profile
viewpoint

SvenHamers/terraform-opendistro-security 2

terraform provider for opendistro security

SvenHamers/slack-sessiontoken 1

Gets a sessiontoken from a specified user

embracesbs/terraform-provider-helm 0

Terraform Helm provider

SvenHamers/charts 0

Curated applications for Kubernetes

SvenHamers/dynamic-struct 0

Golang package for editing struct's fields during runtime and mapping structs to other structs.

SvenHamers/go-opendistro 0

Go client for OpenDistro

SvenHamers/HueBunq 0

Send commands to hue lights based on balance in bunq account

issue commenthashicorp/terraform-provider-azuread

Assigning Users or Groups to an Enterprise Application in Azure

@drdamour Azure/azure-sdk-for-go#7352

So is the above linked issue actually needed for this to happen?

Or will v2.0 of the provider essentially solve this? Comments in #323 suggest that this provider will use its own Azure SDK, as opposed to the official one.

VF-mbrauer

comment created time in 17 minutes

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 7be42c73d19bf49607f5f984d2c93faf791afd0b

azuread_application_certificate: add more examples

view details

push time in a day

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 3c69a327a2bafde2188554639d923affab9b93e1

Support hexadecimal and (base64 encoded) der certificate encodings for application_certificate and service_principal_certificate

view details

push time in a day

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 19e25e0dd395a8d292e6b5a5eeb558b735aeddce

Support hexadecimal and (base64 encoded) der certificate encodings for application_certificate and service_principal_certificate

view details

push time in a day

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha d69c2fe31831c90573c2859574f9feecff1bfa79

f

view details

push time in a day

issue commenthashicorp/terraform-provider-azuread

Unable to add a certificate credential to an Azure AD application or service principal by referencing a certificate stored in Azure Key Vault

Thanks for raising this @CaptainStealthy. I agree it would be good for the azurerm_key_vault_certificate resource to export a PEM encoded certificate, however I believe this is still a useful feature here since certificate data can come from a variety of sources.

CaptainStealthy

comment created time in a day

PR opened hashicorp/terraform-provider-azuread

Support hexadecimal and (base64 encoded) der certificate encodings enhancement feature/application feature/service-principal

For azuread_application_certificate and azuread_service_principal_certificate resources.

Adds an encoding property which defaults to "pem" and supports:

  • pem - the currently supported PEM encoding
  • der - base64 encoded DER certificate
  • hex - hexadecimal certificate data, i.e. as exported by azurerm_key_vault_certificate

Closes: #385

+224 -23

0 comment

5 changed files

pr created time in a day

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 2b23d0fc2b581d66b536a70b37c32d99c5d061f3

Support hexadecimal and (base64 encoded) der certificate encodings for application_certificate and service_principal_certificate

view details

push time in a day

issue commenthashicorp/terraform-provider-azuread

Unable to add a certificate credential to an Azure AD application or service principal by referencing a certificate stored in Azure Key Vault

Thanks to help (directly and indirectly) from @manicminer, @matti, and @akingscote (ref - https://github.com/hashicorp/terraform/issues/26163#issuecomment-688872272), I've got myself a workaround! 😁

This little snippet will take the certificate (which is in hexadecimal) from Azure Key Vault and convert it into a base64 encoded string, which can then be fed into azuread_application_certificate or azuread_service_principal_certificate.

manicminer, per our Slack conversation, I am leaving this open for now. I should note, the root cause isn't in this provider - a comment in #8482 of azurerm suggests that the hex attribute is going to be removed in a future release in favor of just returning a base64 string, so I wouldn't put it too terribly high on your priority list.

Thanks again, all!

# This code requires other pieces in order to function, obviously
# But this is the specific code needed to take hex certificate returned by azurerm and convert it into a base64 string

module "cert-hex-decode" {
  source  = "matti/resource/shell"
  version = "1.1.0"
  command = "echo ${azurerm_key_vault_certificate.cert.certificate_data} | xxd -r -p | base64 -w 0"
  trigger = azurerm_key_vault_certificate.cert.version
}

resource "azuread_application_certificate" "app_cert" {
  application_object_id = azuread_application.app.id
  type                  = "AsymmetricX509Cert"
  value                 = module.cert-hex-decode.stdout
  end_date              = azurerm_key_vault_certificate.cert.certificate_attribute[0].expires
  start_date            = azurerm_key_vault_certificate.cert.certificate_attribute[0].not_before
  depends_on            = [module.cert-hex-decode.id] # Not sure if this is needed, but I put it in for sanity's sake
}
CaptainStealthy

comment created time in a day

issue commenthashicorp/terraform-provider-azuread

Unable to add a certificate credential to an Azure AD application or service principal by referencing a certificate stored in Azure Key Vault

Just in case anyone else is facing the same problem and happens to stumble upon this thread, I thought I should provide an update. Upon several hours of Google-fu...

