Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added OAuth2 GET and POST to GraphRBAC.json spec #3563

Merged
merged 2 commits into from
Aug 22, 2018
Merged

Added OAuth2 GET and POST to GraphRBAC.json spec #3563

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1387884
Cleaned up graphrbac.json and rebase
shanepeckham Aug 8, 2018
3482509
Add description to post body for OAuth2 Permissions
shanepeckham Aug 17, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
119 changes: 118 additions & 1 deletion specification/graphrbac/data-plane/stable/1.6/graphrbac.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1003,7 +1003,7 @@
"ServicePrincipal"
],
"operationId": "ServicePrincipals_Get",
"description": "Gets service principal information from the directory.",
"description": "Gets service principal information from the directory. Query by objectId or pass a filter to query by appId",
"parameters": [
{
"name": "objectId",
Expand Down Expand Up @@ -1592,6 +1592,77 @@
}
}
}
},
"/{tenantID}/oauth2PermissionGrants" : {
"get" : {
"tags": [
"OAuth2Permissions_get"
],
"operationId": "OAuth2_Get",
"description": "Queries OAuth2 permissions for the relevant SP ObjectId of an app.",
"produces" : [ "application/json" ],
"parameters" : [
{
"name" : "$filter",
"in" : "query",
"required" : false,
"type" : "string",
"x-example" : "clientId+eq+'61ed44c3-5a1d-4639-a215-07f25129c6c3'",
"description": "This is the Service Principal ObjectId associated with the app"
},
{
"$ref": "#/parameters/ApiVersionParameter"
},
{
"$ref": "#/parameters/tenantIDInPath"
}
],
"responses" : {
"200" : {
"description" : "OK. The operation was successful.",
"schema" : {
"$ref" : "#/definitions/Permissions"
}
}
}
},
"post" : {
"tags": [
"OAuth2Permissions_post"
],
"consumes" : [ "application/json" ],
"operationId": "OAuth2_Post",
"description": "Grants OAuth2 permissions for the relevant resource Ids of an app.",
"produces" : [ "application/json" ],
"parameters" : [
{
"in" : "body",
"name" : "body",
"required" : false,
"schema" : {
"$ref" : "#/definitions/Permissions"
},
"x-examples" : {
"application/json" : "{\n\t\"odata.type\": \"Microsoft.DirectoryServices.OAuth2PermissionGrant\",\n\t\"clientId\": \"39afbaa2-4a5c-4f5b-9ee3-2c83f09bbc87\", \n\t\"consentType\": \"AllPrincipals\",\n\t\"principalId\": null,\n\t\"resourceId\": \"d3247842-c517-4520-80a7-332690ae2fe4\",\n\t\"scope\": \"user_impersonation\",\n \"startTime\": \"0001-01-01T00:00:00\",\n \"expiryTime\": \"9000-01-01T00:00:00\"\n}",
"description": "These are the values required to grant permission to a resourceId for an app, only one operation is allowed per request"
}
},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The linter is also complaining about not having a "description" field here.

Copy link
Contributor Author

@shanepeckham shanepeckham Aug 8, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a description

{
"$ref": "#/parameters/ApiVersionParameter"
},
{
"$ref": "#/parameters/tenantIDInPath"
}
],
"responses" : {
"201" : {
"description" : "OK. The operation was successful.",
"schema" : {
"$ref" : "#/definitions/Permissions"
}
}
}
}
}
},
"x-ms-paths": {
Expand Down Expand Up @@ -2985,6 +3056,52 @@
}
},
"description": "Server response for Get tenant domains API call."
},
"Permissions" : {
"properties" : {
"odata.type" : {
"type" : "string",
"description": "Microsoft.DirectoryServices.OAuth2PermissionGrant"
},
"clientId" : {
"type" : "string",
"description": "The objectId of the Service Principal associated with the app"
},
"consentType" : {
"type" : "string",
"description": "Typically set to AllPrincipals"
},
"principalId" : {
"type" : "object",
"description": "Set to null if AllPrincipals is set"
},
"resourceId" : {
"type" : "string",
"description" : "Service Principal Id of the resource you want to grant"
},
"scope" : {
"type" : "string",
"description": "Typically set to user_impersonation"
},
"startTime" : {
"type" : "string",
"description" : "Start time for TTL"
},
"expiryTime" : {
"type" : "string",
"description" : "Expiry time for TTL"
}
},
"example" : {
"odata.type" : "odata.type",
"resourceId" : "resourceId",
"clientId" : "clientId",
"scope" : "scope",
"expiryTime" : "expiryTime",
"consentType" : "consentType",
"principalId" : "",
"startTime" : "startTime"
}
}
},
"parameters": {
Expand Down