Skip to content

Commit

Permalink
Add IsB2C field to app registrations, add Downstream API condition fo…
Browse files Browse the repository at this point in the history
…r adding permissions
  • Loading branch information
zahalzel committed Aug 6, 2022
1 parent a2cd3c7 commit 9b1a0d0
Show file tree
Hide file tree
Showing 2 changed files with 44 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ public class MicrosoftIdentityPlatformApplicationManager
.AddAsync(servicePrincipal).ConfigureAwait(false);

// B2C does not allow user consent, and therefore we need to explicity grant permissions
if (applicationParameters.IsB2C)
if (applicationParameters.IsB2C && applicationParameters.CallsDownstreamApi) // TODO need to have admin permissions for the downstream API
{
IEnumerable<IGrouping<string, ResourceAndScope>>? scopesPerResource = await AddApiPermissions(
applicationParameters,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,15 @@ internal async Task<string> PrintApplicationsList()

if (applicationList.Any())
{
Organization? tenant = await GetTenant(GraphServiceClient);
if (tenant != null && tenant.TenantType.Equals("AAD B2C", StringComparison.OrdinalIgnoreCase))
{
foreach (Application app in applicationList)
{
app.AdditionalData.Add("IsB2C", true);
}
}

//order list by created date.
applicationList = applicationList.OrderByDescending(app => app.CreatedDateTime).ToList();

Expand All @@ -150,6 +159,40 @@ internal async Task<string> PrintApplicationsList()
return outputJsonString;
}

private static async Task<Organization?> GetTenant(GraphServiceClient graphServiceClient)
{
Organization? tenant = null;
try
{
tenant = (await graphServiceClient.Organization
.Request()
.GetAsync()).FirstOrDefault();
}
catch (ServiceException ex)
{
if (ex.InnerException != null)
{
Console.WriteLine(ex.InnerException.Message);
}
else
{
if (ex.Message.Contains("User was not found") || ex.Message.Contains("not found in tenant"))
{
Console.WriteLine("User was not found.\nUse both --tenant-id <tenant> --username <username@tenant>.\nAnd re-run the tool.");
}
else
{
Console.WriteLine(ex.Message);
}
}

Environment.Exit(1);
}

return tenant;
}


internal async Task<string> PrintServicePrincipalList()
{
string outputJsonString = string.Empty;
Expand Down

0 comments on commit 9b1a0d0

Please sign in to comment.