It appears that this is actually an underlying issue in the azurerm provider:

  • https://github.com/terraform-providers/terraform-provider-azurerm/issues/8072
  • https://github.com/terraform-providers/terraform-provider-azurerm/issues/8482
  • https://github.com/terraform-providers/terraform-provider-azurerm/pull/8184

Basically, the azurerm_keyvault_certificate resource outputs certs in hexadecimal format, which can't be read/converted by this provider - or that's how I interpret things, anyway.

I am going to see if I can come up with an alternative workaround while waiting for the aforementioned PR to be closed. Hope to report back soon!

CaptainStealthy

comment created time in a day

issue openedhashicorp/terraform-provider-azuread

Unable to add a certificate credential to an Azure AD application or service principal by referencing a certificate stored in Azure Key Vault

<!--- Please note the following potential times when an issue might be in Terraform core:

If you are running into one of these scenarios, we recommend opening an issue in the Terraform core repository instead. --->

<!--- Please keep this note for the community --->

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritise this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritise the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

<!--- Thank you for keeping this note for the community --->

Terraform (and AzureAD Provider) Version

Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/azuread v1.2.2
+ provider registry.terraform.io/hashicorp/azurerm v2.43.0

<!--- Please run terraform -v to show the Terraform core version and provider version(s). If you are not running the latest version of Terraform or the provider, please upgrade because your issue may have already been fixed. Terraform documentation on provider versioning. --->

Affected Resource(s)

<!--- Please list the affected resources and data sources. --->

  • azuread_application_certificate

Terraform Configuration Files

<!--- Information about code formatting: https://help.github.com/articles/basic-writing-and-formatting-syntax/#quoting-code --->

resource "azurerm_key_vault_certificate" "cert" {
  name         = var.resourcegroup_name
  key_vault_id = azurerm_key_vault.kv.id

  certificate_policy {
    issuer_parameters {
      name = "Self"
    }

    key_properties {
      exportable = true
      key_size   = 2048
      key_type   = "RSA"
      reuse_key  = true
    }

    lifetime_action {
      action {
        action_type = "EmailContacts"
      }

      trigger {
        days_before_expiry = 30
      }
    }

    secret_properties {
      content_type = "application/x-pkcs12"
    }

    x509_certificate_properties {
      # Server Authentication = 1.3.6.1.5.5.7.3.1
      # Client Authentication = 1.3.6.1.5.5.7.3.2
      extended_key_usage = ["1.3.6.1.5.5.7.3.1"]

      key_usage = [
        "cRLSign",
        "dataEncipherment",
        "digitalSignature",
        "keyAgreement",
        "keyCertSign",
        "keyEncipherment",
      ]

      subject            = "CN=${var.resourcegroup_name}"
      validity_in_months = 12
    }
  }
}

resource "azuread_application" "app" {
  display_name            = join("", [var.resourcegroup_name, "-ManagedByTerraform"])
  homepage                = local.api_url
  owners                  = concat(data.azuread_users.app_owners.object_ids, [local.azurerm_principal_id])
  prevent_duplicate_names = true
}

resource "azuread_service_principal" "app" {
  application_id = azuread_application.app.application_id
}

resource "azuread_application_certificate" "app_cert" {
  application_object_id = azuread_application.app.id
  type                  = "AsymmetricX509Cert"
  value                 = azurerm_key_vault_certificate.cert.certificate_data
  end_date              = azurerm_key_vault_certificate.cert.certificate_attribute[0].expires
  start_date            = azurerm_key_vault_certificate.cert.certificate_attribute[0].not_before
}

Expected Behavior

Expected TF to add a certificate credential to the AAD application by pulling the newly created PKCS12 certificate in Azure Key Vault.

Actual Behavior

Deployment failed with the following error:

azuread_application_certificate.app_cert: Creating...

