[AutoPR graphrbac/data-plane] [graphrbac]: fix bugs in permission grant apis

azure-graphrbac/MANIFEST.in

@@ -1,3 +1,4 @@
+recursive-include tests *.py *.yaml
 include *.rst
 include azure/__init__.py
 

azure-graphrbac/README.rst

@@ -8,25 +8,6 @@ This package has been tested with Python 2.7, 3.4, 3.5, 3.6 and 3.7.
 For a more complete set of Azure libraries, see the `azure <https://pypi.python.org/pypi/azure>`__ bundle package.
 
 
-Compatibility
-=============
-
-**IMPORTANT**: If you have an earlier version of the azure package
-(version < 1.0), you should uninstall it before installing this package.
-
-You can check the version using pip:
-
-.. code:: shell
-
-    pip freeze
-
-If you see azure==0.11.0 (or any version below 1.0), uninstall it first:
-
-.. code:: shell
-
-    pip uninstall azure
-
-
 Usage
 =====
 
@@ -41,3 +22,6 @@ Provide Feedback
 If you encounter any bugs or have suggestions, please file an issue in the
 `Issues <https://github.com/Azure/azure-sdk-for-python/issues>`__
 section of the project.
+
+
+.. image::  https://azure-sdk-impressions.azurewebsites.net/api/impressions/azure-sdk-for-python%2Fazure-graphrbac%2FREADME.png

azure-graphrbac/azure/graphrbac/graph_rbac_management_client.py

@@ -21,7 +21,7 @@
 from .operations.users_operations import UsersOperations
 from .operations.objects_operations import ObjectsOperations
 from .operations.domains_operations import DomainsOperations
-from .operations.oauth2_operations import OAuth2Operations
+from .operations.oauth2_permission_grant_operations import OAuth2PermissionGrantOperations
 from . import models
 
 
@@ -79,8 +79,8 @@ class GraphRbacManagementClient(SDKClient):
     :vartype objects: azure.graphrbac.operations.ObjectsOperations
     :ivar domains: Domains operations
     :vartype domains: azure.graphrbac.operations.DomainsOperations
-    :ivar oauth2: OAuth2 operations
-    :vartype oauth2: azure.graphrbac.operations.OAuth2Operations
+    :ivar oauth2_permission_grant: OAuth2PermissionGrant operations
+    :vartype oauth2_permission_grant: azure.graphrbac.operations.OAuth2PermissionGrantOperations
 
     :param credentials: Credentials needed for the client to connect to Azure.
     :type credentials: :mod:`A msrestazure Credentials
@@ -117,5 +117,5 @@ def __init__(
             self._client, self.config, self._serialize, self._deserialize)
         self.domains = DomainsOperations(
             self._client, self.config, self._serialize, self._deserialize)
-        self.oauth2 = OAuth2Operations(
+        self.oauth2_permission_grant = OAuth2PermissionGrantOperations(
             self._client, self.config, self._serialize, self._deserialize)

azure-graphrbac/azure/graphrbac/models/__init__.py

@@ -10,13 +10,21 @@
 # --------------------------------------------------------------------------
 
