@@ -94,6 +94,23 @@ Function ReplaceInTextFile([string] $configFilePath, [System.Collections.HashTab
9494}
9595
9696
97+ <# . Description
98+ This function takes a string as input and creates an instance of an Optional claim object
99+ #>
100+ Function CreateOptionalClaim ([string ] $name )
101+ {
102+ <# . Description
103+ This function creates a new Azure AD optional claims with default and provided values
104+ #>
105+
106+ $appClaim = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphOptionalClaim
107+ $appClaim.AdditionalProperties = New-Object System.Collections.Generic.List[string ]
108+ $appClaim.Source = $null
109+ $appClaim.Essential = $false
110+ $appClaim.Name = $name
111+ return $appClaim
112+ }
113+
97114<# . Description
98115 Primary entry method to create and configure app registrations
99116#>
@@ -144,7 +161,7 @@ Function ConfigureApplications
144161 $clientAadApplication = New-MgApplication - DisplayName " ms-identity-javascript-c1s1" `
145162 - Spa `
146163 @ { `
147- RedirectUris = " http://localhost:3000" , " http://localhost:3000/redirect.html " `
164+ RedirectUris = " http://localhost:3000" , " http://localhost:3000/redirect" `
148165 } `
149166 - SignInAudience AzureADMyOrg `
150167 # end of command
@@ -165,11 +182,24 @@ Function ConfigureApplications
165182 New-MgApplicationOwnerByRef - ApplicationId $currentAppObjectId - BodyParameter = @ {" @odata.id" = " htps://graph.microsoft.com/v1.0/directoryObjects/$user .ObjectId"
166183 Write-Host " '$ ( $user.UserPrincipalName ) ' added as an application owner to app '$ ( $clientServicePrincipal.DisplayName ) '"
167184 }
185+
186+ # Add Claims
187+
188+ $optionalClaims = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphOptionalClaims
189+ $optionalClaims.AccessToken = New-Object System.Collections.Generic.List[Microsoft.Graph.PowerShell.Models.MicrosoftGraphOptionalClaim ]
190+ $optionalClaims.IdToken = New-Object System.Collections.Generic.List[Microsoft.Graph.PowerShell.Models.MicrosoftGraphOptionalClaim ]
191+ $optionalClaims.Saml2Token = New-Object System.Collections.Generic.List[Microsoft.Graph.PowerShell.Models.MicrosoftGraphOptionalClaim ]
192+
193+ # Add Optional Claims
194+
195+ $newClaim = CreateOptionalClaim - name " acct"
196+ $optionalClaims.IdToken += ($newClaim )
197+ Update-MgApplication - ApplicationId $currentAppObjectId - OptionalClaims $optionalClaims
168198 Write-Host " Done creating the client application (ms-identity-javascript-c1s1)"
169199
170200 # URL of the AAD application in the Azure portal
171201 # Future? $clientPortalUrl = "https://portal.azure.com/#@"+$tenantName+"/blade/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/Overview/appId/"+$currentAppId+"/objectId/"+$currentAppObjectId+"/isMSAApp/"
172- $clientPortalUrl = " https://portal.azure.com/#view /Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/~/Overview/ appId/" + $currentAppId + " /isMSAApp~/false "
202+ $clientPortalUrl = " https://portal.azure.com/#blade /Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/CallAnAPI/ appId/" + $currentAppId + " /objectId/ " + $currentAppObjectId + " / isMSAApp/ "
173203
174204 Add-Content - Value " <tr><td>client</td><td>$currentAppId </td><td><a href='$clientPortalUrl '>ms-identity-javascript-c1s1</a></td></tr>" - Path createdApps.html
175205
0 commit comments