Error: Creating certificate credentials "<redacted>" for application with object ID "<redacted>"

graphrbac.ApplicationsClient#UpdateKeyCredentials: Failure responding to
request: StatusCode=400 -- Original Error: autorest/azure: Service returned an
error. Status=400 Code="Unknown" Message="Unknown service error"
Details=[{"odata.error":{"code":"Request_BadRequest","date":"2021-01-19T01:12:10","message":{"lang":"en","value":"Invalid
certificate: Key value is invalid
certificate"},"requestId":"<redacted>","values":[{"item":"PropertyName","value":"keyCredentials.value"},{"item":"PropertyErrorCode","value":"InvalidKeyValue"}]}}]

Steps to Reproduce

<!--- Please list the steps required to reproduce the issue. --->

  1. terraform apply

Important Factoids

I tried changing the credential type from AsymmetricX509Cert to Symmetric and got this:

Encrypted secret cannot be empty and can be at most 1024 bytes. Current length is 1859

created time in 2 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 07d2a79e9fa7ce66f9fe958c3dadd7260d291d59

improve make target for TODOs

view details

Tom Bamford

commit sha 35a05c33388728bcd6e3e823fe9ad87540f6ee78

Preliminary support for Microsoft Graph - Using https://github.com/manicminer/hamilton - Supports service principal authentication via client certificate or client secret - Configures an Authorizer struct for acquiring access tokens using MSID v2.0 - Currently only works for https://graph.microsoft.com (i.e. not other clouds)

view details

Tom Bamford

commit sha 55b2e6424567edc7750c9920d1b0217193bdebb8

Support Azure CLI authentication for MS Graph

view details

Tom Bamford

commit sha a20704d4e486470cdcb72b47fa2903abab7bcab1

Parse claims in access tokens to surface useful authentication metadata, use in azuread_client_config to retrieve authenticated object ID

view details

Tom Bamford

commit sha b96dafc016a6399682d46ea5528956ebdb97addd

Update Hamilton SDK

view details

Tom Bamford

commit sha 61ed0302e2a1e0c987de4b3698e4dfd0127215fc

azuread_client_config: return an error is object_id is empty

view details

Tom Bamford

commit sha dc54ee1d34fd549570c3a35a09736dd1fd9563dc

Fix bug in acceptance helper that fails to check a resource is deleted - We haven't hit this with AAD Graph because it continues to report resources exist long after they're gone

view details

Tom Bamford

commit sha 05340f0be5333699fe813f8980ce16714c06013b

Vendor latest Hamilton changes, configure client authorizer and user agent

view details

Tom Bamford

commit sha cd30694194a9b86c935a72f7b6792180d17e470a

Helpers for Microsoft Graph

view details

Tom Bamford

commit sha f910767b8d7b818873837664657fcfd1ad3d5f68

Microsoft Graph support for Applications - Except for azuread_application_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 40cd94ab10351b7fe1db35a235bc33dd4aec121b

Microsoft Graph support for Domains

view details

Tom Bamford

commit sha ed0e0896b215756cc5b87b0b4bce30532a63ecff

Microsoft Graph support for Groups

view details

Tom Bamford

commit sha 4d37be9b8e766c88e6ec29542f917a6772dff075

Microsoft Graph support for Service Principals - Except for azuread_service_principal_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha c6982eaa99dda307572bfb5bc22e720559fcb3b4

Microsoft Graph support for Users

view details

Tom Bamford

commit sha db47136b141956d8683ee2b729138548b9a60f8b

Remove unused common schema functions

view details

Tom Bamford

commit sha 51cb7875982fd4f88ee4281707c10bab722f93cd

Support all national clouds for Microsoft Graph. Remove unused fields.

