.Encode("query", filter) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/{tenantID}/oauth2PermissionGrants", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client OAuth2Client) GetSender(req *http.Request) (*http.Response, error) { - return autorest.SendWithSender(client, req, - autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client OAuth2Client) GetResponder(resp *http.Response) (result Permissions, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Grant grants OAuth2 permissions for the relevant resource Ids of an app. -// Parameters: -// body - the relevant app Service Principal Object Id and the Service Principal Object Id you want to grant. -func (client OAuth2Client) Grant(ctx context.Context, body *Permissions) (result Permissions, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/OAuth2Client.Grant") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.GrantPreparer(ctx, body) - if err != nil { - err = autorest.NewErrorWithError(err, "graphrbac.OAuth2Client", "Grant", nil, "Failure preparing request") - return - } - - resp, err := client.GrantSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "graphrbac.OAuth2Client", "Grant", resp, "Failure sending request") - return - } - - result, err = client.GrantResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "graphrbac.OAuth2Client", "Grant", resp, "Failure responding to request") - } - - return -} - -// GrantPreparer prepares the Grant request. -func (client OAuth2Client) GrantPreparer(ctx context.Context, body *Permissions) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "tenantID": autorest.Encode("path", client.TenantID), - } - - const APIVersion = "1.6" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPost(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/{tenantID}/oauth2PermissionGrants", pathParameters), - autorest.WithQueryParameters(queryParameters)) - if body != nil { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithJSON(body)) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GrantSender sends the Grant request. The method will close the -// http.Response Body if it receives an error. -func (client OAuth2Client) GrantSender(req *http.Request) (*http.Response, error) { - return autorest.SendWithSender(client, req, - autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) -} - -// GrantResponder handles the response to the Grant request. The method always -// closes the http.Response Body. -func (client OAuth2Client) GrantResponder(resp *http.Response) (result Permissions, err error) { - err = autorest.Respond( - resp, - client.ByInspecting(), - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/oauth2permissiongrant.go b/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/oauth2permissiongrant.go new file mode 100644 index 0000000000..3d1ec66eb6 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac/oauth2permissiongrant.go @@ -0,0 +1,369 @@ +package graphrbac + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/to" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// OAuth2PermissionGrantClient is the the Graph RBAC Management Client +type OAuth2PermissionGrantClient struct { + BaseClient +} + +// NewOAuth2PermissionGrantClient creates an instance of the OAuth2PermissionGrantClient client. +func NewOAuth2PermissionGrantClient(tenantID string) OAuth2PermissionGrantClient { + return NewOAuth2PermissionGrantClientWithBaseURI(DefaultBaseURI, tenantID) +} + +// NewOAuth2PermissionGrantClientWithBaseURI creates an instance of the OAuth2PermissionGrantClient client. +func NewOAuth2PermissionGrantClientWithBaseURI(baseURI string, tenantID string) OAuth2PermissionGrantClient { + return OAuth2PermissionGrantClient{NewWithBaseURI(baseURI, tenantID)} +} + +// Create grants OAuth2 permissions for the relevant resource Ids of an app. +// Parameters: +// body - the relevant app Service Principal Object Id and the Service Principal Object Id you want to grant. +func (client OAuth2PermissionGrantClient) Create(ctx context.Context, body *OAuth2PermissionGrant) (result OAuth2PermissionGrant, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OAuth2PermissionGrantClient.Create") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + req, err := client.CreatePreparer(ctx, body) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "Create", nil, "Failure preparing request") + return + } + + resp, err := client.CreateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "Create", resp, "Failure sending request") + return + } + + result, err = client.CreateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "Create", resp, "Failure responding to request") + } + + return +} + +// CreatePreparer prepares the Create request. +func (client OAuth2PermissionGrantClient) CreatePreparer(ctx context.Context, body *OAuth2PermissionGrant) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "tenantID": autorest.Encode("path", client.TenantID), + } + + const APIVersion = "1.6" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPost(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/{tenantID}/oauth2PermissionGrants", pathParameters), + autorest.WithQueryParameters(queryParameters)) + if body != nil { + preparer = autorest.DecoratePreparer(preparer, + autorest.WithJSON(body)) + } + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateSender sends the Create request. The method will close the +// http.Response Body if it receives an error. +func (client OAuth2PermissionGrantClient) CreateSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// CreateResponder handles the response to the Create request. The method always +// closes the http.Response Body. +func (client OAuth2PermissionGrantClient) CreateResponder(resp *http.Response) (result OAuth2PermissionGrant, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete delete a OAuth2 permission grant for the relevant resource Ids of an app. +// Parameters: +// objectID - the object ID of a permission grant. +func (client OAuth2PermissionGrantClient) Delete(ctx context.Context, objectID string) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OAuth2PermissionGrantClient.Delete") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + req, err := client.DeletePreparer(ctx, objectID) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "Delete", resp, "Failure responding to request") + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client OAuth2PermissionGrantClient) DeletePreparer(ctx context.Context, objectID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "objectId": autorest.Encode("path", objectID), + "tenantID": autorest.Encode("path", client.TenantID), + } + + const APIVersion = "1.6" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/{tenantID}/oauth2PermissionGrants/{objectId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client OAuth2PermissionGrantClient) DeleteSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client OAuth2PermissionGrantClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// List queries OAuth2 permissions grants for the relevant SP ObjectId of an app. +// Parameters: +// filter - this is the Service Principal ObjectId associated with the app +func (client OAuth2PermissionGrantClient) List(ctx context.Context, filter string) (result OAuth2PermissionGrantListResultPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OAuth2PermissionGrantClient.List") + defer func() { + sc := -1 + if result.oa2pglr.Response.Response != nil { + sc = result.oa2pglr.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.fn = func(ctx context.Context, lastResult OAuth2PermissionGrantListResult) (OAuth2PermissionGrantListResult, error) { + if lastResult.OdataNextLink == nil || len(to.String(lastResult.OdataNextLink)) < 1 { + return OAuth2PermissionGrantListResult{}, nil + } + return client.ListNext(ctx, *lastResult.OdataNextLink) + } + req, err := client.ListPreparer(ctx, filter) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.oa2pglr.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "List", resp, "Failure sending request") + return + } + + result.oa2pglr, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "List", resp, "Failure responding to request") + } + + return +} + +// ListPreparer prepares the List request. +func (client OAuth2PermissionGrantClient) ListPreparer(ctx context.Context, filter string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "tenantID": autorest.Encode("path", client.TenantID), + } + + const APIVersion = "1.6" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(filter) > 0 { + queryParameters["$filter"] = autorest.Encode("query", filter) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/{tenantID}/oauth2PermissionGrants", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client OAuth2PermissionGrantClient) ListSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client OAuth2PermissionGrantClient) ListResponder(resp *http.Response) (result OAuth2PermissionGrantListResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client OAuth2PermissionGrantClient) ListComplete(ctx context.Context, filter string) (result OAuth2PermissionGrantListResultIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OAuth2PermissionGrantClient.List") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.List(ctx, filter) + return +} + +// ListNext gets the next page of OAuth2 permission grants +// Parameters: +// nextLink - next link for the list operation. +func (client OAuth2PermissionGrantClient) ListNext(ctx context.Context, nextLink string) (result OAuth2PermissionGrantListResult, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/OAuth2PermissionGrantClient.ListNext") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + req, err := client.ListNextPreparer(ctx, nextLink) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "ListNext", nil, "Failure preparing request") + return + } + + resp, err := client.ListNextSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "ListNext", resp, "Failure sending