Merge pull request #2710 from gautamdsheth/feature/filter-sp

KoenZomers · web-flow · commit 18733cdaf2f2 · 2023-01-11T00:43:11.000+01:00
Feature: Added Filter parameter to service principal cmdlet
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 - Added `-KeyColumn` to `Add-PnPDataRowsToSiteTemplate` which allows for overwriting existing list items in a site template [#2616](https://github.com/pnp/powershell/pull/2616)
 - Added `IsTeamsConnected`, `IsTeamsChannelConnected` and `TeamChannelType` to be returned when `Get-PnPTenantSite` cmdlet is executed. [#2656](https://github.com/pnp/powershell/pull/2656)
 - Added `-EnvironmentVariable` parameter to `Connect-PnPOnline` to connect using Azure environment variables. [#2681](https://github.com/pnp/powershell/pull/2681)
+- Added `-Filter` parameter to `Get-PnPAzureADServicePrincipal` cmdlet to retrieve specific application registrations based on filter conditions. It supports simple and advanced queries. [#2710](https://github.com/pnp/powershell/pull/2710)
 - Added `-Filter` parameter to `Get-PnPMicrosoft365Group` cmdlet to retrieve specific M365 groups based on filter conditions. It supports simple and advanced queries.
 
 ### Changed
diff --git a/documentation/Get-PnPAzureADServicePrincipal.md b/documentation/Get-PnPAzureADServicePrincipal.md
@@ -22,7 +22,7 @@ Gets service principal/application registrations in Azure Active Directory.
 ### All
 
 ```powershell
-Get-PnPAzureADServicePrincipal [-Connection <PnPConnection>]
+Get-PnPAzureADServicePrincipal [-Filter <string>] [-Connection <PnPConnection>]
 ```
 
 ### By App Id
@@ -83,6 +83,13 @@ Get-PnPAzureADServicePrincipal -AppName "My application"
 
 Retrieves the application registration with the name "My application" from Azure Active Directory
 
+### EXAMPLE 5
+```powershell
+Get-PnPAzureADServicePrincipal -Filter "startswith(description, 'contoso')"
+```
+
+Retrieves the application registration with the description starting with "contoso" from Azure Active Directory. This example demonstrates using Advanced Query capabilities (see: https://learn.microsoft.com/graph/aad-advanced-queries?tabs=http#group-properties).
+
 ## PARAMETERS
 
 ### -AppId
@@ -141,6 +148,20 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -Filter
+Specify the query to pass to Graph API in $filter.
+
+```yaml
+Type: String
+Parameter Sets: Filter
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ## RELATED LINKS
 
 [Microsoft 365 Patterns and Practices](https://aka.ms/m365pnp)
diff --git a/src/Commands/Apps/GetAzureADServicePrincipal.cs b/src/Commands/Apps/GetAzureADServicePrincipal.cs
@@ -30,12 +30,15 @@ public class GetAzureADServicePrincipal : PnPGraphCmdlet
         public string AppName;
 
         [Parameter(Mandatory = true, ParameterSetName = ParameterSet_BYBUILTINTYPE)]
-        public ServicePrincipalBuiltInType BuiltInType;        
+        public ServicePrincipalBuiltInType BuiltInType;
+
+        [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ALL)]
+        public string Filter;
 
         protected override void ExecuteCmdlet()
         {
             AzureADServicePrincipal servicePrincipal = null;
-            switch(ParameterSetName)
+            switch (ParameterSetName)
             {
                 case ParameterSet_BYAPPID:
                     servicePrincipal = ServicePrincipalUtility.GetServicePrincipalByAppId(Connection, AccessToken, AppId);
@@ -50,12 +53,12 @@ protected override void ExecuteCmdlet()
                     servicePrincipal = ServicePrincipalUtility.GetServicePrincipalByBuiltInType(Connection, AccessToken, BuiltInType);
                     break;
                 case ParameterSet_ALL:
-                    var servicePrincipals = ServicePrincipalUtility.GetServicePrincipals(Connection, AccessToken);
+                    var servicePrincipals = ServicePrincipalUtility.GetServicePrincipals(Connection, AccessToken, Filter);
                     WriteObject(servicePrincipals, true);
                     return;
             }
 