view details

Tom Bamford

commit sha 34f12bb7620c14f8f55d0f7f8378f456eb7bc8f6

Improve provider acceptance tests

view details

push time in 2 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 07d2a79e9fa7ce66f9fe958c3dadd7260d291d59

improve make target for TODOs

view details

Tom Bamford

commit sha 35a05c33388728bcd6e3e823fe9ad87540f6ee78

Preliminary support for Microsoft Graph - Using https://github.com/manicminer/hamilton - Supports service principal authentication via client certificate or client secret - Configures an Authorizer struct for acquiring access tokens using MSID v2.0 - Currently only works for https://graph.microsoft.com (i.e. not other clouds)

view details

Tom Bamford

commit sha 55b2e6424567edc7750c9920d1b0217193bdebb8

Support Azure CLI authentication for MS Graph

view details

Tom Bamford

commit sha a20704d4e486470cdcb72b47fa2903abab7bcab1

Parse claims in access tokens to surface useful authentication metadata, use in azuread_client_config to retrieve authenticated object ID

view details

Tom Bamford

commit sha b96dafc016a6399682d46ea5528956ebdb97addd

Update Hamilton SDK

view details

Tom Bamford

commit sha 61ed0302e2a1e0c987de4b3698e4dfd0127215fc

azuread_client_config: return an error is object_id is empty

view details

push time in 2 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 07d2a79e9fa7ce66f9fe958c3dadd7260d291d59

improve make target for TODOs

view details

push time in 2 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha b3b7fad8eb10caf8bc4c93a5553f507f0d02c5f5

Microsoft Graph support for Applications - Except for azuread_application_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 3a6ac8ad206cbc56196f4e8d0bf452eff91db81d

Microsoft Graph support for Domains

view details

Tom Bamford

commit sha 382451e764836c1032146a040a18ebe4ee8e65ad

Microsoft Graph support for Groups

view details

Tom Bamford

commit sha 4ecca2634d8462dffee59c4844f0c9fe8b496478

Microsoft Graph support for Service Principals - Except for azuread_service_principal_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 155a0012e859c7b570b2515f80b1d54aa87c4896

Microsoft Graph support for Users

view details

Tom Bamford

commit sha 14d3fe6ecba3c4690e0aba1e697151c5f3e2a524

Remove unused common schema functions

view details

Tom Bamford

commit sha 253a7a197e2a3b01b36078071dc1af35c5e915e8

Support all national clouds for Microsoft Graph. Remove unused fields.

view details

Tom Bamford

commit sha 35abff002abb20c2138c7267b3bb5e74f18fef2a

Improve provider acceptance tests

view details

push time in 2 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 4d8f76c32fac0d2993e20bb85671705fef11a0c1

Microsoft Graph support for Applications - Except for azuread_application_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 03037440a8ce1f8db9ee882e7c2bcc7846e91b8c

Microsoft Graph support for Domains

view details

Tom Bamford

commit sha 22fa8a5414a8617a6325b9133cf3677990a91086

Microsoft Graph support for Groups

view details

Tom Bamford

commit sha ba45166db936ddbced6b49136a7de274af0b6017

Microsoft Graph support for Service Principals - Except for azuread_service_principal_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 67bd9776d36221298bdcceca207bc74727df676a

Microsoft Graph support for Users

view details

Tom Bamford

commit sha 6dc658558e853d52b509522e13c3dcad2e7c45ff

Remove unused common schema functions

view details

Tom Bamford

commit sha 4d5dccb0388c2ea00a79fd0b0c522adf5de13eef

Support all national clouds for Microsoft Graph. Remove unused fields.

view details

Tom Bamford

commit sha 622237c2509c41c16fda1215fadaaf579dbb5365

Improve provider acceptance tests

view details

push time in 2 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha c5c5c73c0349bb8f8ff6e59cdf732de062f3edc3

Microsoft Graph support for Applications - Except for azuread_application_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha ddff5ac29a0d57a7b35fe2e75ff26472a5aa90d2

Microsoft Graph support for Domains

view details

Tom Bamford

commit sha 7e6f071915a0797a8dc108d83058bf3eec0b4b9b

Microsoft Graph support for Groups

view details

Tom Bamford

commit sha 4b9a70d1efa709db66b9eb38186e50dbd596ba62

Microsoft Graph support for Service Principals - Except for azuread_service_principal_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 110fc6d74d9d3d82a7d1da98504bfd14376b36cd

Microsoft Graph support for Users

view details

Tom Bamford

commit sha eecb057c3088a47b6e3af9aa521fd4079c17fcae

Remove unused common schema functions

view details

Tom Bamford

commit sha cb3f8c9ef697bca7d23cf51c0eccbc9d6eb3e410

Support all national clouds for Microsoft Graph. Remove unused fields.