request") + return + } + + result, err = client.ListNextResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "graphrbac.OAuth2PermissionGrantClient", "ListNext", resp, "Failure responding to request") + } + + return +} + +// ListNextPreparer prepares the ListNext request. +func (client OAuth2PermissionGrantClient) ListNextPreparer(ctx context.Context, nextLink string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "nextLink": nextLink, + "tenantID": autorest.Encode("path", client.TenantID), + } + + const APIVersion = "1.6" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/{tenantID}/{nextLink}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListNextSender sends the ListNext request. The method will close the +// http.Response Body if it receives an error. +func (client OAuth2PermissionGrantClient) ListNextSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// ListNextResponder handles the response to the ListNext request. The method always +// closes the http.Response Body. +func (client OAuth2PermissionGrantClient) ListNextResponder(resp *http.Response) (result OAuth2PermissionGrantListResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/version/version.go b/vendor/github.com/Azure/azure-sdk-for-go/version/version.go index fcc40b733b..2f58cd8cfd 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/version/version.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/version/version.go @@ -18,4 +18,4 @@ package version // Changes may cause incorrect behavior and will be lost if the code is regenerated. // Number contains the semantic version of this SDK. -const Number = "v24.1.0" +const Number = "v29.0.0" diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token.go index 52ca378667..effa87ab2f 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/token.go @@ -796,7 +796,7 @@ func (spt *ServicePrincipalToken) refreshInternal(ctx context.Context, resource if err != nil { return fmt.Errorf("adal: Failed to build the refresh request. Error = '%v'", err) } - req.Header.Add("User-Agent", userAgent()) + req.Header.Add("User-Agent", UserAgent()) req = req.WithContext(ctx) if !isIMDS(spt.inner.OauthConfig.TokenEndpoint) { v := url.Values{} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/version.go b/vendor/github.com/Azure/go-autorest/autorest/adal/version.go index 3944edf051..c867b34843 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/version.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/version.go @@ -30,6 +30,16 @@ var ( ) ) -func userAgent() string { +// UserAgent returns a string containing the Go version, system architecture and OS, and the adal version. +func UserAgent() string { return ua } + +// AddToUserAgent adds an extension to the current user agent +func AddToUserAgent(extension string) error { + if extension != "" { + ua = fmt.Sprintf("%s %s", ua, extension) + return nil + } + return fmt.Errorf("Extension was empty, User Agent remained as '%s'", ua) +} diff --git a/vendor/github.com/Azure/go-autorest/autorest/authorization.go b/vendor/github.com/Azure/go-autorest/autorest/authorization.go index bc474b406a..2e24b4b397 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/authorization.go +++ b/vendor/github.com/Azure/go-autorest/autorest/authorization.go @@ -15,6 +15,7 @@ package autorest // limitations under the License. import ( + "encoding/base64" "fmt" "net/http" "net/url" @@ -31,6 +32,8 @@ const ( apiKeyAuthorizerHeader = "Ocp-Apim-Subscription-Key" bingAPISdkHeader = "X-BingApis-SDK-Client" golangBingAPISdkHeaderValue = "Go-SDK" + authorization = "Authorization" + basic = "Basic" ) // Authorizer is the interface that provides a PrepareDecorator used to supply request @@ -258,3 +261,27 @@ func (egta EventGridKeyAuthorizer) WithAuthorization() PrepareDecorator { } return NewAPIKeyAuthorizerWithHeaders(headers).WithAuthorization() } + +// BasicAuthorizer implements basic HTTP authorization by adding the Authorization HTTP header +// with the value "Basic " where is a base64-encoded username:password tuple. +type BasicAuthorizer struct { + userName string + password string +} + +// NewBasicAuthorizer creates a new BasicAuthorizer with the specified username and password. +func NewBasicAuthorizer(userName, password string) *BasicAuthorizer { + return &BasicAuthorizer{ + userName: userName, + password: password, + } +} + +// WithAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose +// value is "Basic " followed by the base64-encoded username:password tuple. +func (ba *BasicAuthorizer) WithAuthorization() PrepareDecorator { + headers := make(map[string]interface{}) + headers[authorization] = basic + " " + base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", ba.userName, ba.password))) + + return NewAPIKeyAuthorizerWithHeaders(headers).WithAuthorization() +} diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go b/vendor/github.com/Azure/go-autorest/autorest/azure/async.go index 3f6a2c097f..0041eacf75 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go +++ b/vendor/github.com/Azure/go-autorest/autorest/azure/async.go @@ -181,6 +181,10 @@ func (f Future) WaitForCompletion(ctx context.Context, client autorest.Client) e // running operation has completed, the provided context is cancelled, or the client's // polling duration has been exceeded. It will retry failed polling attempts based on // the retry value defined in the client up to the maximum retry attempts. +// If no deadline is specified in the context then the client.PollingDuration will be +// used to determine if a default deadline should be used. +// If PollingDuration is greater than zero the value will be used as the context's timeout. +// If PollingDuration is zero then no default deadline will be used. func (f *Future) WaitForCompletionRef(ctx context.Context, client autorest.Client) (err error) { ctx = tracing.StartSpan(ctx, "github.com/Azure/go-autorest/autorest/azure/async.WaitForCompletionRef") defer func() { @@ -192,7 +196,9 @@ func (f *Future) WaitForCompletionRef(ctx context.Context, client autorest.Clien tracing.EndSpan(ctx, sc, err) }() cancelCtx := ctx - if d := client.PollingDuration; d != 0 { + // if the provided context already has a deadline don't override it + _, hasDeadline := ctx.Deadline() + if d := client.PollingDuration; !hasDeadline && d != 0 { var cancel context.CancelFunc cancelCtx, cancel = context.WithTimeout(ctx, d) defer cancel() @@ -824,8 +830,6 @@ func (pt *pollingTrackerPut) updatePollingMethod() error { pt.URI = lh pt.Pm = PollingLocation } - // when both headers are returned we use the value in the Location header for the final GET - pt.FinalGetURI = lh } // make sure a polling URL was found if pt.URI == "" { diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/token.go b/vendor/github.com/Azure/go-autorest/autorest/azure/cli/token.go index dece9ec631..810075ba61 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/token.go +++ b/vendor/github.com/Azure/go-autorest/autorest/azure/cli/token.go @@ -126,7 +126,7 @@ func GetTokenFromCLI(resource string) (*Token, error) { azureCLIDefaultPathWindows := fmt.Sprintf("%s\\Microsoft SDKs\\Azure\\CLI2\\wbin; %s\\Microsoft SDKs\\Azure\\CLI2\\wbin", os.Getenv("ProgramFiles(x86)"), os.Getenv("ProgramFiles")) // Default path for non-Windows. - const azureCLIDefaultPath = "/usr/bin:/usr/local/bin" + const azureCLIDefaultPath = "/bin:/sbin:/usr/bin:/usr/local/bin" // Validate resource, since it gets sent as a command line argument to Azure CLI const invalidResourceErrorTemplate = "Resource %s is not in expected format. Only alphanumeric characters, [dot], [colon], [hyphen], and [forward slash] are allowed." @@ -144,13 +144,13 @@ func GetTokenFromCLI(resource string) (*Token, error) { cliCmd = exec.Command(fmt.Sprintf("%s\\system32\\cmd.exe", os.Getenv("windir"))) cliCmd.Env = os.Environ() cliCmd.Env = append(cliCmd.Env, fmt.Sprintf("PATH=%s;%s", os.Getenv(azureCLIPath), azureCLIDefaultPathWindows)) - cliCmd.Args = append(cliCmd.Args, "/c") + cliCmd.Args = append(cliCmd.Args, "/c", "az") } else { - cliCmd = exec.Command(os.Getenv("SHELL")) + cliCmd = exec.Command("az") cliCmd.Env = os.Environ() cliCmd.Env = append(cliCmd.Env, fmt.Sprintf("PATH=%s:%s", os.Getenv(azureCLIPath), azureCLIDefaultPath)) } - cliCmd.Args = append(cliCmd.Args, "az", "account", "get-access-token", "-o", "json", "--resource", resource) + cliCmd.Args = append(cliCmd.Args, "account", "get-access-token", "-o", "json", "--resource", resource) var stderr bytes.Buffer cliCmd.Stderr = &stderr diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go b/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go index 7e41f7fd99..85d3202afe 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go +++ b/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go @@ -54,6 +54,7 @@ type Environment struct { ServiceManagementVMDNSSuffix string `json:"serviceManagementVMDNSSuffix"` ResourceManagerVMDNSSuffix string `json:"resourceManagerVMDNSSuffix"` ContainerRegistryDNSSuffix string `json:"containerRegistryDNSSuffix"` + CosmosDBDNSSuffix string `json:"cosmosDBDNSSuffix"` TokenAudience string `json:"tokenAudience"` } @@ -79,6 +80,7 @@ var ( ServiceManagementVMDNSSuffix: "cloudapp.net", ResourceManagerVMDNSSuffix: "cloudapp.azure.com", ContainerRegistryDNSSuffix: "azurecr.io", + CosmosDBDNSSuffix: "documents.azure.com", TokenAudience: "https://management.azure.com/", } @@ -102,7 +104,8 @@ var ( ServiceBusEndpointSuffix: "servicebus.usgovcloudapi.net", ServiceManagementVMDNSSuffix: "usgovcloudapp.net", ResourceManagerVMDNSSuffix: "cloudapp.windowsazure.us", - ContainerRegistryDNSSuffix: "azurecr.io", + ContainerRegistryDNSSuffix: "azurecr.us", + CosmosDBDNSSuffix: "documents.azure.us", TokenAudience: "https://management.usgovcloudapi.net/", } @@ -126,7 +129,8 @@ var ( ServiceBusEndpointSuffix: "servicebus.chinacloudapi.cn", ServiceManagementVMDNSSuffix: "chinacloudapp.cn", ResourceManagerVMDNSSuffix: "cloudapp.azure.cn", - ContainerRegistryDNSSuffix: "azurecr.io", + ContainerRegistryDNSSuffix: "azurecr.cn", + CosmosDBDNSSuffix: "documents.azure.cn", TokenAudience: "https://management.chinacloudapi.cn/", } @@ -150,8 +154,9 @@ var ( ServiceBusEndpointSuffix: "servicebus.cloudapi.de", ServiceManagementVMDNSSuffix: "azurecloudapp.de", ResourceManagerVMDNSSuffix: "cloudapp.microsoftazure.de", - ContainerRegistryDNSSuffix: "azurecr.io", - TokenAudience: "https://management.microsoftazure.de/", + // ContainerRegistryDNSSuffix: "", ACR not present yet in the German Cloud + CosmosDBDNSSuffix: "documents.microsoftazure.de", + TokenAudience: "https://management.microsoftazure.de/", } ) diff --git a/vendor/github.com/Azure/go-autorest/autorest/client.go b/vendor/github.com/Azure/go-autorest/autorest/client.go index 4874e6e82d..3496415b27 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/client.go +++ b/vendor/github.com/Azure/go-autorest/autorest/client.go @@ -16,6 +16,7 @@ package autorest import ( "bytes" + "crypto/tls" "fmt" "io" "io/ioutil" @@ -230,6 +231,11 @@ func (c Client) Do(r *http.Request) (*http.Response, error) { func (c Client) sender() Sender { if c.Sender == nil { j, _ := cookiejar.New(nil) + tracing.Transport.Base = &http.Transport{ + TLSClientConfig: &tls.Config{ + MinVersion: tls.VersionTLS12, + }, + } client := &http.Client{Jar: j, Transport: tracing.Transport} return client } diff --git a/vendor/github.com/Azure/go-autorest/autorest/version.go b/vendor/github.com/Azure/go-autorest/autorest/version.go index 32c4e00cf9..9ecc348708 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/version.go +++ b/vendor/github.com/Azure/go-autorest/autorest/version.go @@ -19,7 +19,7 @@ import ( "runtime" ) -const number = "v11.2.8" +const number = "v11.7.0" var ( userAgent = fmt.Sprintf("Go/%s (%s-%s) go-autorest/%s", diff --git a/vendor/github.com/google/uuid/README.md b/vendor/github.com/google/uuid/README.md index 21205eaeb5..9d92c11f16 100644 --- a/vendor/github.com/google/uuid/README.md +++ b/vendor/github.com/google/uuid/README.md @@ -1,7 +1,3 @@ -**This package is currently in development and the API may not be stable.** - -The API will become stable with v1. - # uuid ![build status](https://travis-ci.org/google/uuid.svg?branch=master) The uuid package generates and inspects UUIDs based on [RFC 4122](http://tools.ietf.org/html/rfc4122) diff --git a/vendor/github.com/google/uuid/go.mod b/vendor/github.com/google/uuid/go.mod new file mode 100644 index 0000000000..fc84cd79d4 --- /dev/null +++ b/vendor/github.com/google/uuid/go.mod @@ -0,0 +1 @@ +module github.com/google/uuid diff --git a/vendor/github.com/google/uuid/hash.go b/vendor/github.com/google/uuid/hash.go index 4fc5a77df5..b174616315 100644 --- a/vendor/github.com/google/uuid/hash.go +++ b/vendor/github.com/google/uuid/hash.go @@ -27,7 +27,7 @@ var ( func NewHash(h hash.Hash, space UUID, data []byte, version int) UUID { h.Reset() h.Write(space[:]) - h.Write([]byte(data)) + h.Write(data) s := h.Sum(nil) var uuid UUID copy(uuid[:], s) diff --git a/vendor/github.com/google/uuid/marshal.go b/vendor/github.com/google/uuid/marshal.go index 84bbc5880b..7f9e0c6c0e 100644 --- a/vendor/github.com/google/uuid/marshal.go +++ b/vendor/github.com/google/uuid/marshal.go @@ -15,8 +15,6 @@ func (uuid UUID) MarshalText() ([]byte, error) { // UnmarshalText implements encoding.TextUnmarshaler. func (uuid *UUID) UnmarshalText(data []byte) error { - // See comment in ParseBytes why we do this. - // id, err := ParseBytes(data) id, err := ParseBytes(data) if err == nil { *uuid = id diff --git a/vendor/github.com/google/uuid/node.go b/vendor/github.com/google/uuid/node.go index 5f0156a2e6..d651a2b061 100644 --- a/vendor/github.com/google/uuid/node.go +++ b/vendor/github.com/google/uuid/node.go @@ -5,16 +5,14 @@ package uuid import ( - "net" "sync" ) var ( - nodeMu sync.Mutex - interfaces []net.Interface // cached list of interfaces - ifname string // name of interface being used - nodeID [6]byte // hardware for version 1 UUIDs - zeroID [6]byte // nodeID with only 0's + nodeMu sync.Mutex + ifname string // name of interface being used + nodeID [6]byte // hardware for version 1 UUIDs + zeroID [6]byte // nodeID with only 0's ) // NodeInterface returns the name of the interface from which the NodeID was @@ -39,26 +37,18 @@ func SetNodeInterface(name string) bool { } func setNodeInterface(name string) bool { - if interfaces == nil { - var err error - interfaces, err = net.Interfaces() - if err != nil && name != "" { - return false - } - } - - for _, ifs := range interfaces { - if len(ifs.HardwareAddr) >= 6 && (name == "" || name == ifs.Name) { - copy(nodeID[:], ifs.HardwareAddr) - ifname = ifs.Name - return true - } + iname, addr := getHardwareInterface(name) // null implementation for js + if iname != "" && addr != nil { + ifname = iname + copy(nodeID[:], addr) + return true } // We found no interfaces with a valid hardware address. If name // does not specify a specific interface generate a random Node ID // (section 4.1.6) if name == "" { + ifname = "random" randomBits(nodeID[:]) return true } @@ -94,9 +84,6 @@ func SetNodeID(id []byte) bool { // NodeID returns the 6 byte node id encoded in uuid. It returns nil if uuid is // not valid. The NodeID is only well defined for version 1 and 2 UUIDs. func (uuid UUID) NodeID() []byte { - if len(uuid) != 16 { - return nil - } var node [6]byte copy(node[:], uuid[10:]) return node[:] diff --git a/vendor/github.com/google/uuid/node_js.go b/vendor/github.com/google/uuid/node_js.go new file mode 100644 index 0000000000..24b78edc90 --- /dev/null +++ b/vendor/github.com/google/uuid/node_js.go @@ -0,0 +1,12 @@ +// Copyright 2017 Google Inc. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build js + +package uuid + +// getHardwareInterface returns nil values for the JS version of the code. +// This remvoves the "net" dependency, because it is not used in the browser. +// Using the "net" library inflates the size of the transpiled JS code by 673k bytes. +func getHardwareInterface(name string) (string, []byte) { return "", nil } diff --git a/vendor/github.com/google/uuid/node_net.go b/vendor/github.com/google/uuid/node_net.go new file mode 100644 index 0000000000..0cbbcddbd6 --- /dev/null +++ b/vendor/github.com/google/uuid/node_net.go @@ -0,0 +1,33 @@ +// Copyright 2017 Google Inc. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build !js + +package uuid + +import "net" + +var interfaces []net.Interface // cached list of interfaces + +// getHardwareInterface returns the name and hardware address of interface name. +// If name is "" then the name and hardware address of one of the system's +// interfaces is returned. If no interfaces are found (name does not exist or +// there are no interfaces) then "", nil is returned. +// +// Only addresses of at least 6 bytes are returned. +func getHardwareInterface(name string) (string, []byte) { + if interfaces == nil { + var err error + interfaces, err = net.Interfaces() + if err != nil { + return "", nil + } + } + for _, ifs := range interfaces { + if len(ifs.HardwareAddr) >= 6 && (name == "" || name == ifs.Name) { + return ifs.Name, ifs.HardwareAddr + } + } + return "", nil +} diff --git a/vendor/github.com/google/uuid/time.go b/vendor/github.com/google/uuid/time.go index fd7fe0ac46..e6ef06cdc8 100644 --- a/vendor/github.com/google/uuid/time.go +++ b/vendor/github.com/google/uuid/time.go @@ -86,7 +86,7 @@ func clockSequence() int { return int(clockSeq & 0x3fff) } -// SetClockSeq sets the clock sequence to the lower 14 bits of seq. Setting to +// SetClockSequence sets the clock sequence to the lower 14 bits of seq. Setting to // -1 causes a new sequence to be generated. func SetClockSequence(seq int) { defer timeMu.Unlock() @@ -100,9 +100,9 @@ func setClockSequence(seq int) { randomBits(b[:]) // clock sequence seq = int(b[0])<<8 | int(b[1]) } - old_seq := clockSeq + oldSeq := clockSeq clockSeq = uint16(seq&0x3fff) | 0x8000 // Set our variant - if old_seq != clockSeq { + if oldSeq != clockSeq { lasttime = 0 } } diff --git a/vendor/github.com/google/uuid/uuid.go b/vendor/github.com/google/uuid/uuid.go index 23161a86c0..524404cc52 100644 --- a/vendor/github.com/google/uuid/uuid.go +++ b/vendor/github.com/google/uuid/uuid.go @@ -1,4 +1,4 @@ -// Copyright 2016 Google Inc. All rights reserved. +// Copyright 2018 Google Inc. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. @@ -35,20 +35,43 @@ const ( var rander = rand.Reader // random function -// Parse decodes s into a UUID or returns an error. Both the UUID form of -// xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx and -// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx are decoded. +// Parse decodes s into a UUID or returns an error. Both the standard UUID +// forms of xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx and +// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx are decoded as well as the +// Microsoft encoding {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} and the raw hex +// encoding: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. func Parse(s string) (UUID, error) { var uuid UUID - if len(s) != 36 { - if len(s) != 36+9 { - return uuid, fmt.Errorf("invalid UUID length: %d", len(s)) - } + switch len(s) { + // xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + case 36: + + // urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + case 36 + 9: if strings.ToLower(s[:9]) != "urn:uuid:" { return uuid, fmt.Errorf("invalid urn prefix: %q", s[:9]) } s = s[9:] + + // {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} + case 36 + 2: + s = s[1:] + + // xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + case 32: + var ok bool + for i := range uuid { + uuid[i], ok = xtob(s[i*2], s[i*2+1]) + if !ok { + return uuid, errors.New("invalid UUID format") + } + } + return uuid, nil + default: + return uuid, fmt.Errorf("invalid UUID length: %d", len(s)) } + // s is now at least 36 bytes long + // it must be of the form xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx if s[8] != '-' || s[13] != '-' || s[18] != '-' || s[23] != '-' { return uuid, errors.New("invalid UUID format") } @@ -58,11 +81,11 @@ func Parse(s string) (UUID, error) { 14, 16, 19, 21, 24, 26, 28, 30, 32, 34} { - if v, ok := xtob(s[x], s[x+1]); !ok { + v, ok := xtob(s[x], s[x+1]) + if !ok { return uuid, errors.New("invalid UUID format") - } else { - uuid[i] = v } + uuid[i] = v } return uuid, nil } @@ -70,15 +93,29 @@ func Parse(s string) (UUID, error) { // ParseBytes is like Parse, except it parses a byte slice instead of a string. func ParseBytes(b []byte) (UUID, error) { var uuid UUID - if len(b) != 36 { - if len(b) != 36+9 { - return uuid, fmt.Errorf("invalid UUID length: %d", len(b)) - } + switch len(b) { + case 36: // xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + case 36 + 9: // urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx if !bytes.Equal(bytes.ToLower(b[:9]), []byte("urn:uuid:")) { return uuid, fmt.Errorf("invalid urn prefix: %q", b[:9]) } b = b[9:] + case 36 + 2: // {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} + b = b[1:] + case 32: // xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx + var ok bool + for i := 0; i < 32; i += 2 { + uuid[i/2], ok = xtob(b[i], b[i+1]) + if !ok { + return uuid, errors.New("invalid UUID format") + } + } + return uuid, nil + default: + return uuid, fmt.Errorf("invalid UUID length: %d", len(b)) } + // s is now at least 36 bytes long + // it must be of the form xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx if b[8] != '-' || b[13] != '-' || b[18] != '-' || b[23] != '-' { return uuid, errors.New("invalid UUID format") } @@ -88,15 +125,32 @@ func ParseBytes(b []byte) (UUID, error) { 14, 16, 19, 21, 24, 26, 28, 30, 32, 34} { - if v, ok := xtob(b[x], b[x+1]); !ok { + v, ok := xtob(b[x], b[x+1]) + if !ok { return uuid, errors.New("invalid UUID format") - } else { - uuid[i] = v } + uuid[i] = v } return uuid, nil } +// MustParse is like Parse but panics if the string cannot be parsed. +// It simplifies safe initialization of global variables holding compiled UUIDs. +func MustParse(s string) UUID { + uuid, err := Parse(s) + if err != nil { + panic(`uuid: Parse(` + s + `): ` + err.Error()) + } + return uuid +} + +// FromBytes creates a new UUID from a byte slice. Returns an error if the slice +// does not have a length of 16. The bytes are copied from the slice. +func FromBytes(b []byte) (uuid UUID, err error) { + err = uuid.UnmarshalBinary(b) + return uuid, err +} + // Must returns uuid if err is nil and panics otherwise. func Must(uuid UUID, err error) UUID { if err != nil { @@ -123,7 +177,7 @@ func (uuid UUID) URN() string { } func encodeHex(dst []byte, uuid UUID) { - hex.Encode(dst[:], uuid[:4]) + hex.Encode(dst, uuid[:4]) dst[8] = '-' hex.Encode(dst[9:13], uuid[4:6]) dst[13] = '-' diff --git a/vendor/github.com/google/uuid/version4.go b/vendor/github.com/google/uuid/version4.go index 74c4e6c9f5..84af91c9f5 100644 --- a/vendor/github.com/google/uuid/version4.go +++ b/vendor/github.com/google/uuid/version4.go @@ -14,7 +14,7 @@ func New() UUID { return Must(NewRandom()) } -// NewRandom returns a Random (Version 4) UUID or panics. +// NewRandom returns a Random (Version 4) UUID. // // The strength of the UUIDs is based on the strength of the crypto/rand // package. diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method.go index d599b2eeec..cbc73d562e 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method.go @@ -10,7 +10,7 @@ type authMethod interface { isApplicable(b Builder) bool - getAuthorizationToken(oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) + getAuthorizationToken(sender autorest.Sender, oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) name() string diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_token.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_token.go index 8f0927527a..6f854d5ea0 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_token.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_azure_cli_token.go @@ -55,7 +55,7 @@ func (a azureCliTokenAuth) isApplicable(b Builder) bool { return b.SupportsAzureCliToken } -func (a azureCliTokenAuth) getAuthorizationToken(oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { +func (a azureCliTokenAuth) getAuthorizationToken(sender autorest.Sender, oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { // the Azure CLI appears to cache these, so to maintain compatibility with the interface this method is intentionally not on the pointer token, err := obtainAuthorizationToken(endpoint, a.profile.subscriptionId) if err != nil { diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_client_cert.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_client_cert.go index 00a0d27944..f6dd9b77e6 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_client_cert.