multiple radius initial commit

Author: henry416

src/Network/Network.Test/ScenarioTests/VirtualNetworkGatewayTests.cs

@@ -108,6 +108,14 @@ public void VirtualNetworkGatewayOpenVPNAADAuthTest()
             TestRunner.RunTestScript("Test-VirtualNetworkGatewayOpenVPNAADAuth");
         }
 
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        [Trait(Category.Owner, NrpTeamAlias.brooklynft_subset3)]
+        public void VirtualNetworkGatewayRadiusTest()
+        {
+            TestRunner.RunTestScript("Test-VirtualNetworkGatewayRadius");
+        }
+
         [Fact]
         [Trait(Category.AcceptanceType, Category.CheckIn)]
         [Trait(Category.Owner, NrpTeamAlias.brooklynft_subset3)]

src/Network/Network.Test/ScenarioTests/VirtualNetworkGatewayTests.ps1

@@ -648,6 +648,83 @@ function Test-VirtualNetworkGatewayIkeV2
     }
 }
 
+<#
+.SYNOPSIS
+Virtual network gateway P2S radius API test
+#>
+function Test-VirtualNetworkGatewayRadius
+{
+    # Setup
+    $rgname = Get-ResourceGroupName
+    $rname = Get-ResourceName
+    $domainNameLabel = Get-ResourceName
+    $vnetName = Get-ResourceName
+    $publicIpName = Get-ResourceName
+    $vnetGatewayConfigName = Get-ResourceName
+    $rglocation = Get-ProviderLocation ResourceManagement
+    $resourceTypeParent = "Microsoft.Network/virtualNetworkGateways"
+    $location = Get-ProviderLocation $resourceTypeParent
+
+	try 
+	{
+        # Create the multiple radius servers settings
+        $radiuspd = ConvertTo-SecureString -String "radiuspd" -AsPlainText -Force
+        $radiusServer1 = New-AzRadiusServer -RadiusServerAddress 10.1.0.1 -RadiusServerSecret $radiuspd -RadiusServerScore 30
+        $radiusServer2 = New-AzRadiusServer -RadiusServerAddress 10.1.0.2 -RadiusServerSecret $radiuspd -RadiusServerScore 1
+        $radiusServer3 = New-AzRadiusServer -RadiusServerAddress 10.1.0.3 -RadiusServerSecret $radiuspd -RadiusServerScore 15
+        $radiusServers = @( $radiusServer1, $radiusServer2 )
+
+		# Create the resource group
+		$resourceGroup = New-AzResourceGroup -Name $rgname -Location $rglocation -Tags @{ testtag = "testval" }
+	
+		# Create the Virtual Network
+		$subnet = New-AzVirtualNetworkSubnetConfig -Name "GatewaySubnet" -AddressPrefix 10.0.0.0/24
+		$vnet = New-AzVirtualNetwork -Name $vnetName -ResourceGroupName $rgname -Location $location -AddressPrefix 10.0.0.0/16 -Subnet $subnet
+		$vnet = Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $rgname      
+		$subnet = Get-AzVirtualNetworkSubnetConfig -Name "GatewaySubnet" -VirtualNetwork $vnet
+
+		# Create the IP config
+		$publicip = New-AzPublicIpAddress -ResourceGroupName $rgname -name $publicIpName -location $location -AllocationMethod Dynamic -DomainNameLabel $domainNameLabel
+		$vnetIpConfig = New-AzVirtualNetworkGatewayIpConfig -Name $vnetGatewayConfigName -PublicIpAddress $publicip -Subnet $subnet
+
+		# Create & Get virtualnetworkgateway
+		New-AzVirtualNetworkGateway -ResourceGroupName $rgname -name $rname -location $location -IpConfigurations $vnetIpConfig -GatewayType Vpn -VpnType RouteBased -EnableBgp $false -GatewaySku VpnGw1 -VpnClientAddressPool 201.169.0.0/16 -VpnClientProtocol "IkeV2" -RadiusServers $radiusServers
+		$actual = Get-AzVirtualNetworkGateway -ResourceGroupName $rgname -name $rname
+        Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers.Count 2 
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[0].RadiusServerAddress $radiusServer1.RadiusServerAddress
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[0].RadiusServerSecret $radiusServer1.RadiusServerSecret
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[0].RadiusServerScore $radiusServer1.RadiusServerScore
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[1].RadiusServerAddress $radiusServer2.RadiusServerAddress
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[1].RadiusServerSecret $radiusServer2.RadiusServerSecret
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[1].RadiusServerScore $radiusServer2.RadiusServerScore
+
+		# Update gateway radius settings
+        $radiusServers = @($radiusServer3, $radiusServer1)
+		Set-AzVirtualNetworkGateway -VirtualNetworkGateway $actual -VpnClientAddressPool 201.169.0.0/16 -VpnClientProtocol "IkeV2" -RadiusServers $radiusServers
+		$actual = Get-AzVirtualNetworkGateway -ResourceGroupName $rgname -name $rname
+        Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers.Count 2 
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[0].RadiusServerAddress $radiusServer3.RadiusServerAddress
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[0].RadiusServerSecret $radiusServer3.RadiusServerSecret
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[0].RadiusServerScore $radiusServer3.RadiusServerScore
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[1].RadiusServerAddress $radiusServer1.RadiusServerAddress
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[1].RadiusServerSecret $radiusServer1.RadiusServerSecret
+		Assert-AreEqual $actual.VpnClientConfiguration.RadiusServers[1].RadiusServerScore $radiusServer1.RadiusServerScore
+		 
+		# Update gateway to singular radius
+        Set-AzVirtualNetworkGateway -VirtualNetworkGateway $actual -VpnClientAddressPool 201.169.0.0/16 -VpnClientProtocol "IkeV2" -RadiusServerAddress 10.1.0.2 -RadiusServerSecret $radiuspd
+        $actual = Get-AzVirtualNetworkGateway -ResourceGroupName $rgname -name $rname
+        Assert-Null  $actual.VpnClientConfiguration.RadiusServers
+        Assert-AreEqual $actual.VpnClientConfiguration.RadiusServerAddress 10.1.0.2
+        Assert-AreEqual $actual.VpnClientConfiguration.RadiusServerSecret "radiuspd"
+	}
+	finally
+    {
+		# Cleanup
+        Clean-ResourceGroup $rgname
+    }
+}
+
+
 <#
 .SYNOPSIS
 Virtual network gateway P2S OpenVPN API test

