Merge branch 'AddNewPnPAzureADUserTemporaryAccessPass' of https://git…

…hub.com/KoenZomers/pnpframework into pr605
pnp · Mar 24, 2022 · 992e2dc · 992e2dc
2 parents 260b6d0 + 0a2c1ac
commit 992e2dc
Show file tree

Hide file tree

Showing 3 changed files with 147 additions and 1 deletion.
diff --git a/src/lib/PnP.Framework/Graph/Model/TemporaryAccessPassRequest.cs b/src/lib/PnP.Framework/Graph/Model/TemporaryAccessPassRequest.cs
@@ -0,0 +1,35 @@
+using System;
+using Newtonsoft.Json;
+
+namespace PnP.Framework.Graph.Model
+{
+    /// <summary>
+    /// Defines a request for a temporary access pass for a User
+    /// </summary>
+    public class TemporaryAccessPassRequest
+    {
+        /// <summary>
+        /// Indicates the type(s) of change(s) in the subscribed resource that will raise a notification
+        /// </summary>
+        [JsonProperty("@odata.type")]
+        public string ODataType => "#microsoft.graph.temporaryAccessPassAuthenticationMethod";
+
+        /// <summary>
+        /// Date and time on which the temporary access pass should become valid. If not provided, the access pass will be valid immediately.
+        /// </summary>
+        [JsonProperty("startDateTime")]
+        public DateTime? StartDateTime { get; set; }
+
+        /// <summary>
+        /// The time in minutes specifying how long the temporary access pass should be valid for. If not provided, the default duration as configured in Azure Active Directory will be applied.
+        /// </summary>
+        [JsonProperty("lifetimeInMinutes")]
+        public int? LifetimeInMinutes { get; set; }
+
+        /// <summary>
+        /// Boolean indicating if the temporary access pass can only be used once to log in (true) or continously for as long as the pass is valid for (false)
+        /// </summary>
+        [JsonProperty("isUsableOnce")]
+        public bool? IsUsableOnce { get; set; }
+    }
+}
diff --git a/src/lib/PnP.Framework/Graph/Model/TemporaryAccessPassResponse.cs b/src/lib/PnP.Framework/Graph/Model/TemporaryAccessPassResponse.cs
@@ -0,0 +1,59 @@
+using System;
+using Newtonsoft.Json;
+
+namespace PnP.Framework.Graph.Model
+{
+    /// <summary>
+    /// Defines a response for a temporary access pass for a User
+    /// </summary>
+    public class TemporaryAccessPassResponse
+    {
+        /// <summary>
+        /// Identifier of the temporary access pass
+        /// </summary>
+        [JsonProperty("id")]
+        public Guid? Id { get; set; }  
+
+        /// <summary>
+        /// The temporary access pass code
+        /// </summary>
+        [JsonProperty("temporaryAccessPass")]
+        public string TemporaryAccessPass { get; set; }  
+
+        /// <summary>
+        /// Date and time on which the temporary access pass has been created
+        /// </summary>
+        [JsonProperty("createdDateTime")]
+        public DateTime? CreatedDateTime { get; set; }
+
+        /// <summary>
+        /// Date and time on which the temporary access pass should become valid. If not provided, the access pass will be valid immediately.
+        /// </summary>
+        [JsonProperty("startDateTime")]
+        public DateTime? StartDateTime { get; set; }
+
+        /// <summary>
+        /// The time in minutes specifying how long the temporary access pass should be valid for. If not provided, the default duration as configured in Azure Active Directory will be applied.
+        /// </summary>
+        [JsonProperty("lifetimeInMinutes")]
+        public int? LifetimeInMinutes { get; set; }
+
+        /// <summary>
+        /// Boolean indicating if the temporary access pass can only be used once to log in (true) or continously for as long as the pass is valid for (false)
+        /// </summary>
+        [JsonProperty("isUsableOnce")]
+        public bool? IsUsableOnce { get; set; }
+
+        /// <summary>
+        /// Boolean indicating if the temporary access pass can be used already
+        /// </summary>
+        [JsonProperty("isUsable")]
+        public bool? IsUsable { get; set; }
+
+        /// <summary>
+        /// Provides more context around why the pass can or can not be used yet
+        /// </summary>
+        [JsonProperty("methodUsabilityReason")]
+        public string MethodUsabilityReason { get; set; }             
+    }
+}
diff --git a/src/lib/PnP.Framework/Graph/UsersUtility.cs b/src/lib/PnP.Framework/Graph/UsersUtility.cs
@@ -348,6 +348,58 @@ private static Model.User MapUserEntity(User graphUser, string[] selectPropertie
             }
 
             return user;
-        } 
+        }
+
+        /// <summary>
+        /// Retrieves a temporary access pass for the provided user
+        /// </summary>
+        /// <param name="accessToken">The OAuth 2.0 Access Token to use for invoking the Microsoft Graph</param>
+        /// <param name="userId">Id or user principal name of the user to request the access pass for</param>
+        /// <param name="startDateTime">Date and time at which this access pass should become valid. Optional. If not provided, it immediately become valid.</param>
+        /// <param name="lifeTimeInMinutes">Durationin minutes during which this access pass will be valid. Optional. If not provided, the default configured in Azure Active Directory will be used.</param>
+        /// <param name="isUsableOnce">Boolean indicating if the access pass can be used to only log in once or repetitively during the lifetime of the access pass. Optional. If not provided, the default configured in Azure Active Directory will be used.</param>
+        /// <param name="retryCount">Number of times to retry the request in case of throttling. Optional.</param>
+        /// <param name="delay">Milliseconds to wait before retrying the request. The delay will be increased (doubled) every retry. Optional.</param>
+        /// <param name="azureEnvironment">The type of environment to connect to</param>
+        /// <returns>A temporary access pass for the provided user or NULL if unable to create a temporary access pass</returns>
+        public static Model.TemporaryAccessPassResponse RequestTemporaryAccessPass(string accessToken, string userId, DateTime? startDateTime = null, int? lifeTimeInMinutes = null, bool? isUsableOnce = null, int retryCount = 10, int delay = 500, AzureEnvironment azureEnvironment = AzureEnvironment.Production)
+        {
+            if (String.IsNullOrEmpty(accessToken))
+            {
+                throw new ArgumentNullException(nameof(accessToken));
+            }
+            if (String.IsNullOrEmpty(userId))
+            {
+                throw new ArgumentNullException(nameof(userId));
+            }            
+
+            // Build the request body for the access pass
+            var temporaryAccessPassAuthenticationMethod = new Model.TemporaryAccessPassRequest
+            {
+                StartDateTime = startDateTime?.ToUniversalTime(),
+                LifetimeInMinutes = lifeTimeInMinutes,
+                IsUsableOnce = isUsableOnce
+            };
+
+            try
+            {
+                // Request the access pass
+                var response = GraphHttpClient.MakePostRequestForString(
+                    requestUrl: $"{GraphHttpClient.GetGraphEndPointUrl(azureEnvironment, beta: true)}users/{userId}/authentication/temporaryAccessPassMethods",
+                    content: temporaryAccessPassAuthenticationMethod,
+                    contentType: "application/json",
+                    accessToken: accessToken);
+
+                // Parse and return the response
+                var accessPassResponse = JsonConvert.DeserializeObject<Model.TemporaryAccessPassResponse>(response);
+                return accessPassResponse;
+
+            }
+            catch (ServiceException ex)
+            {
+                Log.Error(Constants.LOGGING_SOURCE, CoreResources.GraphExtensions_ErrorOccured, ex.Error.Message);
+                throw;
+            }
+        }        
     }
 }