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_client_cert.go @@ -41,7 +41,7 @@ func (a servicePrincipalClientCertificateAuth) name() string { return "Service Principal / Client Certificate" } -func (a servicePrincipalClientCertificateAuth) getAuthorizationToken(oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { +func (a servicePrincipalClientCertificateAuth) getAuthorizationToken(sender autorest.Sender, oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { certificateData, err := ioutil.ReadFile(a.clientCertPath) if err != nil { return nil, fmt.Errorf("Error reading Client Certificate %q: %v", a.clientCertPath, err) @@ -58,6 +58,8 @@ func (a servicePrincipalClientCertificateAuth) getAuthorizationToken(oauthConfig return nil, err } + spt.SetSender(sender) + err = spt.Refresh() if err != nil { return nil, err diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_client_secret.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_client_secret.go index 4e41d5a935..f31bc20e8d 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_client_secret.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_client_secret.go @@ -33,11 +33,12 @@ func (a servicePrincipalClientSecretAuth) name() string { return "Service Principal / Client Secret" } -func (a servicePrincipalClientSecretAuth) getAuthorizationToken(oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { +func (a servicePrincipalClientSecretAuth) getAuthorizationToken(sender autorest.Sender, oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { spt, err := adal.NewServicePrincipalToken(*oauthConfig, a.clientId, a.clientSecret, endpoint) if err != nil { return nil, err } + spt.SetSender(sender) auth := autorest.NewBearerAuthorizer(spt) return auth, nil diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_msi.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_msi.go index 9b0de8f5d4..883df2607b 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_msi.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/auth_method_msi.go @@ -39,11 +39,14 @@ func (a managedServiceIdentityAuth) name() string { return "Managed Service Identity" } -func (a managedServiceIdentityAuth) getAuthorizationToken(oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { +func (a managedServiceIdentityAuth) getAuthorizationToken(sender autorest.Sender, oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { spt, err := adal.NewServicePrincipalTokenFromMSI(a.endpoint, endpoint) if err != nil { return nil, err } + + spt.SetSender(sender) + auth := autorest.NewBearerAuthorizer(spt) return auth, nil } diff --git a/vendor/github.com/hashicorp/go-azure-helpers/authentication/config.go b/vendor/github.com/hashicorp/go-azure-helpers/authentication/config.go index c3068152f8..90b78fce02 100644 --- a/vendor/github.com/hashicorp/go-azure-helpers/authentication/config.go +++ b/vendor/github.com/hashicorp/go-azure-helpers/authentication/config.go @@ -22,8 +22,8 @@ type Config struct { } // GetAuthorizationToken returns an authorization token for the authentication method defined in the Config -func (c Config) GetAuthorizationToken(oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { - return c.authMethod.getAuthorizationToken(oauthConfig, endpoint) +func (c Config) GetAuthorizationToken(sender autorest.Sender, oauthConfig *adal.OAuthConfig, endpoint string) (*autorest.BearerAuthorizer, error) { + return c.authMethod.getAuthorizationToken(sender, oauthConfig, endpoint) } func (c Config) validate() (*Config, error) { diff --git a/vendor/modules.txt b/vendor/modules.txt index 27b6c0d0b4..faa8d00953 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -8,10 +8,10 @@ cloud.google.com/go/internal/version cloud.google.com/go/compute/metadata # contrib.go.opencensus.io/exporter/ocagent v0.4.2 contrib.go.opencensus.io/exporter/ocagent -# github.com/Azure/azure-sdk-for-go v24.1.0+incompatible +# github.com/Azure/azure-sdk-for-go v29.0.0+incompatible github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac github.com/Azure/azure-sdk-for-go/version -# github.com/Azure/go-autorest v11.2.8+incompatible +# github.com/Azure/go-autorest v11.7.0+incompatible github.com/Azure/go-autorest/autorest github.com/Azure/go-autorest/autorest/adal github.com/Azure/go-autorest/autorest/azure @@ -100,7 +100,7 @@ github.com/google/go-cmp/cmp github.com/google/go-cmp/cmp/internal/diff github.com/google/go-cmp/cmp/internal/function github.com/google/go-cmp/cmp/internal/value -# github.com/google/uuid v0.0.0-20170814143639-7e072fc3a7be +# github.com/google/uuid v1.1.1 github.com/google/uuid # github.com/googleapis/gax-go/v2 v2.0.3 github.com/googleapis/gax-go/v2 @@ -110,7 +110,7 @@ github.com/grpc-ecosystem/grpc-gateway/utilities github.com/grpc-ecosystem/grpc-gateway/runtime/internal # github.com/hashicorp/errwrap v1.0.0 github.com/hashicorp/errwrap -# github.com/hashicorp/go-azure-helpers v0.0.0-20190129193224-166dfd221bb2 +# github.com/hashicorp/go-azure-helpers v0.4.1 github.com/hashicorp/go-azure-helpers/authentication github.com/hashicorp/go-azure-helpers/response github.com/hashicorp/go-azure-helpers/sender