com.microsoft.azure.management.graphrbac.implementation.ServicePrincipalImpl Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure-mgmt-graph-rbac Show documentation
Show all versions of azure-mgmt-graph-rbac Show documentation
This package contains Microsoft Azure Graph RBAC Management SDK. This package has been deprecated. A replacement package com.azure.resourcemanager:azure-resourcemanager-authorization is available as of 31-March-2022. We strongly encourage you to upgrade to continue receiving updates. See Migration Guide https://aka.ms/java-track2-migration-guide for guidance on upgrading. Refer to our deprecation policy https://azure.github.io/azure-sdk/policies_support.html for more details.
/**
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for
* license information.
*/
package com.microsoft.azure.management.graphrbac.implementation;
import com.google.common.base.Function;
import com.google.common.collect.Lists;
import com.microsoft.azure.management.apigeneration.LangDefinition;
import com.microsoft.azure.management.graphrbac.ActiveDirectoryApplication;
import com.microsoft.azure.management.graphrbac.BuiltInRole;
import com.microsoft.azure.management.graphrbac.CertificateCredential;
import com.microsoft.azure.management.graphrbac.PasswordCredential;
import com.microsoft.azure.management.graphrbac.RoleAssignment;
import com.microsoft.azure.management.graphrbac.ServicePrincipal;
import com.microsoft.azure.management.resources.ResourceGroup;
import com.microsoft.azure.management.resources.fluentcore.model.Creatable;
import com.microsoft.azure.management.resources.fluentcore.model.Indexable;
import com.microsoft.azure.management.resources.fluentcore.model.implementation.CreatableUpdatableImpl;
import com.microsoft.azure.management.resources.fluentcore.utils.SdkContext;
import rx.Observable;
import rx.functions.Action1;
import rx.functions.Func0;
import rx.functions.Func1;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* Implementation for ServicePrincipal and its parent interfaces.
*/
@LangDefinition(ContainerName = "/Microsoft.Azure.Management.Graph.RBAC.Fluent")
class ServicePrincipalImpl
extends CreatableUpdatableImpl
implements
ServicePrincipal,
ServicePrincipal.Definition,
ServicePrincipal.Update,
HasCredential {
private GraphRbacManager manager;
private Map cachedPasswordCredentials;
private Map cachedCertificateCredentials;
private Map cachedRoleAssignments;
private ServicePrincipalCreateParametersInner createParameters;
private Creatable applicationCreatable;
private Map rolesToCreate;
private Set rolesToDelete;
String assignedSubscription;
private List> certificateCredentialsToCreate;
private List> passwordCredentialsToCreate;
private Set certificateCredentialsToDelete;
private Set passwordCredentialsToDelete;
ServicePrincipalImpl(ServicePrincipalInner innerObject, GraphRbacManager manager) {
super(innerObject.displayName(), innerObject);
this.manager = manager;
this.createParameters = new ServicePrincipalCreateParametersInner().withAccountEnabled(true);
this.cachedRoleAssignments = new HashMap<>();
this.rolesToCreate = new HashMap<>();
this.rolesToDelete = new HashSet<>();
this.cachedCertificateCredentials = new HashMap<>();
this.certificateCredentialsToCreate = new ArrayList<>();
this.certificateCredentialsToDelete = new HashSet<>();
this.cachedPasswordCredentials = new HashMap<>();
this.passwordCredentialsToCreate = new ArrayList<>();
this.passwordCredentialsToDelete = new HashSet<>();
}
@Override
public String id() {
return inner().objectId();
}
@Override
public String applicationId() {
return inner().appId();
}
@Override
public List servicePrincipalNames() {
return inner().servicePrincipalNames();
}
@Override
public Map passwordCredentials() {
return Collections.unmodifiableMap(cachedPasswordCredentials);
}
@Override
public Map certificateCredentials() {
return Collections.unmodifiableMap(cachedCertificateCredentials);
}
@Override
public Set roleAssignments() {
return Collections.unmodifiableSet(new HashSet<>(cachedRoleAssignments.values()));
}
@Override
protected Observable getInnerAsync() {
return manager.inner().servicePrincipals().getAsync(id());
}
@Override
public Observable createResourceAsync() {