-            if(servicePrincipal == null)
+            if (servicePrincipal == null)
             {
                 throw new PSArgumentException("Service principal not found");
             }
diff --git a/src/Commands/Utilities/ServicePrincipalUtility.cs b/src/Commands/Utilities/ServicePrincipalUtility.cs
@@ -16,9 +16,19 @@ internal static class ServicePrincipalUtility
         /// <summary>
         /// Returns all service principals
         /// </summary>
-        public static List<AzureADServicePrincipal> GetServicePrincipals(PnPConnection connection, string accesstoken)
+        public static List<AzureADServicePrincipal> GetServicePrincipals(PnPConnection connection, string accesstoken, string filter = null)
         {
-            var result = Utilities.REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals", accesstoken).GetAwaiter().GetResult();
+            string requestUrl = $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals";
+            Dictionary<string, string> additionalHeaders = null;
+            if (!string.IsNullOrEmpty(filter))
+            {
+                requestUrl = $"{requestUrl}?$filter=({filter})";
+                additionalHeaders = new Dictionary<string, string>
+                {
+                    { "ConsistencyLevel", "eventual" }
+                };
+            }
+            var result = REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, requestUrl, accesstoken, additionalHeaders: additionalHeaders).GetAwaiter().GetResult();
             return result.ToList();
         }
 
@@ -28,7 +38,7 @@ public static List<AzureADServicePrincipal> GetServicePrincipals(PnPConnection c
         public static AzureADServicePrincipal GetServicePrincipalByBuiltInType(PnPConnection connection, string accesstoken, ServicePrincipalBuiltInType builtInType)
         {
             AzureADServicePrincipal result = null;
-            switch(builtInType)
+            switch (builtInType)
             {
                 case ServicePrincipalBuiltInType.MicrosoftGraph:
                     result = ServicePrincipalUtility.GetServicePrincipalByAppId(connection, accesstoken, new Guid("00000003-0000-0000-c000-000000000000"));
@@ -53,13 +63,13 @@ public static AzureADServicePrincipal GetServicePrincipalByObjectId(PnPConnectio
             try
             {
                 result = Utilities.REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals?$filter=id eq '{objectId}'", accesstoken).GetAwaiter().GetResult();
-                
+
                 var servicePrincipal = result.FirstOrDefault();
                 servicePrincipal.AppRoles.ForEach(ar => ar.ServicePrincipal = servicePrincipal);
                 return servicePrincipal;
             }
             catch (Exception) { }
-            return null;            
+            return null;
         }
 
         /// <summary>
@@ -71,7 +81,7 @@ public static AzureADServicePrincipal GetServicePrincipalByAppId(PnPConnection c
             try
             {
                 result = Utilities.REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals?$filter=appid eq '{appId}'", accesstoken).GetAwaiter().GetResult();
-                
+
                 var servicePrincipal = result.FirstOrDefault();
                 servicePrincipal.AppRoles.ForEach(ar => ar.ServicePrincipal = servicePrincipal);
                 return servicePrincipal;
@@ -89,7 +99,7 @@ public static AzureADServicePrincipal GetServicePrincipalByAppName(PnPConnection
             try
             {
                 result = Utilities.REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals?$filter=displayName eq '{appName}'", accesstoken).GetAwaiter().GetResult();
-                
+
                 var servicePrincipal = result.FirstOrDefault();
                 servicePrincipal.AppRoles.ForEach(ar => ar.ServicePrincipal = servicePrincipal);
                 return servicePrincipal;
@@ -205,7 +215,7 @@ public static void RemoveServicePrincipalRoleAssignment(PnPConnection connection
             {
                 Utilities.REST.GraphHelper.DeleteAsync(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals/{principalToRemoveRoleFrom.Id}/appRoleAssignments/{assignment.Id}", accesstoken).GetAwaiter().GetResult();
             }
-        } 
+        }
 
         /// <summary>
         /// Removes the provided role from the role assignments of the provided service principal
@@ -243,7 +253,7 @@ public static void RemoveServicePrincipalRoleAssignment(PnPConnection connection
                     Utilities.REST.GraphHelper.DeleteAsync(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals/{principalToRemoveRoleFrom.Id}/appRoleAssignments/{assignment.Id}", accesstoken).GetAwaiter().GetResult();
                 }
             }
-        }        
+        }
 