view details

Tom Bamford

commit sha f67cb3769feb2ade350a65bf4ea54c8e520894cc

Improve provider acceptance tests

view details

push time in 2 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 2e6500cc4580afc0aa0839a19dc4cd9caf0abbc1

Microsoft Graph support for Applications - Except for azuread_application_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha f584827583677a90e6a677c79e5eb3132252779a

Microsoft Graph support for Domains

view details

Tom Bamford

commit sha c21a674755d3ec81253a51d48a20cd65528ef200

Microsoft Graph support for Groups

view details

Tom Bamford

commit sha cde94d3394e1463690d02a8908a1ecd088c9862b

Microsoft Graph support for Service Principals - Except for azuread_service_principal_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 85a47bd45a20dba0d06756998bdfed9ce1c3e1a3

Microsoft Graph support for Users

view details

Tom Bamford

commit sha 3e3b0be31dd3a38cff013ea1fbe9375c61f93cea

Remove unused common schema functions

view details

Tom Bamford

commit sha a9de47ea7501a4b1796dc6d673652c29fbec4146

Support all national clouds for Microsoft Graph. Remove unused fields.

view details

Tom Bamford

commit sha cf45ab42311517b4970e1f72e4cf6aadda38d306

Improve provider acceptance tests

view details

push time in 2 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 4ccfcde091d6934f8547b1c0afcaa11fdbd9c519

Microsoft Graph support for Applications - Except for azuread_application_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha f4691647a109d5b0d5d6f061dbf7d0e167faab0c

Microsoft Graph support for Domains

view details

Tom Bamford

commit sha 33b16202a85856837c203843b8792bb310fa8148

Microsoft Graph support for Groups

view details

Tom Bamford

commit sha dce10e70985ada6fe848501bc13e59817816ddd3

Microsoft Graph support for Service Principals - Except for azuread_service_principal_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 71bdafef3e53ff8e9b9caff0eec221a5217cc98e

Microsoft Graph support for Users

view details

Tom Bamford

commit sha de38f0404d70c3da7b0dbecadde9eef416d7d575

Remove unused common schema functions

view details

Tom Bamford

commit sha d26c63df60b185828d97d3755306d8d98e675cd9

Support all national clouds for Microsoft Graph. Remove unused fields.

view details

Tom Bamford

commit sha 67136fe39a447fa95228a83939ed7cee2e813c16

Improve provider acceptance tests

view details

push time in 2 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 293b9c980900a4205e4550048c2c7dd2021a63fb

Microsoft Graph support for Applications - Except for azuread_application_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha cc1148e5b36614836a45b24817e23055cffd40a5

Microsoft Graph support for Domains

view details

Tom Bamford

commit sha 9b0d84adb915198b2936f9ac03898b32f7cd3e0a

Microsoft Graph support for Groups

view details

Tom Bamford

commit sha 6bda15a314e979006bacf210ec86b72a6511f206

Microsoft Graph support for Service Principals - Except for azuread_service_principal_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 070ff3bf4ae2fae50d57175cc3e2de462a708645

Microsoft Graph support for Users

view details

Tom Bamford

commit sha 6c59db978bd26e11d6c1e8677cbf84369c01678e

Remove unused common schema functions

view details

Tom Bamford

commit sha ed72e3bdade53b85389955e4b217acd02edbb065

Support all national clouds for Microsoft Graph. Remove unused fields.

view details

Tom Bamford

commit sha 75f02068e3a0ef1f17c6b18b2c549d7809b3ac56

Improve provider acceptance tests

view details

push time in 3 days

push eventhashicorp/terraform-provider-azuread

tf-release-bot

commit sha 251c86db8ec89d1f1faaa83044aaf6fb69a60885

v1.2.2

view details

Tom Bamford

commit sha 9279d0f59247daa1ecddcee733f1f324b56b2bdc

make target to search for TODOs

view details

Tom Bamford

commit sha 359e5017fd99d7449d10dac873258e2b3343520e

Preliminary support for Microsoft Graph - Using https://github.com/manicminer/hamilton - Supports service principal authentication via client certificate or client secret - Configures an Authorizer struct for acquiring access tokens using MSID v2.0 - Currently only works for https://graph.microsoft.com (i.e. not other clouds)

view details

Tom Bamford

commit sha 6b658b19d366e8871364683d13d0f7252c7d307b

Support Azure CLI authentication for MS Graph

view details

Tom Bamford

commit sha 5e511d9be939a0e264183e39018d645ba200d339

Parse claims in access tokens to surface useful authentication metadata, use in azuread_client_config to retrieve authenticated object ID