 try:
+    from .informational_url_py3 import InformationalUrl
+    from .oauth2_permission_py3 import OAuth2Permission
+    from .optional_claim_py3 import OptionalClaim
+    from .optional_claims_py3 import OptionalClaims
+    from .pre_authorized_application_permission_py3 import PreAuthorizedApplicationPermission
+    from .pre_authorized_application_extension_py3 import PreAuthorizedApplicationExtension
+    from .pre_authorized_application_py3 import PreAuthorizedApplication
     from .graph_error_py3 import GraphError, GraphErrorException
     from .directory_object_py3 import DirectoryObject
     from .key_credential_py3 import KeyCredential
     from .password_credential_py3 import PasswordCredential
     from .resource_access_py3 import ResourceAccess
     from .required_resource_access_py3 import RequiredResourceAccess
     from .app_role_py3 import AppRole
+    from .application_base_py3 import ApplicationBase
     from .application_create_parameters_py3 import ApplicationCreateParameters
     from .application_update_parameters_py3 import ApplicationUpdateParameters
     from .application_py3 import Application
@@ -29,6 +37,7 @@
     from .group_get_member_groups_parameters_py3 import GroupGetMemberGroupsParameters
     from .check_group_membership_parameters_py3 import CheckGroupMembershipParameters
     from .check_group_membership_result_py3 import CheckGroupMembershipResult
+    from .service_principal_base_py3 import ServicePrincipalBase
     from .service_principal_create_parameters_py3 import ServicePrincipalCreateParameters
     from .service_principal_update_parameters_py3 import ServicePrincipalUpdateParameters
     from .service_principal_py3 import ServicePrincipal
@@ -41,15 +50,23 @@
     from .user_get_member_groups_parameters_py3 import UserGetMemberGroupsParameters
     from .get_objects_parameters_py3 import GetObjectsParameters
     from .domain_py3 import Domain
-    from .permissions_py3 import Permissions
+    from .oauth2_permission_grant_py3 import OAuth2PermissionGrant
 except (SyntaxError, ImportError):
+    from .informational_url import InformationalUrl
+    from .oauth2_permission import OAuth2Permission
+    from .optional_claim import OptionalClaim
+    from .optional_claims import OptionalClaims
+    from .pre_authorized_application_permission import PreAuthorizedApplicationPermission
+    from .pre_authorized_application_extension import PreAuthorizedApplicationExtension
+    from .pre_authorized_application import PreAuthorizedApplication
     from .graph_error import GraphError, GraphErrorException
     from .directory_object import DirectoryObject
     from .key_credential import KeyCredential
     from .password_credential import PasswordCredential
     from .resource_access import ResourceAccess
     from .required_resource_access import RequiredResourceAccess
     from .app_role import AppRole
+    from .application_base import ApplicationBase
     from .application_create_parameters import ApplicationCreateParameters
     from .application_update_parameters import ApplicationUpdateParameters
     from .application import Application
@@ -62,6 +79,7 @@
     from .group_get_member_groups_parameters import GroupGetMemberGroupsParameters
     from .check_group_membership_parameters import CheckGroupMembershipParameters
     from .check_group_membership_result import CheckGroupMembershipResult
+    from .service_principal_base import ServicePrincipalBase
     from .service_principal_create_parameters import ServicePrincipalCreateParameters
     from .service_principal_update_parameters import ServicePrincipalUpdateParameters
     from .service_principal import ServicePrincipal
@@ -74,7 +92,7 @@
     from .user_get_member_groups_parameters import UserGetMemberGroupsParameters
     from .get_objects_parameters import GetObjectsParameters
     from .domain import Domain
-    from .permissions import Permissions
+    from .oauth2_permission_grant import OAuth2PermissionGrant
 from .directory_object_paged import DirectoryObjectPaged
 from .application_paged import ApplicationPaged
 from .key_credential_paged import KeyCredentialPaged
@@ -84,18 +102,28 @@
 from .service_principal_paged import ServicePrincipalPaged
 from .user_paged import UserPaged
 from .domain_paged import DomainPaged
+from .oauth2_permission_grant_paged import OAuth2PermissionGrantPaged
 from .graph_rbac_management_client_enums import (
     UserType,
+    ConsentType,
 )
 
 __all__ = [
+    'InformationalUrl',
+    'OAuth2Permission',
+    'OptionalClaim',
+    'OptionalClaims',
+    'PreAuthorizedApplicationPermission',
+    'PreAuthorizedApplicationExtension',
+    'PreAuthorizedApplication',
     'GraphError', 'GraphErrorException',
     'DirectoryObject',
     'KeyCredential',
     'PasswordCredential',
     'ResourceAccess',
     'RequiredResourceAccess',
     'AppRole',
+    'ApplicationBase',
     'ApplicationCreateParameters',
     'ApplicationUpdateParameters',
     'Application',
@@ -108,6 +136,7 @@
     'GroupGetMemberGroupsParameters',
     'CheckGroupMembershipParameters',
     'CheckGroupMembershipResult',
+    'ServicePrincipalBase',
     'ServicePrincipalCreateParameters',
     'ServicePrincipalUpdateParameters',
     'ServicePrincipal',
@@ -120,7 +149,7 @@
     'UserGetMemberGroupsParameters',
     'GetObjectsParameters',
     'Domain',
-    'Permissions',
+    'OAuth2PermissionGrant',
     'DirectoryObjectPaged',
     'ApplicationPaged',
     'KeyCredentialPaged',
@@ -130,5 +159,7 @@
     'ServicePrincipalPaged',
     'UserPaged',
     'DomainPaged',
+    'OAuth2PermissionGrantPaged',
     'UserType',
+    'ConsentType',
 ]

