Add Graph Audience to environment cmdlets

Author: markcowl

src/Common/Commands.Common.Authentication/Commands.Common.Authentication.csproj

@@ -166,14 +166,21 @@
     <Compile Include="Models\MemoryDataStore.cs" />
     <Compile Include="Models\XmlProfileSerializer.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
-    <Compile Include="Properties\Resources.Designer.cs" />
+    <Compile Include="Properties\Resources.Designer.cs">
+      <AutoGen>True</AutoGen>
+      <DesignTime>True</DesignTime>
+      <DependentUpon>Resources.resx</DependentUpon>
+    </Compile>
     <Compile Include="Utilities\DictionaryExtensions.cs" />
     <Compile Include="Utilities\FileUtilities.cs" />
     <Compile Include="Utilities\JsonUtilities.cs" />
     <Compile Include="Utilities\XmlUtilities.cs" />
   </ItemGroup>
   <ItemGroup>
-    <EmbeddedResource Include="Properties\Resources.resx" />
+    <EmbeddedResource Include="Properties\Resources.resx">
+      <Generator>PublicResXFileCodeGenerator</Generator>
+      <LastGenOutput>Resources.Designer.cs</LastGenOutput>
+    </EmbeddedResource>
   </ItemGroup>
   <ItemGroup>
     <None Include="packages.config" />

src/Common/Commands.Common.Authentication/Factories/AuthenticationFactory.cs

@@ -287,7 +287,24 @@ private AdalConfiguration GetAdalConfiguration(AzureEnvironment environment, str
             {
                 throw new ArgumentNullException("environment");
             }
+
             var adEndpoint = environment.Endpoints[AzureEnvironment.Endpoint.ActiveDirectory];
+            if (string.IsNullOrWhiteSpace(adEndpoint))
+            {
+                throw new ArgumentOutOfRangeException("environment", string.Format("No Active Directory endpoint specified for environment '{0}'", environment.Name));
+            }
+
+            var audience = environment.Endpoints[resourceId];
+            if (string.IsNullOrWhiteSpace(audience))
+            {
+                string message = Resources.InvalidManagementTokenAudience;
+                if (resourceId == AzureEnvironment.Endpoint.GraphEndpointResourceId)
+                {
+                    message = Resources.InvalidGraphTokenAudience;
+                }
+
+                throw new ArgumentOutOfRangeException("environment", string.Format(message, environment.Name));
+            }
 
             return new AdalConfiguration
             {

src/Common/Commands.Common.Authentication/Properties/Resources.Designer.cs

@@ -300,4 +300,10 @@
   <data name="UnsupportedCredentialType" xml:space="preserve">
     <value>Certificate authentication is not supported for account type {0}.</value>
   </data>
+  <data name="InvalidGraphTokenAudience" xml:space="preserve">
+    <value>No value was specified for the token audience for the graph endpoint in environment '{0}'.  Please use Set-AzureRmEnvironment -Name {0} -GraphAudience token-audience-value</value>
+  </data>
+  <data name="InvalidManagementTokenAudience" xml:space="preserve">
+    <value>No value was specified for the token audience for the management endpoint in environment '{0}'.  Please use Set-AzureRmEnvironment -Name {0} -ActiveDirectoryServiceEndpointResourceId token-audience-value</value>
+  </data>
 </root>

src/Common/Commands.Common.Authentication/Properties/Resources.resx

@@ -193,7 +193,8 @@ public void CanCreateEnvironmentWithAllProperties()
                 ServiceEndpoint = "ServiceEndpoint",
                 StorageEndpoint = "StorageEndpoint",
                 SqlDatabaseDnsSuffix = "SqlDatabaseDnsSuffix",
-                TrafficManagerDnsSuffix = "TrafficManagerDnsSuffix"
+                TrafficManagerDnsSuffix = "TrafficManagerDnsSuffix",
+                GraphAudience = "GaraphAudience"
             };
 