Observable sp = Observable.just((ServicePrincipal) this);
if (isInCreateMode()) {
if (applicationCreatable != null) {
ActiveDirectoryApplication application = this.taskResult(applicationCreatable.key());
createParameters.withAppId(application.applicationId());
}
sp = manager.inner().servicePrincipals().createAsync(createParameters)
.map(innerToFluentMap(this));
}
return sp.flatMap(new Func1>() {
@Override
public Observable call(ServicePrincipal servicePrincipal) {
return submitCredentialsAsync(servicePrincipal).mergeWith(submitRolesAsync(servicePrincipal));
}
}).map(new Func1() {
@Override
public ServicePrincipal call(ServicePrincipal servicePrincipal) {
for (PasswordCredentialImpl passwordCredential : passwordCredentialsToCreate) {
passwordCredential.exportAuthFile((ServicePrincipalImpl) servicePrincipal);
}
for (CertificateCredentialImpl certificateCredential : certificateCredentialsToCreate) {
certificateCredential.exportAuthFile((ServicePrincipalImpl) servicePrincipal);
}
passwordCredentialsToCreate.clear();
certificateCredentialsToCreate.clear();
return servicePrincipal;
}
});
}
private Observable submitCredentialsAsync(final ServicePrincipal sp) {
Observable observable = Observable.just(null);
if (!certificateCredentialsToCreate.isEmpty() || !certificateCredentialsToDelete.isEmpty()) {
Map newCerts = new HashMap<>(cachedCertificateCredentials);
for (String delete : certificateCredentialsToDelete) {
newCerts.remove(delete);
}
for (CertificateCredential create : certificateCredentialsToCreate) {
newCerts.put(create.name(), create);
}
observable = observable.mergeWith(manager().inner().servicePrincipals().updateKeyCredentialsAsync(sp.id(),
Lists.transform(new ArrayList<>(newCerts.values()), new Function() {
@Override
public KeyCredentialInner apply(CertificateCredential input) {
return input.inner();
}
})));
}
if (!passwordCredentialsToCreate.isEmpty() || !passwordCredentialsToDelete.isEmpty()) {
Map newPasses = new HashMap<>(cachedPasswordCredentials);
for (String delete : passwordCredentialsToDelete) {
newPasses.remove(delete);
}
for (PasswordCredential create : passwordCredentialsToCreate) {
newPasses.put(create.name(), create);
}
observable = observable.mergeWith(manager().inner().servicePrincipals().updatePasswordCredentialsAsync(sp.id(),
Lists.transform(new ArrayList<>(newPasses.values()), new Function() {
@Override
public PasswordCredentialInner apply(PasswordCredential input) {
return input.inner();
}
})));
}
return observable.last().flatMap(new Func1>() {
@Override
public Observable call(Void aVoid) {
passwordCredentialsToDelete.clear();
certificateCredentialsToDelete.clear();
return refreshCredentialsAsync();
}
});
}
private Observable submitRolesAsync(final ServicePrincipal servicePrincipal) {
Observable create;
if (rolesToCreate.isEmpty()) {
create = Observable.just(servicePrincipal);
} else {
create = Observable.from(rolesToCreate.entrySet())
.flatMap(new Func1, Observable>() {
@Override
public Observable call(Map.Entry role) {
return manager().roleAssignments().define(SdkContext.randomUuid())
.forServicePrincipal(servicePrincipal)
.withBuiltInRole(role.getValue())
.withScope(role.getKey())
.createAsync();
}
})
.doOnNext(new Action1() {
@Override
public void call(Indexable o) {
cachedRoleAssignments.put(((RoleAssignment) o).id(), (RoleAssignment) o);
}
})
.last()
.map(new Func1() {
@Override
public ServicePrincipal call(Indexable o) {
rolesToCreate.clear();
return servicePrincipal;
}
});
}
Observable delete;
if (rolesToDelete.isEmpty()) {
delete = Observable.just(servicePrincipal);
} else {
delete = Observable.from(rolesToDelete)
.flatMap(new Func1>() {
@Override
public Observable call(final String s) {
return manager().roleAssignments().deleteByIdAsync(cachedRoleAssignments.get(s).id())
.toSingle(new Func0() {
@Override
public String call() {
return s;
}
}).toObservable();
}
})
.doOnNext(new Action1() {
@Override
public void call(String s) {
cachedRoleAssignments.remove(s);
}
})
.last()
.map(new Func1() {
@Override
public ServicePrincipal call(Object o) {
rolesToDelete.clear();
return servicePrincipal;
}
});
}
return create.mergeWith(delete).last();
}
@Override
public boolean isInCreateMode() {
return id() == null;
}
Observable refreshCredentialsAsync() {
