[AutoPR graphrbac/data-plane] Added OAuth2 GET and POST to GraphRBAC.json spec

azure-graphrbac/azure/graphrbac/graph_rbac_management_client.py

@@ -19,6 +19,7 @@
 from .operations.service_principals_operations import ServicePrincipalsOperations
 from .operations.users_operations import UsersOperations
 from .operations.domains_operations import DomainsOperations
+from .operations.oauth2_operations import OAuth2Operations
 from . import models
 
 
@@ -72,6 +73,8 @@ class GraphRbacManagementClient(object):
     :vartype users: azure.graphrbac.operations.UsersOperations
     :ivar domains: Domains operations
     :vartype domains: azure.graphrbac.operations.DomainsOperations
+    :ivar oauth2: OAuth2 operations
+    :vartype oauth2: azure.graphrbac.operations.OAuth2Operations
 
     :param credentials: Credentials needed for the client to connect to Azure.
     :type credentials: :mod:`A msrestazure Credentials
@@ -104,3 +107,5 @@ def __init__(
             self._client, self.config, self._serialize, self._deserialize)
         self.domains = DomainsOperations(
             self._client, self.config, self._serialize, self._deserialize)
+        self.oauth2 = OAuth2Operations(
+            self._client, self.config, self._serialize, self._deserialize)

azure-graphrbac/azure/graphrbac/models/__init__.py

@@ -39,6 +39,7 @@
 from .user_get_member_groups_parameters import UserGetMemberGroupsParameters
 from .get_objects_parameters import GetObjectsParameters
 from .domain import Domain
+from .permissions import Permissions
 from .aad_object_paged import AADObjectPaged
 from .application_paged import ApplicationPaged
 from .directory_object_paged import DirectoryObjectPaged
@@ -84,6 +85,7 @@
     'UserGetMemberGroupsParameters',
     'GetObjectsParameters',
     'Domain',
+    'Permissions',
     'AADObjectPaged',
     'ApplicationPaged',
     'DirectoryObjectPaged',

azure-graphrbac/azure/graphrbac/models/permissions.py

@@ -0,0 +1,57 @@
+# coding=utf-8
+# --------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for
+# license information.
+#
+# Code generated by Microsoft (R) AutoRest Code Generator.
+# Changes may cause incorrect behavior and will be lost if the code is
+# regenerated.
+# --------------------------------------------------------------------------
+
+from msrest.serialization import Model
+
+
+class Permissions(Model):
+    """Permissions.
+
+    :param odatatype: Microsoft.DirectoryServices.OAuth2PermissionGrant
+    :type odatatype: str
+    :param client_id: The objectId of the Service Principal associated with
+     the app
+    :type client_id: str
+    :param consent_type: Typically set to AllPrincipals
+    :type consent_type: str
+    :param principal_id: Set to null if AllPrincipals is set
+    :type principal_id: object
+    :param resource_id: Service Principal Id of the resource you want to grant
+    :type resource_id: str
+    :param scope: Typically set to user_impersonation
+    :type scope: str
+    :param start_time: Start time for TTL
+    :type start_time: str
+    :param expiry_time: Expiry time for TTL
+    :type expiry_time: str
+    """
+
+    _attribute_map = {
+        'odatatype': {'key': 'odata\\.type', 'type': 'str'},
+        'client_id': {'key': 'clientId', 'type': 'str'},
+        'consent_type': {'key': 'consentType', 'type': 'str'},
+        'principal_id': {'key': 'principalId', 'type': 'object'},
+        'resource_id': {'key': 'resourceId', 'type': 'str'},
+        'scope': {'key': 'scope', 'type': 'str'},
+        'start_time': {'key': 'startTime', 'type': 'str'},
+        'expiry_time': {'key': 'expiryTime', 'type': 'str'},
+    }
+
+    def __init__(self, odatatype=None, client_id=None, consent_type=None, principal_id=None, resource_id=None, scope=None, start_time=None, expiry_time=None):
+        super(Permissions, self).__init__()
+        self.odatatype = odatatype
+        self.client_id = client_id
+        self.consent_type = consent_type
+        self.principal_id = principal_id
+        self.resource_id = resource_id
+        self.scope = scope
+        self.start_time = start_time
+        self.expiry_time = expiry_time

azure-graphrbac/azure/graphrbac/operations/__init__.py

@@ -15,6 +15,7 @@
 from .service_principals_operations import ServicePrincipalsOperations
 from .users_operations import UsersOperations
 from .domains_operations import DomainsOperations
+from .oauth2_operations import OAuth2Operations
 
 __all__ = [
     'ObjectsOperations',
@@ -23,4 +24,5 @@
     'ServicePrincipalsOperations',
     'UsersOperations',
     'DomainsOperations',
+    'OAuth2Operations',
 ]