         /// <summary>
         /// Removes a role assignment from the provided service principal
@@ -255,6 +265,6 @@ public static void RemoveServicePrincipalRoleAssignment(PnPConnection connection
         public static void RemoveServicePrincipalRoleAssignment(PnPConnection connection, string accesstoken, AzureADServicePrincipalAppRoleAssignment appRoleAssignmenToRemove)
         {
             Utilities.REST.GraphHelper.DeleteAsync(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals/{appRoleAssignmenToRemove.PrincipalId}/appRoleAssignments/{appRoleAssignmenToRemove.Id}", accesstoken).GetAwaiter().GetResult();
-        }        
+        }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -30,12 +30,15 @@ public class GetAzureADServicePrincipal : PnPGraphCmdlet`
`30`	`30`	`public string AppName;`
`31`	`31`
`32`	`32`	`[Parameter(Mandatory = true, ParameterSetName = ParameterSet_BYBUILTINTYPE)]`
`33`		`- public ServicePrincipalBuiltInType BuiltInType;`
	`33`	`+ public ServicePrincipalBuiltInType BuiltInType;`
	`34`	`+`
	`35`	`+ [Parameter(Mandatory = false, ParameterSetName = ParameterSet_ALL)]`
	`36`	`+ public string Filter;`
`34`	`37`
`35`	`38`	`protected override void ExecuteCmdlet()`
`36`	`39`	`{`
`37`	`40`	`AzureADServicePrincipal servicePrincipal = null;`
`38`		`- switch(ParameterSetName)`
	`41`	`+ switch (ParameterSetName)`
`39`	`42`	`{`
`40`	`43`	`case ParameterSet_BYAPPID:`
`41`	`44`	`servicePrincipal = ServicePrincipalUtility.GetServicePrincipalByAppId(Connection, AccessToken, AppId);`
`@@ -50,12 +53,12 @@ protected override void ExecuteCmdlet()`
`50`	`53`	`servicePrincipal = ServicePrincipalUtility.GetServicePrincipalByBuiltInType(Connection, AccessToken, BuiltInType);`
`51`	`54`	`break;`
`52`	`55`	`case ParameterSet_ALL:`
`53`		`- var servicePrincipals = ServicePrincipalUtility.GetServicePrincipals(Connection, AccessToken);`
	`56`	`+ var servicePrincipals = ServicePrincipalUtility.GetServicePrincipals(Connection, AccessToken, Filter);`
`54`	`57`	`WriteObject(servicePrincipals, true);`
`55`	`58`	`return;`
`56`	`59`	`}`
`57`	`60`
`58`		`- if(servicePrincipal == null)`
	`61`	`+ if (servicePrincipal == null)`
`59`	`62`	`{`
`60`	`63`	`throw new PSArgumentException("Service principal not found");`
`61`	`64`	`}`
Original file line number	Diff line number	Diff line change
`@@ -16,9 +16,19 @@ internal static class ServicePrincipalUtility`
`16`	`16`	`/// <summary>`
`17`	`17`	`/// Returns all service principals`
`18`	`18`	`/// </summary>`
`19`		`- public static List<AzureADServicePrincipal> GetServicePrincipals(PnPConnection connection, string accesstoken)`
	`19`	`+ public static List<AzureADServicePrincipal> GetServicePrincipals(PnPConnection connection, string accesstoken, string filter = null)`
`20`	`20`	`{`
`21`		`- var result = Utilities.REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals", accesstoken).GetAwaiter().GetResult();`
	`21`	`+ string requestUrl = $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals";`
	`22`	`+ Dictionary<string, string> additionalHeaders = null;`
	`23`	`+ if (!string.IsNullOrEmpty(filter))`
	`24`	`+ {`
	`25`	`+ requestUrl = $"{requestUrl}?$filter=({filter})";`
	`26`	`+ additionalHeaders = new Dictionary<string, string>`
	`27`	`+ {`
	`28`	`+ { "ConsistencyLevel", "eventual" }`
	`29`	`+ };`
	`30`	`+ }`
	`31`	`+ var result = REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, requestUrl, accesstoken, additionalHeaders: additionalHeaders).GetAwaiter().GetResult();`
`22`	`32`	`return result.ToList();`
`23`	`33`	`}`
`24`	`34`
`@@ -28,7 +38,7 @@ public static List<AzureADServicePrincipal> GetServicePrincipals(PnPConnection c`
`28`	`38`	`public static AzureADServicePrincipal GetServicePrincipalByBuiltInType(PnPConnection connection, string accesstoken, ServicePrincipalBuiltInType builtInType)`