final Observable keyCredentials = manager.inner().servicePrincipals().listKeyCredentialsAsync(id())
.map(new Func1, Map>() {
@Override
public Map call(List keyCredentialInners) {
if (keyCredentialInners == null || keyCredentialInners.isEmpty()) {
return Collections.emptyMap();
}
Map certificateCredentialMap = new HashMap();
for (KeyCredentialInner inner : keyCredentialInners) {
CertificateCredential credential = new CertificateCredentialImpl<>(inner);
certificateCredentialMap.put(credential.name(), credential);
}
return certificateCredentialMap;
}
})
.map(new Func1, ServicePrincipal>() {
@Override
public ServicePrincipal call(Map stringCertificateCredentialMap) {
ServicePrincipalImpl.this.cachedCertificateCredentials = stringCertificateCredentialMap;
return ServicePrincipalImpl.this;
}
});
final Observable passwordCredentials = manager.inner().servicePrincipals().listPasswordCredentialsAsync(id())
.map(new Func1, Map>() {
@Override
public Map call(List passwordCredentialInners) {
if (passwordCredentialInners == null || passwordCredentialInners.isEmpty()) {
return Collections.emptyMap();
}
Map passwordCredentialMap = new HashMap();
for (PasswordCredentialInner inner : passwordCredentialInners) {
PasswordCredential credential = new PasswordCredentialImpl<>(inner);
passwordCredentialMap.put(credential.name(), credential);
}
return passwordCredentialMap;
}
}).map(new Func1, ServicePrincipal>() {
@Override
public ServicePrincipal call(Map stringPasswordCredentialMap) {
ServicePrincipalImpl.this.cachedPasswordCredentials = stringPasswordCredentialMap;
return ServicePrincipalImpl.this;
}
});
return keyCredentials.mergeWith(passwordCredentials).last();
}
@Override
public Observable refreshAsync() {
return getInnerAsync()
.map(innerToFluentMap(this))
.flatMap(new Func1>() {
@Override
public Observable call(ServicePrincipal application) {
return refreshCredentialsAsync();
}
});
}
@Override
@SuppressWarnings("unchecked")
public CertificateCredentialImpl defineCertificateCredential(String name) {
return new CertificateCredentialImpl<>(name, this);
}
@Override
@SuppressWarnings("unchecked")
public PasswordCredentialImpl definePasswordCredential(String name) {
return new PasswordCredentialImpl<>(name, this);
}
@Override
public ServicePrincipalImpl withoutCredential(String name) {
if (cachedPasswordCredentials.containsKey(name)) {
passwordCredentialsToDelete.add(name);
} else if (cachedCertificateCredentials.containsKey(name)) {
certificateCredentialsToDelete.add(name);
}
return this;
}
@Override
public ServicePrincipalImpl withCertificateCredential(CertificateCredentialImpl credential) {
this.certificateCredentialsToCreate.add(credential);
return this;
}
@Override
public ServicePrincipalImpl withPasswordCredential(PasswordCredentialImpl credential) {
this.passwordCredentialsToCreate.add(credential);
return this;
}
@Override
public ServicePrincipalImpl withExistingApplication(String id) {
createParameters.withAppId(id);
return this;
}
@Override
public ServicePrincipalImpl withExistingApplication(ActiveDirectoryApplication application) {
createParameters.withAppId(application.applicationId());
return this;
}
@Override
public ServicePrincipalImpl withNewApplication(Creatable applicationCreatable) {
this.addDependency(applicationCreatable);
this.applicationCreatable = applicationCreatable;
return this;
}
@Override
public ServicePrincipalImpl withNewApplication(String signOnUrl) {
return withNewApplication(manager.applications().define(name())
.withSignOnUrl(signOnUrl)
.withIdentifierUrl(signOnUrl));
}
@Override
public GraphRbacManager manager() {
return manager;
}
@Override
public ServicePrincipalImpl withNewRole(BuiltInRole role, String scope) {
this.rolesToCreate.put(scope, role);
return this;
}
@Override
public ServicePrincipalImpl withNewRoleInSubscription(BuiltInRole role, String subscriptionId) {
this.assignedSubscription = subscriptionId;
return withNewRole(role, "subscriptions/" + subscriptionId);
}
@Override
public ServicePrincipalImpl withNewRoleInResourceGroup(BuiltInRole role, ResourceGroup resourceGroup) {
return withNewRole(role, resourceGroup.id());
}
@Override
public Update withoutRole(RoleAssignment roleAssignment) {
this.rolesToDelete.add(roleAssignment.id());
return this;
}
}