view details

Tom Bamford

commit sha 1e4472a81abebd5ea2bff9df696fa0546faed61c

Update Hamilton SDK

view details

Tom Bamford

commit sha 699056c2ffbd10bd517ffc23ba63023d4f5cc771

azuread_client_config: return an error is object_id is empty

view details

Tom Bamford

commit sha 240e063b7d57409b99e579b6f6d54df2e01ee426

Fix bug in acceptance helper that fails to check a resource is deleted - We haven't hit this with AAD Graph because it continues to report resources exist long after they're gone

view details

Tom Bamford

commit sha 795cb29d8fc5864edd0c048b91e4204e66ee2304

Vendor latest Hamilton changes, configure client authorizer and user agent

view details

Tom Bamford

commit sha cbcf696b328c00af6bd231dc7c8ba94499bb0781

Helpers for Microsoft Graph

view details

Tom Bamford

commit sha 80a45379bebd2eff8feba5738a611ab839260b9e

Microsoft Graph support for Applications - Except for azuread_application_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 8eb92b7cd1753b7f8f8c62cd60cb4c2842223134

Microsoft Graph support for Domains

view details

Tom Bamford

commit sha d946bd8b556cd8e332d914c07df7bbc5e02b8e58

Microsoft Graph support for Groups

view details

Tom Bamford

commit sha 18f1e244b75730e3d4dd76277e384b56c00a10f7

Microsoft Graph support for Service Principals - Except for azuread_service_principal_password because MS Graph no longer supports user-supplied password values. - This needs further investigation. We may need to drop the `value` attribute in v2.0

view details

Tom Bamford

commit sha 56491dbf06b0d698dfa4477588c19166c5cf4520

Microsoft Graph support for Users

view details

Tom Bamford

commit sha d03177aabd1e6cbf38bfa0cadab501723f334d3d

Remove unused common schema functions

view details

Tom Bamford

commit sha cf8129fd6d17c441dc8f7c5743d520c55390392d

Update Hamilton to initial release

view details

Tom Bamford

commit sha bb9d702fa8f4e1cdf4439b4d6b06fd4e801780cc

Support all national clouds for Microsoft Graph. Remove unused fields.

view details

Tom Bamford

commit sha 0af36ed5e5ff81f38f7252a5407b02cbc83ad150

Improve provider acceptance tests

view details

push time in 3 days

push eventhashicorp/terraform-provider-azuread

tf-release-bot

commit sha 251c86db8ec89d1f1faaa83044aaf6fb69a60885

v1.2.2

view details

Tom Bamford

commit sha 9279d0f59247daa1ecddcee733f1f324b56b2bdc

make target to search for TODOs

view details

Tom Bamford

commit sha 359e5017fd99d7449d10dac873258e2b3343520e

Preliminary support for Microsoft Graph - Using https://github.com/manicminer/hamilton - Supports service principal authentication via client certificate or client secret - Configures an Authorizer struct for acquiring access tokens using MSID v2.0 - Currently only works for https://graph.microsoft.com (i.e. not other clouds)

view details

Tom Bamford

commit sha 6b658b19d366e8871364683d13d0f7252c7d307b

Support Azure CLI authentication for MS Graph

view details

Tom Bamford

commit sha 5e511d9be939a0e264183e39018d645ba200d339

Parse claims in access tokens to surface useful authentication metadata, use in azuread_client_config to retrieve authenticated object ID

view details

Tom Bamford

commit sha 1e4472a81abebd5ea2bff9df696fa0546faed61c

Update Hamilton SDK

view details

Tom Bamford

commit sha 699056c2ffbd10bd517ffc23ba63023d4f5cc771

azuread_client_config: return an error is object_id is empty

view details

push time in 3 days

push eventhashicorp/terraform-provider-azuread

Tom Bamford

commit sha 9279d0f59247daa1ecddcee733f1f324b56b2bdc

make target to search for TODOs

view details

push time in 3 days

delete branch enkodellc/blazorboilerplate

delete branch : dependabot/nuget/Finbuckle.MultiTenant.EntityFrameworkCore-6.1.0

delete time in 3 days

pull request commentenkodellc/blazorboilerplate

Bump Finbuckle.MultiTenant.EntityFrameworkCore from 6.0.0 to 6.1.0

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot-preview[bot]

comment created time in 3 days

PR closed enkodellc/blazorboilerplate

Bump Finbuckle.MultiTenant.EntityFrameworkCore from 6.0.0 to 6.1.0 dependencies 🔍 Ready for Review