`29`	`39`	`{`
`30`	`40`	`AzureADServicePrincipal result = null;`
`31`		`- switch(builtInType)`
	`41`	`+ switch (builtInType)`
`32`	`42`	`{`
`33`	`43`	`case ServicePrincipalBuiltInType.MicrosoftGraph:`
`34`	`44`	`result = ServicePrincipalUtility.GetServicePrincipalByAppId(connection, accesstoken, new Guid("00000003-0000-0000-c000-000000000000"));`
`@@ -53,13 +63,13 @@ public static AzureADServicePrincipal GetServicePrincipalByObjectId(PnPConnectio`
`53`	`63`	`try`
`54`	`64`	`{`
`55`	`65`	`result = Utilities.REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals?$filter=id eq '{objectId}'", accesstoken).GetAwaiter().GetResult();`
`56`		`-`
	`66`	`+`
`57`	`67`	`var servicePrincipal = result.FirstOrDefault();`
`58`	`68`	`servicePrincipal.AppRoles.ForEach(ar => ar.ServicePrincipal = servicePrincipal);`
`59`	`69`	`return servicePrincipal;`
`60`	`70`	`}`
`61`	`71`	`catch (Exception) { }`
`62`		`- return null;`
	`72`	`+ return null;`
`63`	`73`	`}`
`64`	`74`
`65`	`75`	`/// <summary>`
`@@ -71,7 +81,7 @@ public static AzureADServicePrincipal GetServicePrincipalByAppId(PnPConnection c`
`71`	`81`	`try`
`72`	`82`	`{`
`73`	`83`	`result = Utilities.REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals?$filter=appid eq '{appId}'", accesstoken).GetAwaiter().GetResult();`
`74`		`-`
	`84`	`+`
`75`	`85`	`var servicePrincipal = result.FirstOrDefault();`
`76`	`86`	`servicePrincipal.AppRoles.ForEach(ar => ar.ServicePrincipal = servicePrincipal);`
`77`	`87`	`return servicePrincipal;`
`@@ -89,7 +99,7 @@ public static AzureADServicePrincipal GetServicePrincipalByAppName(PnPConnection`
`89`	`99`	`try`
`90`	`100`	`{`
`91`	`101`	`result = Utilities.REST.GraphHelper.GetResultCollectionAsync<AzureADServicePrincipal>(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals?$filter=displayName eq '{appName}'", accesstoken).GetAwaiter().GetResult();`
`92`		`-`
	`102`	`+`
`93`	`103`	`var servicePrincipal = result.FirstOrDefault();`
`94`	`104`	`servicePrincipal.AppRoles.ForEach(ar => ar.ServicePrincipal = servicePrincipal);`
`95`	`105`	`return servicePrincipal;`
`@@ -205,7 +215,7 @@ public static void RemoveServicePrincipalRoleAssignment(PnPConnection connection`
`205`	`215`	`{`
`206`	`216`	`Utilities.REST.GraphHelper.DeleteAsync(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals/{principalToRemoveRoleFrom.Id}/appRoleAssignments/{assignment.Id}", accesstoken).GetAwaiter().GetResult();`
`207`	`217`	`}`
`208`		`- }`
	`218`	`+ }`
`209`	`219`
`210`	`220`	`/// <summary>`
`211`	`221`	`/// Removes the provided role from the role assignments of the provided service principal`
`@@ -243,7 +253,7 @@ public static void RemoveServicePrincipalRoleAssignment(PnPConnection connection`
`243`	`253`	`Utilities.REST.GraphHelper.DeleteAsync(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals/{principalToRemoveRoleFrom.Id}/appRoleAssignments/{assignment.Id}", accesstoken).GetAwaiter().GetResult();`
`244`	`254`	`}`
`245`	`255`	`}`
`246`		`- }`
	`256`	`+ }`
`247`	`257`
`248`	`258`	`/// <summary>`
`249`	`259`	`/// Removes a role assignment from the provided service principal`
`@@ -255,6 +265,6 @@ public static void RemoveServicePrincipalRoleAssignment(PnPConnection connection`
`255`	`265`	`public static void RemoveServicePrincipalRoleAssignment(PnPConnection connection, string accesstoken, AzureADServicePrincipalAppRoleAssignment appRoleAssignmenToRemove)`
`256`	`266`	`{`
`257`	`267`	`Utilities.REST.GraphHelper.DeleteAsync(connection, $"https://{connection.GraphEndPoint}/v1.0/servicePrincipals/{appRoleAssignmenToRemove.PrincipalId}/appRoleAssignments/{appRoleAssignmenToRemove.Id}", accesstoken).GetAwaiter().GetResult();`
`258`		`- }`
	`268`	`+ }`
`259`	`269`	`}`
`260`	`270`	`}`