azure-graphrbac/azure/graphrbac/models/application.py

@@ -32,37 +32,102 @@ class Application(DirectoryObject):
     :type object_type: str
     :param app_id: The application ID.
     :type app_id: str
+    :param allow_guests_sign_in: A property on the application to indicate if
+     the application accepts other IDPs or not or partially accepts.
+    :type allow_guests_sign_in: bool
+    :param allow_passthrough_users: Indicates that the application supports
+     pass through users who have no presence in the resource tenant.
+    :type allow_passthrough_users: bool
+    :param app_logo_url: The url for the application logo image stored in a
+     CDN.
+    :type app_logo_url: str
     :param app_roles: The collection of application roles that an application
      may declare. These roles can be assigned to users, groups or service
      principals.
     :type app_roles: list[~azure.graphrbac.models.AppRole]
     :param app_permissions: The application permissions.
     :type app_permissions: list[str]
-    :param available_to_other_tenants: Whether the application is be available
-     to other tenants.
+    :param available_to_other_tenants: Whether the application is available to
+     other tenants.
     :type available_to_other_tenants: bool
     :param display_name: The display name of the application.
     :type display_name: str
-    :param identifier_uris: A collection of URIs for the application.
-    :type identifier_uris: list[str]
-    :param reply_urls: A collection of reply URLs for the application.
-    :type reply_urls: list[str]
+    :param error_url: A URL provided by the author of the application to
+     report errors when using the application.
+    :type error_url: str
+    :param group_membership_claims: Configures the groups claim issued in a
+     user or OAuth 2.0 access token that the app expects.
+    :type group_membership_claims: object
     :param homepage: The home page of the application.
     :type homepage: str
+    :param identifier_uris: A collection of URIs for the application.
+    :type identifier_uris: list[str]
+    :param informational_urls: urls with more informations of the application.
+    :type informational_urls: ~azure.graphrbac.models.InformationalUrl
+    :param is_device_only_auth_supported: Specifies whether this application
+     supports device authentication without a user. The default is false.
+    :type is_device_only_auth_supported: bool
+    :param key_credentials: A collection of KeyCredential objects.
+    :type key_credentials: list[~azure.graphrbac.models.KeyCredential]
+    :param known_client_applications: Client applications that are tied to
+     this resource application. Consent to any of the known client applications
+     will result in implicit consent to the resource application through a
+     combined consent dialog (showing the OAuth permission scopes required by
+     the client and the resource).
+    :type known_client_applications: list[str]
+    :param logout_url: the url of the logout page
+    :type logout_url: str
     :param oauth2_allow_implicit_flow: Whether to allow implicit grant flow
      for OAuth2
     :type oauth2_allow_implicit_flow: bool
+    :param oauth2_allow_url_path_matching: Specifies whether during a token
+     Request Azure AD will allow path matching of the redirect URI against the
+     applications collection of replyURLs. The default is false.
+    :type oauth2_allow_url_path_matching: bool
+    :param oauth2_permissions: The collection of OAuth 2.0 permission scopes
+     that the web API (resource) application exposes to client applications.
+     These permission scopes may be granted to client applications during
+     consent.
+    :type oauth2_permissions: list[~azure.graphrbac.models.OAuth2Permission]
+    :param oauth2_require_post_response: Specifies whether, as part of OAuth
+     2.0 token requests, Azure AD will allow POST requests, as opposed to GET
+     requests. The default is false, which specifies that only GET requests
+     will be allowed.
+    :type oauth2_require_post_response: bool
+    :param org_restrictions: A list of tenants allowed to access application.
+    :type org_restrictions: list[str]
+    :param optional_claims:
+    :type optional_claims: ~azure.graphrbac.models.OptionalClaims
+    :param password_credentials: A collection of PasswordCredential objects
+    :type password_credentials:
+     list[~azure.graphrbac.models.PasswordCredential]
+    :param pre_authorized_applications: list of pre-authorizaed applications.
+    :type pre_authorized_applications:
+     list[~azure.graphrbac.models.PreAuthorizedApplication]
+    :param public_client: Specifies whether this application is a public
+     client (such as an installed application running on a mobile device).
+     Default is false.
+    :type public_client: bool
+    :param publisher_domain: Reliable domain which can be used to identify an
+     application.
+    :type publisher_domain: str
+    :param reply_urls: A collection of reply URLs for the application.
+    :type reply_urls: list[str]
     :param required_resource_access: Specifies resources that this application
      requires access to and the set of OAuth permission scopes and application
      roles that it needs under each of those resources. This pre-configuration
      of required resource access drives the consent experience.
     :type required_resource_access:
      list[~azure.graphrbac.models.RequiredResourceAccess]
-    :param key_credentials: A collection of KeyCredential objects.
-    :type key_credentials: list[~azure.graphrbac.models.KeyCredential]
-    :param password_credentials: A collection of PasswordCredential objects
-    :type password_credentials:
-     list[~azure.graphrbac.models.PasswordCredential]
+    :param saml_metadata_url: The URL to the SAML metadata for the
+     application.
+    :type saml_metadata_url: str
+    :param sign_in_audience: Audience for signing in to the application
+     (AzureADMyOrganizatio, AzureADAllorganizations,
+     AzureADAndMicrosofAccounts).
+    :type sign_in_audience: str
+    :param www_homepage: The primary Web page.
+    :type www_homepage: str
     """
 
