AzureActiveDirectory/AzureActiveDirectory.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
Install-Module AzureAD
Import-Module AzureAD

$tenantId = Read-Host -Prompt "TenantID: "

Connect-AzureAD -TenantId $tenantId

$appManifest = Get-Content -Path ".\Artifacts\AADApplicationManifest.json" | ConvertFrom-Json

Write-Information "Parsing Permissions from Sample-Manifest ..."
$requiredResourceAccess = @()

#need to convert JSON values to typed objects
foreach($reqResAccess in $appManifest.requiredResourceAccess)
{
    $newReqResAccess = New-Object -TypeName "Microsoft.Open.AzureAD.Model.RequiredResourceAccess"
    $newReqResAccess.ResourceAppId = $reqResAccess.resourceAppId
  
    $list = New-Object System.Collections.Generic.List[Microsoft.Open.AzureAD.Model.ResourceAccess] 
    foreach($resAccess in $reqResAccess.resourceAccess)
    {
        $newResAccess  = New-Object -TypeName "Microsoft.Open.AzureAD.Model.ResourceAccess"
        $newResAccess.Id = $resAccess.Id
        $newResAccess.Type = $resAccess.Type
    
        $list.Add($newResAccess)
    }
  
    $newReqResAccess.ResourceAccess = $list
    $requiredResourceAccess += $newReqResAccess
}

# create a generic parameter based on the Manifest
Write-Information "Building final parameterset for the Application ..."

$params = @{}
$params["publicClient"] = $true
$params["requiredResourceAccess"] = $requiredResourceAccess
$params["displayName"] = "Databricks API AAD Authentication"
$params["replyUrls"] = @("https://docs.azuredatabricks.net/api/index.html")

New-AzureADApplication @params