Class: Azure::Directory::Client

Inherits:

Object

• Object
• Azure::Directory::Client

Defined in:

lib/azure/directory.rb

Instance Attribute Summary

• #config ⇒ Object readonly

  Returns the value of attribute config.

• #oauth ⇒ Object readonly

  Returns the value of attribute oauth.

• #oauth_token ⇒ Object readonly

  Returns the value of attribute oauth_token.

Instance Method Summary

• #assign_license(email, sku_part_number) ⇒ Object

  Assignment of subscriptions for provisioned user account.

• #create_user(email, given_name, family_name, password, params = {}) ⇒ Hash

  Creates a unique user on the Active Directory.

• #delete_user(email) ⇒ Boolean

  Deletes an existing user by email.

• #fetch_access_token! ⇒ OAuth2::AccessToken

  Do the service-to-service access token request and save it to the Token Store defined in the configuration.

• #find_user_by_email(email, params = nil) ⇒ Hash

  Get user by email.

• #find_users(params = nil) ⇒ Array

  Get all users from the active directory.

• #get_subscribed_skus ⇒ Object

  Obtain the SubscribedSkus.

• #initialize(scope = :main) ⇒ Client constructor

  A new instance of Client.

• #update_user(email, params = nil) ⇒ Boolean

  Updates the current user with specified parameters.

• #update_user_password(email, password, force_change_password_next_login = true) ⇒ Hash

  Updates the user’s password.

Constructor Details

#initialize(scope = :main) ⇒ Client

Returns a new instance of Client.

Parameters:

• scope (Symbol) (defaults to: :main) —

  (:main) The scope to use with this client.

# File 'lib/azure/directory.rb', line 17

def initialize(scope = :main)
  @config = Azure::Directory.configuration
  @config = @config.using(scope) if @config.scope_name != scope

  @oauth = OAuth2::Client.new( @config.client_id, @config.client_secret, 
                             :site => 'https://login.windows.net/', 
                             :authorize_url =>  "/#{@config.tenant_id}/oauth2/authorize", 
                             :token_url => "/#{@config.tenant_id}/oauth2/token" )

  
  if token_hash = @config.load_token
    @oauth_token = OAuth2::AccessToken.from_hash(@oauth, token_hash)

  else
    fetch_access_token!
  end
  
end

Instance Attribute Details

#config ⇒ Object (readonly)

Returns the value of attribute config.

# File 'lib/azure/directory.rb', line 12

def config
  @config
end

#oauth ⇒ Object (readonly)

Returns the value of attribute oauth.

# File 'lib/azure/directory.rb', line 12

def oauth
  @oauth
end

#oauth_token ⇒ Object (readonly)

Returns the value of attribute oauth_token.

# File 'lib/azure/directory.rb', line 12

def oauth_token
  @oauth_token
end

Instance Method Details

#assign_license(email, sku_part_number) ⇒ Object

Assignment of subscriptions for provisioned user account.

Examples:

assign_license('username@domain.com', 'STANDARDWOFFPACK_STUDENT')

Parameters:

• sku_part_number (String) —

  Using this name we get the skuId to do the proper assignment.

# File 'lib/azure/directory.rb', line 166

def assign_license(email, sku_part_number)
  skus = get('subscribedSkus')['value']
  return nil unless sku = skus.detect{ |_sku| _sku['skuPartNumber'] == sku_part_number }
  
  post("users/#{email}/assignLicense", { "addLicenses" => [ {"disabledPlans" => [], "skuId" => sku['skuId'] }], "removeLicenses" => [] })
end

#create_user(email, given_name, family_name, password, params = {}) ⇒ Hash

Creates a unique user on the Active Directory

Parameters:

• email (String) —

  User unique email inside the AD Domain.

• given_name (String)
• family_name (String)
• password (String) —

  The password will set up with ‘forceChangePasswordNextLogin = true`by default.

• params (Hash) (defaults to: {}) —

  If you wish to add or override specific parameters from the Graph API.

