Merge pull request #37 from Azure-Samples/kkrishna/updates2019

Refactored claim check to ensure consent for the Api

Author: Kalyan Krishna

AppCreationScripts/Cleanup.ps1

@@ -5,7 +5,7 @@ param(
     [string] $tenantId
 )
 
-if ((Get-Module -ListAvailable -Name "AzureAD") -eq $null) { 
+if ($null -eq (Get-Module -ListAvailable -Name "AzureAD")) { 
     Install-Module "AzureAD" -Scope CurrentUser 
 } 
 Import-Module AzureAD
@@ -44,7 +44,7 @@ This function removes the Azure AD applications for the sample. These applicatio
         $tenantId = $creds.Tenant.Id
     }
     $tenant = Get-AzureADTenantDetail
-    $tenantName =  ($tenant.VerifiedDomains | Where { $_._Default -eq $True }).Name
+    $tenantName =  ($tenant.VerifiedDomains | Where-Object { $_._Default -eq $True }).Name
 
     # Removes the applications
     Write-Host "Cleaning-up applications from tenant '$tenantName'"
@@ -56,19 +56,31 @@ This function removes the Azure AD applications for the sample. These applicatio
     {
         Remove-AzureADApplication -ObjectId $apps.ObjectId
     }
-    # Get-AzureRmADServicePrincipal -SearchString "TodoListService-ManualJwt" | ForEach-Object {Remove-AzureRmADServicePrincipal -ObjectId $_.Id -Confirm:$false}
-    Write-Host "Removed TodoListService-ManualJwt."
 
+    foreach ($app in $apps) 
+    {
+        Remove-AzureADApplication -ObjectId $app.ObjectId
+        Write-Host "Removed TodoListService-ManualJwt.."
+    }
+    # also remove service principals of this app
+    Get-AzureADServicePrincipal -filter "DisplayName eq 'TodoListService-ManualJwt'" | ForEach-Object {Remove-AzureADServicePrincipal -ObjectId $_.Id -Confirm:$false}
+    
     Write-Host "Removing 'client' (TodoListClient-ManualJwt) if needed"
     Get-AzureADApplication -Filter "DisplayName eq 'TodoListClient-ManualJwt'"  | ForEach-Object {Remove-AzureADApplication -ObjectId $_.ObjectId }
     $apps = Get-AzureADApplication -Filter "DisplayName eq 'TodoListClient-ManualJwt'"
     if ($apps)
     {
         Remove-AzureADApplication -ObjectId $apps.ObjectId
     }
-    # Get-AzureRmADServicePrincipal -SearchString "TodoListClient-ManualJwt" | ForEach-Object {Remove-AzureRmADServicePrincipal -ObjectId $_.Id -Confirm:$false}
-    Write-Host "Removed TodoListClient-ManualJwt."
 
+    foreach ($app in $apps) 
+    {
+        Remove-AzureADApplication -ObjectId $app.ObjectId
+        Write-Host "Removed TodoListClient-ManualJwt.."
+    }
+    # also remove service principals of this app
+    Get-AzureADServicePrincipal -filter "DisplayName eq 'TodoListClient-ManualJwt'" | ForEach-Object {Remove-AzureADServicePrincipal -ObjectId $_.Id -Confirm:$false}
+    
 }
 
-Cleanup -Credential $Credential -tenantId $TenantId
+Cleanup -Credential $Credential -tenantId $TenantId

AppCreationScripts/Configure.ps1

@@ -101,6 +101,8 @@ Function ConfigureApplications
    so that they are consistent with the Applications parameters
 #> 
 
+    $commonendpoint = "common"
+
     # $tenantId is the Active Directory Tenant. This is a GUID which represents the "Directory ID" of the AzureAD tenant
     # into which you want to create the apps. Look it up in the Azure portal in the "Properties" of the Azure AD.
 
@@ -148,8 +150,8 @@ Function ConfigureApplications
    $owner = Get-AzureADApplicationOwner -ObjectId $serviceAadApplication.ObjectId
    if ($owner -eq $null)
    { 
-    Add-AzureADApplicationOwner -ObjectId $serviceAadApplication.ObjectId -RefObjectId $user.ObjectId
-    Write-Host "'$($user.UserPrincipalName)' added as an application owner to app '$($serviceServicePrincipal.DisplayName)'"
+        Add-AzureADApplicationOwner -ObjectId $serviceAadApplication.ObjectId -RefObjectId $user.ObjectId
+        Write-Host "'$($user.UserPrincipalName)' added as an application owner to app '$($serviceServicePrincipal.DisplayName)'"
    }
 
    Write-Host "Done creating the service application (TodoListService-ManualJwt)"
@@ -172,8 +174,8 @@ Function ConfigureApplications
    $owner = Get-AzureADApplicationOwner -ObjectId $clientAadApplication.ObjectId
    if ($owner -eq $null)
    { 
-    Add-AzureADApplicationOwner -ObjectId $clientAadApplication.ObjectId -RefObjectId $user.ObjectId
-    Write-Host "'$($user.UserPrincipalName)' added as an application owner to app '$($clientServicePrincipal.DisplayName)'"
+        Add-AzureADApplicationOwner -ObjectId $clientAadApplication.ObjectId -RefObjectId $user.ObjectId
+        Write-Host "'$($user.UserPrincipalName)' added as an application owner to app '$($clientServicePrincipal.DisplayName)'"
    }
 
    Write-Host "Done creating the client application (TodoListClient-ManualJwt)"
@@ -199,7 +201,7 @@ Function ConfigureApplications
    # Update config file for 'service'
    $configFile = $pwd.Path + "\..\TodoListService-ManualJwt\Web.Config"
    Write-Host "Updating the sample code ($configFile)"
-   ReplaceSetting -configFilePath $configFile -key "ida:Tenant" -newValue $tenantName
+   ReplaceSetting -configFilePath $configFile -key "ida:TenantId" -newValue $tenantId
    ReplaceSetting -configFilePath $configFile -key "ida:Audience" -newValue $serviceIdentifierUri
    ReplaceSetting -configFilePath $configFile -key "ida:ClientId" -newValue $serviceAadApplication.AppId
 
@@ -210,7 +212,7 @@ Function ConfigureApplications
    ReplaceSetting -configFilePath $configFile -key "ida:ClientId" -newValue $clientAadApplication.AppId
    ReplaceSetting -configFilePath $configFile -key "todo:TodoListResourceId" -newValue $serviceIdentifierUri
    ReplaceSetting -configFilePath $configFile -key "todo:TodoListBaseAddress" -newValue $serviceAadApplication.HomePage
-
+  
    Add-Content -Value "</tbody></table></body></html>" -Path createdApps.html  
 }
 

AppCreationScripts/sample.json

@@ -49,8 +49,8 @@
       "SettingFile": "\\..\\TodoListService-ManualJwt\\Web.Config",
       "Mappings": [
         {
-          "key": "ida:Tenant",
-          "value": "$tenantName"
+          "key": "ida:TenantId",
+          "value": "$tenantId"
         },
         {
           "key": "ida:Audience",