src/Network/Network.Test/SessionRecords/Commands.Network.Test.ScenarioTests.VirtualNetworkGatewayTests/VirtualNetworkGatewayRadiusTest.json

@@ -48,6 +48,7 @@ public partial class PSVpnClientConfiguration
         public List<PSVpnClientRootCertificate> VpnClientRootCertificates { get; set; }
         public List<PSVpnClientRevokedCertificate> VpnClientRevokedCertificates { get; set; }
         public List<PSIpsecPolicy> VpnClientIpsecPolicies { get; set; }
+        public List<PSRadiusServer> RadiusServers { get; set; }
 
         [JsonIgnore]
         public string VpnClientProtocolsText
@@ -78,5 +79,11 @@ public string VpnClientIpsecPoliciesText
         {
             get { return JsonConvert.SerializeObject(VpnClientIpsecPolicies, Formatting.Indented, new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore }); }
         }
+
+        [JsonIgnore]
+        public string RadiusServersText
+        {
+            get { return JsonConvert.SerializeObject(RadiusServers, Formatting.Indented, new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore }); }
+        }
     }
 }

src/Network/Network/Generated/Models/PSVpnClientConfiguration.cs

@@ -0,0 +1,38 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.WindowsAzure.Commands.Common.Attributes;
+
+namespace Microsoft.Azure.Commands.Network.Models
+{
+    public class PSRadiusServer
+    {
+        /// <summary>
+        /// Radius server address
+        /// </summary>
+        [Ps1Xml(Target = ViewControl.Table)]
+        public string RadiusServerAddress { get; set; }
+
+        /// <summary>
+        /// Radius server secret
+        /// </summary>
+        public string RadiusServerSecret { get; set; }
+
+        /// <summary>
+        /// Radius server score
+        /// </summary>
+        [Ps1Xml(Target = ViewControl.Table)]
+        public int RadiusServerScore { get; set; }
+    }
+}