Options Hash (params):

• 'accountEnabled' (Boolean) — default: true
• 'displayName' (String) —

  Will concatenate given_name and family_name

• 'mailNickname' (String) —

  Username extracted from the email.

• 'passwordProfile' (String) —

  { “password” => password, “forceChangePasswordNextLogin” => true }

• 'userPrincipalName' (String) —

  email

• 'givenName' (String) —

  given_name

• 'surname' (String) —

  family_name

• 'usageLocation' (String) —

  ‘US’

Returns:

• (Hash) —

  The user’s information or nil if unsuccessful

See Also:

• User

# File 'lib/azure/directory.rb', line 103

def create_user(email, given_name, family_name, password, params = {})
  params = { 'accountEnabled'    => true,
             'displayName'       => "#{given_name} #{family_name}",
             'mailNickname'      => email.split('@').first,
             'passwordProfile'   => { "password" => password, "forceChangePasswordNextLogin" => true },
             'userPrincipalName' => email,
             'givenName'         => given_name,
             'surname'           => family_name,
             'usageLocation'     => 'US'
  }.merge(params)

  post('users', params)
end

#delete_user(email) ⇒ Boolean

Deletes an existing user by email

Parameters:

• email (String) —

  User email

Returns:

• (Boolean) —

  True if the user was deleted

# File 'lib/azure/directory.rb', line 181

def delete_user(email)
  delete("users/#{email}") == :no_content
end

#fetch_access_token! ⇒ OAuth2::AccessToken

Do the service-to-service access token request and save it to the Token Store defined in the configuration.

Returns:

• (OAuth2::AccessToken) —

  a access token for the current session.

# File 'lib/azure/directory.rb', line 43

def fetch_access_token!
  @oauth_token = oauth.get_token( :client_id => config.client_id, 
                                :client_secret => config.client_secret, 
                                :grant_type => 'client_credentials', 
                                :response_type => 'client_credentials', 
                                :resource => config.resource_id )

  token_hash = { 'access_token' => oauth_token.token, 'token_type' => oauth_token.params['token_type'], 'expires_at' => oauth_token.expires_at }
  config.save_token(token_hash)
  oauth_token
end

#find_user_by_email(email, params = nil) ⇒ Hash

Get user by email

Returns:

• (Hash) —

  The user’s information or nil if not found

See Also:

• User

# File 'lib/azure/directory.rb', line 75

def find_user_by_email(email, params = nil)
  get("/users/#{email}", params)
end

#find_users(params = nil) ⇒ Array

Get all users from the active directory

Returns:

• (Array)

See Also:

• User

# File 'lib/azure/directory.rb', line 62

def find_users(params = nil)
  users = get('/users', params)
  users['value'] if users.is_a?(Hash)
end

#get_subscribed_skus ⇒ Object

Obtain the SubscribedSkus.

# File 'lib/azure/directory.rb', line 153

def get_subscribed_skus
  get('subscribedSkus')
end

#update_user(email, params = nil) ⇒ Boolean

Updates the current user with specified parameters

Parameters:

• params (String) (defaults to: nil) —

  See the create_user method’s params

Returns:

• (Boolean) —

  True if update was successful

# File 'lib/azure/directory.rb', line 126

def update_user(email, params = nil)
  patch("users/#{email}", params) == :no_content
end

#update_user_password(email, password, force_change_password_next_login = true) ⇒ Hash

Updates the user’s password

Parameters:

• email (String)
• password (String) —

  A valid password

• force_change_password_next_login (String) (defaults to: true) —

  True by default

Returns:

• (Hash) —

  The user’s information or nil if unsuccessful

# File 'lib/azure/directory.rb', line 141

def update_user_password(email, password, force_change_password_next_login = true)
  params = { 'passwordProfile' => { 
               'password' => password, 
               'forceChangePasswordNextLogin' => force_change_password_next_login } }

  patch("users/#{email}", params) == :no_content
end