Feature #2863: Added support for setting the Azure AD app logo if specified

CHANGELOG.md

@@ -50,6 +50,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 - Added `-OpenDocumentsMode` option to `Set-PnPList` which allows configuring if documents should be opened in the browser or in the local client [#2873](https://github.com/pnp/powershell/pull/2873)
 - Added `-Properties` parameter to `Get-PnPUserProfileProperty` cmdlet which allows retrieval of specific properties if specified. [#2840](https://github.com/pnp/powershell/pull/2840)
 - Added support for specifying the `-ContentUrl` configuration in `Add-PnPTeamsTab` cmdlet when trying to add a Planner as a tab in Teams channel. [#2850](https://github.com/pnp/powershell/pull/2850)
+- Added `-LogoFilePath` parameter to `Register-PnPAzureADApp` cmdlet to allow setting the logo for the Azure AD app. [#2881](https://github.com/pnp/powershell/pull/2881)
 - Added support for `-Verbose` in `Move-PnPFile` which will show if it has problems determining if the destination location is a folder or a file [#2888](https://github.com/pnp/powershell/pull/2888)
 
 ### Changed

documentation/Register-PnPAzureADApp.md

@@ -36,6 +36,7 @@ Register-PnPAzureADApp -ApplicationName <String>
                                        [-ValidYears <Int>]
                                        [-CertificatePassword <SecureString>]
                                        [-NoPopup]
+                                       [-LogoFilePath <string>]
 ```
 
 ### Existing Certificate
@@ -53,6 +54,7 @@ Register-PnPAzureADApp  -CertificatePath <String>
                         [-SharePointDelegatePermissions <Permission[]>]
                         [-CertificatePassword <SecureString>]
                         [-NoPopup]
+                        [-LogoFilePath <string>]
 ```
 
 ## DESCRIPTION
@@ -104,6 +106,13 @@ Register-PnPAzureADApp -Interactive -ApplicationName TestApp -Tenant yourtenant.
 
 Creates a new Azure AD Application registration and asks you to authenticate using username and password, creates a new self signed certificate, and adds it to the local certificate store. It will upload the certificate to the azure app registration and it will request the following permissions: Sites.FullControl.All, Group.ReadWrite.All, User.Read.All
 
+### ------------------EXAMPLE 7------------------
+```powershell
+Register-PnPAzureADApp -ApplicationName TestApp -Tenant yourtenant.onmicrosoft.com -CertificatePath c:\certificate.pfx -CertificatePassword (ConvertTo-SecureString -String "password" -AsPlainText -Force) -Username "yourname@domain.com" -Password (Read-Host -AsSecureString -Prompt "Enter password") -LogoFilePath c:\logo.png
+```
+
+Creates a new Azure AD Application registration which will use the existing private key certificate at the provided path to allow access. It will upload the provided private key certificate to the azure app registration and it will request the following permissions: Sites.FullControl.All, Group.ReadWrite.All, User.Read.All. It will also set the `logo.png` file as the logo for the Azure AD app.
+
 ## PARAMETERS
 
 ### -Username
@@ -360,6 +369,19 @@ Position: Named
 Accept pipeline input: False
 ```
 
+### -LogoFilePath
+
+Sets the logo for the Azure AD application. Provide a full path to a local image file on your disk which you want to use as the logo
+
+```yaml
+Type: String
+Parameter Sets: (All)
+
+Required: False
+Position: Named
+Accept pipeline input: False
+```
+
 ## RELATED LINKS
 
 [Microsoft 365 Patterns and Practices](https://aka.ms/m365pnp)

src/Commands/AzureAD/RegisterAzureADApp.cs

@@ -85,6 +85,9 @@ public class RegisterAzureADApp : BasePSCmdlet, IDynamicParameters
         [Parameter(Mandatory = false)]
         public SwitchParameter Interactive;
 
+        [Parameter(Mandatory = false)]
+        public string LogoFilePath;
+
         protected override void ProcessRecord()
         {
             if (ParameterSpecified(nameof(Store)) && !OperatingSystem.IsWindows())
@@ -202,6 +205,11 @@ protected override void ProcessRecord()
                     var base64String = Convert.ToBase64String(certPfxData);
                     record.Properties.Add(new PSVariableProperty(new PSVariable("Base64Encoded", base64String)));
                     StartConsentFlow(loginEndPoint, azureApp, redirectUri, token, httpClient, record, messageWriter, scopes);
+
+                    if (ParameterSpecified(nameof(LogoFilePath)) && !string.IsNullOrEmpty(LogoFilePath))
+                    {
+                        SetLogo(azureApp, token);
+                    }
                 }
                 else
                 {
@@ -482,7 +490,7 @@ private X509Certificate2 GetCertificate(PSObject record)
                 }
                 DateTime validFrom = DateTime.Today;
                 DateTime validTo = validFrom.AddYears(ValidYears);
-                cert = CertificateHelper.CreateSelfSignedCertificate(CommonName, Country, State, Locality, Organization, OrganizationUnit, CertificatePassword, CommonName, validFrom, validTo);                
+                cert = CertificateHelper.CreateSelfSignedCertificate(CommonName, Country, State, Locality, Organization, OrganizationUnit, CertificatePassword, CommonName, validFrom, validTo);
 
                 if (Directory.Exists(OutPath))
                 {
@@ -637,5 +645,68 @@ private void StartConsentFlow(string loginEndPoint, AzureADApp azureApp, string
                 WriteObject(record);
             }
         }
+
+        private void SetLogo(AzureADApp azureApp, string token)
+        {
+            if (!Path.IsPathRooted(LogoFilePath))
+            {
+                LogoFilePath = Path.Combine(SessionState.Path.CurrentFileSystemLocation.Path, LogoFilePath);
+            }
+            if (File.Exists(LogoFilePath))
+            {
+                try
+                {
+                    WriteVerbose("Setting the logo for the Azure AD app");
+
+                    var endpoint = $"https://{AuthenticationManager.GetGraphEndPoint(AzureEnvironment)}/v1.0/applications/{azureApp.Id}/logo";
+
+                    var bytes = File.ReadAllBytes(LogoFilePath);
+
+                    var fileInfo = new FileInfo(LogoFilePath);
+
+                    var mediaType = string.Empty;
+                    switch (fileInfo.Extension.ToLower())
+                    {
+                        case ".jpg":
+                        case ".jpeg":
+                            {
+                                mediaType = "image/jpeg";
+                                break;
+                            }
+                        case ".gif":
+                            {
+                                mediaType = "image/gif";
+                                break;
+                            }
+                        case ".png":
+                            {
+                                mediaType = "image/png";
+                                break;
+                            }
+                    }
+
+                    if (!string.IsNullOrEmpty(mediaType))
+                    {
+                        var byteArrayContent = new ByteArrayContent(bytes);
+                        byteArrayContent.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue(mediaType);
+                        GraphHelper.PutAsync(PnPConnection.Current, endpoint, token, byteArrayContent).GetAwaiter().GetResult();
+
+                        WriteVerbose("Successfully set the logo for the Azure AD app");
+                    }
+                    else
+                    {
+                        throw new Exception("Unrecognized image format. Supported formats are .png, .jpg, .jpeg and .gif");
+                    }
+                }
+                catch (Exception ex)
+                {
+                    WriteWarning("Something went wrong setting the logo " + ex.Message);
+                }
+            }
+            else
+            {
+                WriteWarning("Logo File does not exist, ignoring setting the logo");
+            }
+        }
     }
 }