     _validation = {
@@ -77,31 +142,71 @@ class Application(DirectoryObject):
         'deletion_timestamp': {'key': 'deletionTimestamp', 'type': 'iso-8601'},
         'object_type': {'key': 'objectType', 'type': 'str'},
         'app_id': {'key': 'appId', 'type': 'str'},
+        'allow_guests_sign_in': {'key': 'allowGuestsSignIn', 'type': 'bool'},
+        'allow_passthrough_users': {'key': 'allowPassthroughUsers', 'type': 'bool'},
+        'app_logo_url': {'key': 'appLogoUrl', 'type': 'str'},
         'app_roles': {'key': 'appRoles', 'type': '[AppRole]'},
         'app_permissions': {'key': 'appPermissions', 'type': '[str]'},
         'available_to_other_tenants': {'key': 'availableToOtherTenants', 'type': 'bool'},
         'display_name': {'key': 'displayName', 'type': 'str'},
-        'identifier_uris': {'key': 'identifierUris', 'type': '[str]'},
-        'reply_urls': {'key': 'replyUrls', 'type': '[str]'},
+        'error_url': {'key': 'errorUrl', 'type': 'str'},
+        'group_membership_claims': {'key': 'groupMembershipClaims', 'type': 'object'},
         'homepage': {'key': 'homepage', 'type': 'str'},
-        'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'},
-        'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'},
+        'identifier_uris': {'key': 'identifierUris', 'type': '[str]'},
+        'informational_urls': {'key': 'informationalUrls', 'type': 'InformationalUrl'},
+        'is_device_only_auth_supported': {'key': 'isDeviceOnlyAuthSupported', 'type': 'bool'},
         'key_credentials': {'key': 'keyCredentials', 'type': '[KeyCredential]'},
+        'known_client_applications': {'key': 'knownClientApplications', 'type': '[str]'},
+        'logout_url': {'key': 'logoutUrl', 'type': 'str'},
+        'oauth2_allow_implicit_flow': {'key': 'oauth2AllowImplicitFlow', 'type': 'bool'},
+        'oauth2_allow_url_path_matching': {'key': 'oauth2AllowUrlPathMatching', 'type': 'bool'},
+        'oauth2_permissions': {'key': 'oauth2Permissions', 'type': '[OAuth2Permission]'},
+        'oauth2_require_post_response': {'key': 'oauth2RequirePostResponse', 'type': 'bool'},
+        'org_restrictions': {'key': 'orgRestrictions', 'type': '[str]'},
+        'optional_claims': {'key': 'optionalClaims', 'type': 'OptionalClaims'},
         'password_credentials': {'key': 'passwordCredentials', 'type': '[PasswordCredential]'},
+        'pre_authorized_applications': {'key': 'preAuthorizedApplications', 'type': '[PreAuthorizedApplication]'},
+        'public_client': {'key': 'publicClient', 'type': 'bool'},
+        'publisher_domain': {'key': 'publisherDomain', 'type': 'str'},
+        'reply_urls': {'key': 'replyUrls', 'type': '[str]'},
+        'required_resource_access': {'key': 'requiredResourceAccess', 'type': '[RequiredResourceAccess]'},
+        'saml_metadata_url': {'key': 'samlMetadataUrl', 'type': 'str'},
+        'sign_in_audience': {'key': 'signInAudience', 'type': 'str'},
+        'www_homepage': {'key': 'wwwHomepage', 'type': 'str'},
     }
 