src/Network/Network/Models/PSRadiusServer.cs

@@ -0,0 +1,59 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.Network.Models;
+using Microsoft.WindowsAzure.Commands.Common;
+using System;
+using System.Management.Automation;
+using System.Security;
+using MNM = Microsoft.Azure.Management.Network.Models;
+
+namespace Microsoft.Azure.Commands.Network
+{
+    [Cmdlet("New", ResourceManager.Common.AzureRMConstants.AzureRMPrefix + "RadiusServer"), OutputType(typeof(PSRadiusServer))]
+    public class NewAzRadiusServerCommand : NetworkBaseCmdlet
+    {
+        [Parameter(
+            Mandatory = true,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "External radius server address")]
+        public string RadiusServerAddress { get; set; }
+
+        [Parameter(
+            Mandatory = true,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "External radius server secret")]
+        public SecureString RadiusServerSecret { get; set; }
+
+        [Parameter(
+            Mandatory = false,
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "External radius server score")]
+        public int RadiusServerScore { get; set; }
+
+        public override void Execute()
+        {
+            base.Execute();
+            var radiusServer = new PSRadiusServer();
+
+            radiusServer.RadiusServerAddress = this.RadiusServerAddress;
+            radiusServer.RadiusServerSecret = SecureStringExtensions.ConvertToString(this.RadiusServerSecret);
+
+            // default score value
+            radiusServer.RadiusServerScore = (!this.MyInvocation.BoundParameters.ContainsKey("RadiusServerScore")) ? 30 : this.RadiusServerScore;
+
+            WriteObject(radiusServer);
+        }
+    }
+}

src/Network/Network/VirtualNetworkGateway/NewAzRadiusServerCommand.cs

@@ -230,21 +230,28 @@ public class NewAzureVirtualNetworkGatewayCommand : VirtualNetworkGatewayBaseCmd
         public SwitchParameter Force { get; set; }
 
         [Parameter(
-            Mandatory = true,
+            Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             ParameterSetName = VirtualNetworkGatewayParameterSets.RadiusServerConfiguration,
             HelpMessage = "P2S External Radius server address.")]
         [ValidateNotNullOrEmpty]
         public string RadiusServerAddress { get; set; }
 
         [Parameter(
-            Mandatory = true,
+            Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             ParameterSetName = VirtualNetworkGatewayParameterSets.RadiusServerConfiguration,
             HelpMessage = "P2S External Radius server secret.")]
         [ValidateNotNullOrEmpty]
         public SecureString RadiusServerSecret { get; set; }
 
+        [Parameter(
+            Mandatory = false,
+            ValueFromPipelineByPropertyName = true,
+            ParameterSetName = VirtualNetworkGatewayParameterSets.RadiusServerConfiguration,
+            HelpMessage = "P2S multiple external Radius server servers.")]
+        public PSRadiusServer[] RadiusServers { get; set; }
+
         [Parameter(
             Mandatory = true,
             ValueFromPipelineByPropertyName = true,
@@ -433,6 +440,11 @@ private PSVirtualNetworkGateway CreateVirtualNetworkGateway()
                     vnetGateway.VpnClientConfiguration.RadiusServerSecret = SecureStringExtensions.ConvertToString(this.RadiusServerSecret);
                 }
 
+                if (this.RadiusServers != null && this.RadiusServers.Any())
+                {
+                    vnetGateway.VpnClientConfiguration.RadiusServers = this.RadiusServers?.ToList();
+                }
+
                 if (this.AadTenantUri != null)
                 {
                     if (this.AadIssuerUri == null || this.AadAudienceId == null)

src/Network/Network/VirtualNetworkGateway/NewAzureVirtualNetworkGatewayCommand.cs