Bumps Finbuckle.MultiTenant.EntityFrameworkCore from 6.0.0 to 6.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Finbuckle/Finbuckle.MultiTenant/releases">Finbuckle.MultiTenant.EntityFrameworkCore's releases</a>.</em></p> <blockquote> <h1>Finbuckle.MultiTenant 6.1.0</h1> <p>Finbuckle.MultiTenant is a open source multitenancy library for .NET. It provides for tenant resolution, per-tenant app behavior, and per-tenant data isolation.</p> <p>.NET 5.0, .NET Core 3.1, and .NET Core 2.1 are supported.</p> <p>See <a href="https://www.finbuckle.com">https://www.finbuckle.com</a> for more details and documentation.</p> <p>See <a href="https://github.com/Finbuckle/Finbuckle.MultiTenant/blob/HEAD/LICENSE">https://github.com/Finbuckle/Finbuckle.MultiTenant/blob/HEAD/LICENSE</a> file for license information.</p> <p>See <a href="https://github.com/Finbuckle/Finbuckle.MultiTenant/blob/HEAD/CHANGELOG.md">CHANGELOG</a> for version history details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Finbuckle/Finbuckle.MultiTenant/blob/develop/CHANGELOG.md">Finbuckle.MultiTenant.EntityFrameworkCore's changelog</a>.</em></p> <blockquote> <h2>Version</h2> <p><strong>6.1.0</strong></p> <ul> <li>.NET 5.0 support.</li> <li>New <code>DistributedCacheStore</code> uses the ASP.NET Core distributed cache for tenant resolution.</li> <li>New <code>HeaderStrategy</code> uses HTTP headers for tenant resolution. Thanks to <strong><a href="https://github.com/natelaff">@natelaff</a></strong>!</li> <li>Support for inheritance in multitenant Entity Framework Core entity. Thanks to <strong><a href="https://github.com/rchamorro">@rchamorro</a></strong>!</li> <li>Fixed a conflict between ClaimStrategy and per-tenant authentication.</li> <li>Updated docs, samples, and unit tests.</li> </ul> <p><strong>6.0.0</strong></p> <ul> <li>Customizable <code>TenantInfo</code>. Implement <code>ITenantInfo</code> as needed or use the basic <code>TenantInfo</code> implementation. Should work with most strategies and stores. This was a major overhaul to the library. See docs for more information.</li> <li>Changed NuGet structure: use <code>Finbuckle.MultiTenant.AspNetCore</code> for web apps and if needed add <code>Finbuckle.MultiTenant.EntityFrameworkCore</code>.</li> <li><code>WithPerTenantAuthentication</code> - Adds support for common per-tenant authentication scenarios. See docs for full details.</li> <li>Multiple strategies and stores can be registe red. They will run in the order registered and the first tenant returned by a strategy/store combination is used.</li> <li>New <code>ClaimStrategy</code> checks for a tenant claim to resolve the tenant.</li> <li>New <code>SessionStrategy</code> uses a session variable to resolve the tenant.</li> <li>Refactored <code>InMemoryStore</code>, removed deprecated configuration functionality.</li> <li>Improved Blazor support.</li> <li>Improved support for non ASP.NET Core use cases.</li> <li>Removed support for ASP.NET 3.0.</li> <li>Removed <code>FallbackStrategy</code>, <code>StaticStrategy</code> is a better alternative.</li> <li>Bug fixes, refactors, and tweaks.</li> <li>Improved unit tests.</li> <li>Updated and improved documentation.</li> <li>Updated sample. Removed some older ASP.NET Core 2.1 samples.</li> </ul> <p><strong>5.0.4</strong></p> <ul> <li>Fixed a conflicting assembly and NuGet versions.</li> <li>Minor documentation fix.</li> </ul> <p><strong>5.0.3</strong></p> <ul> <li>Fixed a bug where documented static methods were internal rather than public.</li> <li>Minor documentation fix.</li> </ul> <p><strong>5.0.1</strong></p> <ul> <li>Updated for <a href="https://devblogs.microsoft.com/dotnet/net-core-january-2020/">.NET Core January 2020 Updates</a> adding support for .NET Core 2.1.15, 3.0.2, and 3.1.1.