     def __init__(self, **kwargs):
         super(Application, self).__init__(**kwargs)
         self.app_id = kwargs.get('app_id', None)
+        self.allow_guests_sign_in = kwargs.get('allow_guests_sign_in', None)
+        self.allow_passthrough_users = kwargs.get('allow_passthrough_users', None)
+        self.app_logo_url = kwargs.get('app_logo_url', None)
         self.app_roles = kwargs.get('app_roles', None)
         self.app_permissions = kwargs.get('app_permissions', None)
         self.available_to_other_tenants = kwargs.get('available_to_other_tenants', None)
         self.display_name = kwargs.get('display_name', None)
-        self.identifier_uris = kwargs.get('identifier_uris', None)
-        self.reply_urls = kwargs.get('reply_urls', None)
+        self.error_url = kwargs.get('error_url', None)
+        self.group_membership_claims = kwargs.get('group_membership_claims', None)
         self.homepage = kwargs.get('homepage', None)
-        self.oauth2_allow_implicit_flow = kwargs.get('oauth2_allow_implicit_flow', None)
-        self.required_resource_access = kwargs.get('required_resource_access', None)
+        self.identifier_uris = kwargs.get('identifier_uris', None)
+        self.informational_urls = kwargs.get('informational_urls', None)
+        self.is_device_only_auth_supported = kwargs.get('is_device_only_auth_supported', None)
         self.key_credentials = kwargs.get('key_credentials', None)
+        self.known_client_applications = kwargs.get('known_client_applications', None)
+        self.logout_url = kwargs.get('logout_url', None)
+        self.oauth2_allow_implicit_flow = kwargs.get('oauth2_allow_implicit_flow', None)
+        self.oauth2_allow_url_path_matching = kwargs.get('oauth2_allow_url_path_matching', None)
+        self.oauth2_permissions = kwargs.get('oauth2_permissions', None)
+        self.oauth2_require_post_response = kwargs.get('oauth2_require_post_response', None)
+        self.org_restrictions = kwargs.get('org_restrictions', None)
+        self.optional_claims = kwargs.get('optional_claims', None)
         self.password_credentials = kwargs.get('password_credentials', None)
+        self.pre_authorized_applications = kwargs.get('pre_authorized_applications', None)
+        self.public_client = kwargs.get('public_client', None)
+        self.publisher_domain = kwargs.get('publisher_domain', None)
+        self.reply_urls = kwargs.get('reply_urls', None)
+        self.required_resource_access = kwargs.get('required_resource_access', None)
+        self.saml_metadata_url = kwargs.get('saml_metadata_url', None)
+        self.sign_in_audience = kwargs.get('sign_in_audience', None)
+        self.www_homepage = kwargs.get('www_homepage', None)
         self.object_type = 'Application'