azure-graphrbac/azure/graphrbac/operations/oauth2_operations.py

@@ -0,0 +1,165 @@
+# coding=utf-8
+# --------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for
+# license information.
+#
+# Code generated by Microsoft (R) AutoRest Code Generator.
+# Changes may cause incorrect behavior and will be lost if the code is
+# regenerated.
+# --------------------------------------------------------------------------
+
+import uuid
+from msrest.pipeline import ClientRawResponse
+from msrestazure.azure_exceptions import CloudError
+
+from .. import models
+
+
+class OAuth2Operations(object):
+    """OAuth2Operations operations.
+
+    :param client: Client for service requests.
+    :param config: Configuration of service client.
+    :param serializer: An object model serializer.
+    :param deserializer: An object model deserializer.
+    :ivar api_version: Client API version. Constant value: "1.6".
+    """
+
+    models = models
+
+    def __init__(self, client, config, serializer, deserializer):
+
+        self._client = client
+        self._serialize = serializer
+        self._deserialize = deserializer
+        self.api_version = "1.6"
+
+        self.config = config
+
+    def get(
+            self, filter=None, custom_headers=None, raw=False, **operation_config):
+        """Queries OAuth2 permissions for the relevant SP ObjectId of an app.
+
+        :param filter: This is the Service Principal ObjectId associated with
+         the app
+        :type filter: str
+        :param dict custom_headers: headers that will be added to the request
+        :param bool raw: returns the direct response alongside the
+         deserialized response
+        :param operation_config: :ref:`Operation configuration
+         overrides<msrest:optionsforoperations>`.
+        :return: Permissions or ClientRawResponse if raw=true
+        :rtype: ~azure.graphrbac.models.Permissions or
+         ~msrest.pipeline.ClientRawResponse
+        :raises: :class:`CloudError<msrestazure.azure_exceptions.CloudError>`
+        """
+        # Construct URL
+        url = self.get.metadata['url']
+        path_format_arguments = {
+            'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str')
+        }
+        url = self._client.format_url(url, **path_format_arguments)
+
+        # Construct parameters
+        query_parameters = {}
+        if filter is not None:
+            query_parameters['$filter'] = self._serialize.query("filter", filter, 'str')
+        query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str')
+
+        # Construct headers
+        header_parameters = {}
+        header_parameters['Content-Type'] = 'application/json; charset=utf-8'
+        if self.config.generate_client_request_id:
+            header_parameters['x-ms-client-request-id'] = str(uuid.uuid1())
+        if custom_headers:
+            header_parameters.update(custom_headers)
+        if self.config.accept_language is not None:
+            header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str')
+
+        # Construct and send request
+        request = self._client.get(url, query_parameters)
+        response = self._client.send(request, header_parameters, stream=False, **operation_config)
+
+        if response.status_code not in [200]:
+            exp = CloudError(response)
+            exp.request_id = response.headers.get('x-ms-request-id')
+            raise exp
+
+        deserialized = None
+
+        if response.status_code == 200:
+            deserialized = self._deserialize('Permissions', response)
+
+        if raw:
+            client_raw_response = ClientRawResponse(deserialized, response)
+            return client_raw_response
+
+        return deserialized
+    get.metadata = {'url': '/{tenantID}/oauth2PermissionGrants'}
+
+    def post(
+            self, body=None, custom_headers=None, raw=False, **operation_config):
+        """Grants OAuth2 permissions for the relevant resource Ids of an app.
+
+        :param body: The relevant app Service Principal Object Id and the
+         Service Principal Objecit Id you want to grant.
+        :type body: ~azure.graphrbac.models.Permissions
+        :param dict custom_headers: headers that will be added to the request
+        :param bool raw: returns the direct response alongside the
+         deserialized response
+        :param operation_config: :ref:`Operation configuration
+         overrides<msrest:optionsforoperations>`.
+        :return: Permissions or ClientRawResponse if raw=true
+        :rtype: ~azure.graphrbac.models.Permissions or
+         ~msrest.pipeline.ClientRawResponse
+        :raises: :class:`CloudError<msrestazure.azure_exceptions.CloudError>`
+        """
+        # Construct URL
+        url = self.post.metadata['url']
+        path_format_arguments = {
+            'tenantID': self._serialize.url("self.config.tenant_id", self.config.tenant_id, 'str')
+        }
+        url = self._client.format_url(url, **path_format_arguments)
+
+        # Construct parameters
+        query_parameters = {}
+        query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str')
+
+        # Construct headers
+        header_parameters = {}
+        header_parameters['Content-Type'] = 'application/json; charset=utf-8'
+        if self.config.generate_client_request_id:
+            header_parameters['x-ms-client-request-id'] = str(uuid.uuid1())
+        if custom_headers:
+            header_parameters.update(custom_headers)
+        if self.config.accept_language is not None:
+            header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str')
+
+        # Construct body
+        if body is not None:
+            body_content = self._serialize.body(body, 'Permissions')
+        else:
+            body_content = None
+
+        # Construct and send request
+        request = self._client.post(url, query_parameters)
+        response = self._client.send(
+            request, header_parameters, body_content, stream=False, **operation_config)
+
+        if response.status_code not in [201]:
+            exp = CloudError(response)
+            exp.request_id = response.headers.get('x-ms-request-id')
+            raise exp
+
+        deserialized = None
+
+        if response.status_code == 201:
+            deserialized = self._deserialize('Permissions', response)
+
+        if raw:
+            client_raw_response = ClientRawResponse(deserialized, response)
+            return client_raw_response
+
+        return deserialized
+    post.metadata = {'url': '/{tenantID}/oauth2PermissionGrants'}

azure-graphrbac/azure/graphrbac/operations/service_principals_operations.py

@@ -224,7 +224,8 @@ def delete(
 
     def get(
             self, object_id, custom_headers=None, raw=False, **operation_config):
-        """Gets service principal information from the directory.
+        """Gets service principal information from the directory. Query by
+        objectId or pass a filter to query by appId.
 
         :param object_id: The object ID of the service principal to get.
         :type object_id: str