@@ -139,31 +139,44 @@ public class SetAzureVirtualNetworkGatewayCommand : VirtualNetworkGatewayBaseCmd
         public SwitchParameter DisableActiveActiveFeature { get; set; }
 
         [Parameter(
-            Mandatory = true,
+            Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             ParameterSetName = VirtualNetworkGatewayParameterSets.RadiusServerConfiguration,
             HelpMessage = "P2S External Radius server address.")]
         [Parameter(
-            Mandatory = true,
+            Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             ParameterSetName = VirtualNetworkGatewayParameterSets.RadiusServerConfiguration + VirtualNetworkGatewayParameterSets.UpdateResourceWithTags,
             HelpMessage = "P2S External Radius server address.")]
         [ValidateNotNullOrEmpty]
         public string RadiusServerAddress { get; set; }
 
         [Parameter(
-            Mandatory = true,
+            Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             ParameterSetName = VirtualNetworkGatewayParameterSets.RadiusServerConfiguration,
             HelpMessage = "P2S External Radius server secret.")]
         [Parameter(
-            Mandatory = true,
+            Mandatory = false,
             ValueFromPipelineByPropertyName = true,
             ParameterSetName = VirtualNetworkGatewayParameterSets.RadiusServerConfiguration + VirtualNetworkGatewayParameterSets.UpdateResourceWithTags,
             HelpMessage = "P2S External Radius server secret.")]
         [ValidateNotNullOrEmpty]
         public SecureString RadiusServerSecret { get; set; }
 
+        [Parameter(
+            Mandatory = false,
+            ValueFromPipelineByPropertyName = true,
+            ParameterSetName = VirtualNetworkGatewayParameterSets.RadiusServerConfiguration,
+            HelpMessage = "P2S multiple external Radius servers.")]
+        [Parameter(
+            Mandatory = false,
+            ValueFromPipelineByPropertyName = true,
+            ParameterSetName = VirtualNetworkGatewayParameterSets.RadiusServerConfiguration + VirtualNetworkGatewayParameterSets.UpdateResourceWithTags,
+            HelpMessage = "P2S multiple external Radius servers.")]
+        [ValidateNotNullOrEmpty]
+        public PSRadiusServer[] RadiusServers { get; set; }
+
         [Parameter(
             Mandatory = true,
             ValueFromPipelineByPropertyName = true,
@@ -265,6 +278,7 @@ public override void Execute()
                  this.VpnClientRevokedCertificates != null ||
                  this.RadiusServerAddress != null ||
                  this.RadiusServerSecret != null ||
+                 this.RadiusServers != null ||
                  (this.VpnClientIpsecPolicy != null && this.VpnClientIpsecPolicy.Length != 0) ||
                  this.AadTenantUri != null) &&
                 this.VirtualNetworkGateway.VpnClientConfiguration == null)
@@ -300,13 +314,19 @@ public override void Execute()
 
             if (ParameterSetName.Contains(VirtualNetworkGatewayParameterSets.RadiusServerConfiguration))
             {
-                if (this.RadiusServerSecret == null || this.RadiusServerAddress == null)
+                if ((this.RadiusServerSecret == null || this.RadiusServerAddress == null) && (this.RadiusServers == null || !this.RadiusServers.Any()))
                 {
                     throw new ArgumentException("Both radius server address and secret must be specified if external radius is being configured");
                 }
 
                 this.VirtualNetworkGateway.VpnClientConfiguration.RadiusServerAddress = this.RadiusServerAddress;
-                this.VirtualNetworkGateway.VpnClientConfiguration.RadiusServerSecret = SecureStringExtensions.ConvertToString(this.RadiusServerSecret);
+
+                if (this.RadiusServerSecret != null)
+                {
+                    this.VirtualNetworkGateway.VpnClientConfiguration.RadiusServerSecret = SecureStringExtensions.ConvertToString(this.RadiusServerSecret);
+                }
+
+                this.VirtualNetworkGateway.VpnClientConfiguration.RadiusServers = this.RadiusServers?.ToList();
             }
 
             if (ParameterSetName.Contains(VirtualNetworkGatewayParameterSets.AadAuthenticationConfiguration))