</li> <li>Updated dependencies as recommended in security notices for <a href="https://devblogs.microsoft.com/dotnet/net-core-january-2020/">.NET Core January 2020 Updates</a>.</li> <li><em>Finbuckle.MultiTenant.AspNetCore</em> targets <code>netcoreapp3.1</code>, <code>netcoreapp3.0</code>, and <code>netcoreapp2.1</code>.</li> <li><em>Finbuckle.MultiTenant.Core</em> targets <code>netstandard2.1</code> and <code>netstandard2.0</code>.</li> <li><em>Finbuckle.MultiTenant.EntityFrameworkCore</em> targets <code>netstandard2.1</code> and <code>netstandard2.0</code>.</li> </ul> <p><strong>5.0.0</strong></p> <ul> <li>Added support for ASP.NET Core 3.1.</li> <li>Major refactor of how Entity Framework multitenant data isolation works. No longer need to derive from <code>MultiTenantDbContext</code> greatly improving flexibility. <code>IdentityMultiTenantDbContext</code> reworked under this new model and no longer requires or recommends use of multitenant support classes, e.g. <code>MultiTenantIdentityUser</code>. Attempted to minimize impact, but if using <code>IdentityMultiTenantDbContext</code> <strong>this may be a breaking change!</strong> Thanks <strong><a href="https://github.com/GordonBlahut">@GordonBlahut</a></strong>!</li> <li>Simplified <code>EFCoreStore</code> to use <code>TenantInfo</code> directly. <strong>This is a breaking change!</strong></li> <li>Fixed a bug with user id not being set correctly in legacy 'IdentityMultiTenantDbContext'.</li> <li>Added <code>ConfigurationStore</code> to load tenant information from app configuration. The store is read-only in code, but changes in configuration (e.g. appsettings.json) are picked up at runtime. Updated most sample projects to use this store.</li> <li>Deprecated <code>InMemoryStore</code> functionality that reads from configuration.</li> <li>Added <code>HttpRemoteStore</code> which will make an http request to get a <code>TenantInfo</code> object. It can be extended with <code>DelegatingHandler</code>s (i.e. to add authentication headers). Added sample projects for this store. Thanks to <strong><a href="https://github.com/colindekker">@colindekker</a></strong>!</li> <li>Fixed an exception with OpenIdConnect remote authentication if "state" is not returned from the identity provider. The new behavior will result in no tenant found for the request.</li> </ul> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Finbuckle/Finbuckle.MultiTenant/commit/3be193a67ccc48839da6599b364d5e1ddbedfa91"><code>3be193a</code></a> release: 6.1.0 (<a href="https://github-redirect.dependabot.com/Finbuckle/Finbuckle.MultiTenant/issues/354">#354</a>)</li> <li><a href="https://github.com/Finbuckle/Finbuckle.MultiTenant/commit/4da310e78ca8cd49e8731676eb81f1f3b594ca2f"><code>4da310e</code></a> doc updates (squash merge) (<a href="https://github-redirect.dependabot.com/Finbuckle/Finbuckle.MultiTenant/issues/328">#328</a>)</li> <li><a href="https://github.com/Finbuckle/Finbuckle.MultiTenant/commit/5c037e7c9ba8ab62f86510a733955eefc149eb18"><code>5c037e7</code></a> chore: update package info in getting started (<a href="https://github-redirect.dependabot.com/Finbuckle/Finbuckle.MultiTenant/issues/321">#321</a>)</li> <li>See full diff in <a href="https://github.com/Finbuckle/Finbuckle.MultiTenant/compare/v6.0.0...v6.1.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

</details>

+1 -1

0 comment

1 changed file

dependabot-preview[bot]

pr closed time in 3 days

delete branch enkodellc/blazorboilerplate

delete branch : dependabot/nuget/Npgsql.EntityFrameworkCore.PostgreSQL-5.0.1

delete time in 3 days

pull request commentenkodellc/blazorboilerplate

Bump Npgsql.EntityFrameworkCore.PostgreSQL from 3.1.4 to 5.0.1

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot-preview[bot]

comment created time in 3 days

more