             cmdlet.InvokeBeginProcessing();
@@ -216,6 +217,7 @@ public void CanCreateEnvironmentWithAllProperties()
             Assert.Equal(cmdlet.StorageEndpoint, actual.StorageEndpointSuffix);
             Assert.Equal(cmdlet.SqlDatabaseDnsSuffix, actual.SqlDatabaseDnsSuffix);
             Assert.Equal( cmdlet.TrafficManagerDnsSuffix , actual.TrafficManagerDnsSuffix);
+            Assert.Equal( cmdlet.GraphAudience , actual.GraphEndpointResourceId);
             commandRuntimeMock.Verify(f => f.WriteObject(It.IsAny<PSAzureEnvironment>()), Times.Once());
             AzureEnvironment env = AzureRmProfileProvider.Instance.Profile.Environments["KaTaL"];
             Assert.Equal(env.Name, cmdlet.Name);

src/ResourceManager/Profile/Commands.Profile.Test/EnvironmentCmdletTests.cs

@@ -98,7 +98,12 @@ public class AddAzureRMEnvironmentCommand : AzureRMCmdlet
            HelpMessage = "The default tenant for this environment.")]
         public string AdTenant { get; set; }
 
-        protected override void BeginProcessing()
+         [Parameter(Position = 18, Mandatory = false, ValueFromPipelineByPropertyName = true,
+            HelpMessage = "The audience for tokens authenticating with the AD Graph Endpoint.")]
+        [Alias("GraphEndpointResourceId", "GraphResourceId")]
+        public string GraphAudience { get; set; }
+
+       protected override void BeginProcessing()
         {
             // do not call begin processing there is no context needed for this cmdlet
         }
@@ -129,7 +134,8 @@ public override void ExecuteCmdlet()
             newEnvironment.Endpoints[AzureEnvironment.Endpoint.AzureDataLakeAnalyticsCatalogAndJobEndpointSuffix] = AzureDataLakeAnalyticsCatalogAndJobEndpointSuffix;
             newEnvironment.Endpoints[AzureEnvironment.Endpoint.AzureDataLakeStoreFileSystemEndpointSuffix] = AzureDataLakeStoreFileSystemEndpointSuffix;
             newEnvironment.Endpoints[AzureEnvironment.Endpoint.AdTenant] = AdTenant;
-            WriteObject((PSAzureEnvironment)profileClient.AddOrSetEnvironment(newEnvironment));
+             newEnvironment.Endpoints[AzureEnvironment.Endpoint.GraphEndpointResourceId] = GraphAudience;
+           WriteObject((PSAzureEnvironment)profileClient.AddOrSetEnvironment(newEnvironment));
         }
     }
 }

src/ResourceManager/Profile/Commands.Profile/Environment/AddAzureRMEnvironment.cs

@@ -100,7 +100,12 @@ public class SetAzureRMEnvironmentCommand : AzureRMCmdlet
            HelpMessage = "The default tenant for this environment.")]
         public string AdTenant { get; set; }
 
-        protected override void BeginProcessing()
+          [Parameter(Position = 18, Mandatory = false, ValueFromPipelineByPropertyName = true,
+            HelpMessage = "The audience for tokens authenticating with the AD Graph Endpoint.")]
+        [Alias("GraphEndpointResourceId", "GraphResourceId")]
+        public string GraphAudience { get; set; }
+
+       protected override void BeginProcessing()
         {
             // do not call begin processing there is no context needed for this cmdlet
         }
@@ -139,7 +144,7 @@ public override void ExecuteCmdlet()
             SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.AzureDataLakeAnalyticsCatalogAndJobEndpointSuffix, AzureDataLakeAnalyticsCatalogAndJobEndpointSuffix);
             SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.AzureDataLakeStoreFileSystemEndpointSuffix, AzureDataLakeStoreFileSystemEndpointSuffix);
             SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.AdTenant, AdTenant);
-
+            SetEndpointIfProvided(newEnvironment, AzureEnvironment.Endpoint.GraphEndpointResourceId, GraphAudience);
             profileClient.AddOrSetEnvironment(newEnvironment);
 
             WriteObject((PSAzureEnvironment)newEnvironment);