# encoding: utf-8 # Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0 # Changes may cause incorrect behavior and will be lost if the code is # regenerated. module Azure::ARM::Web module Models # # Configuration settings for the Azure App Service Authentication / # Authorization feature. # class SiteAuthSettings include MsRestAzure # @return [Boolean] Gets or sets a value indicating whether the # Authentication / Authorization feature is enabled for the current app. attr_accessor :enabled # @return [String] Gets or sets the relative path prefix used by # platform HTTP APIs. # Changing this value is not recommended except for # compatibility reasons. attr_accessor :http_api_prefix_path # @return [UnauthenticatedClientAction] Gets or sets the action to take # when an unauthenticated client attempts to access the app. Possible # values include: 'RedirectToLoginPage', 'AllowAnonymous' attr_accessor :unauthenticated_client_action # @return [Boolean] Gets or sets a value indicating whether to durably # store platform-specific security tokens # obtained during login flows. This capability is disabled # by default. attr_accessor :token_store_enabled # @return [Array] Gets or sets a collection of external URLs # that can be redirected to as part of logging in # or logging out of the web app. Note that the query string # part of the URL is ignored. # This is an advanced setting typically only needed by # Windows Store application backends. # Note that URLs within the current domain are always # implicitly allowed. attr_accessor :allowed_external_redirect_urls # @return [BuiltInAuthenticationProvider] Gets or sets the default # authentication provider to use when multiple providers are # configured. # This setting is only needed if multiple providers are # configured and the unauthenticated client # action is set to "RedirectToLoginPage". Possible values # include: 'AzureActiveDirectory', 'Facebook', 'Google', # 'MicrosoftAccount', 'Twitter' attr_accessor :default_provider # @return [Float] Gets or sets the number of hours after session token # expiration that a session token can be used to # call the token refresh API. The default is 72 hours. attr_accessor :token_refresh_extension_hours # @return [String] Gets or sets the Client ID of this relying party # application, known as the client_id. # This setting is required for enabling OpenID Connection # authentication with Azure Active Directory or # other 3rd party OpenID Connect providers. # More information on OpenID Connect: # http://openid.net/specs/openid-connect-core-1_0.html attr_accessor :client_id # @return [String] Gets or sets the Client Secret of this relying party # application (in Azure Active Directory, this is also referred to as # the Key). # This setting is optional. If no client secret is # configured, the OpenID Connect implicit auth flow is used to # authenticate end users. # Otherwise, the OpenID Connect Authorization Code Flow is # used to authenticate end users. # More information on OpenID Connect: # http://openid.net/specs/openid-connect-core-1_0.html attr_accessor :client_secret # @return [String] Gets or sets the OpenID Connect Issuer URI that # represents the entity which issues access tokens for this # application. # When using Azure Active Directory, this value is the URI # of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/. # This URI is a case-sensitive identifier for the token # issuer. # More information on OpenID Connect Discovery: # http://openid.net/specs/openid-connect-discovery-1_0.html attr_accessor :issuer # @return [Array] Gets or sets a list of allowed audience values # to consider when validating JWTs issued by # Azure Active Directory. Note that the # {Microsoft.Web.Hosting.Administration.SiteAuthSettings.ClientId} # value is always considered an # allowed audience, regardless of this setting. attr_accessor :allowed_audiences # @return [Array] Gets or sets a list of login parameters to # send to the OpenID Connect authorization endpoint when # a user logs in. Each parameter must be in the form # "key=value". attr_accessor :additional_login_params # @return [String] attr_accessor :aad_client_id # @return [String] attr_accessor :open_id_issuer # @return [String] Gets or sets the OpenID Connect Client ID for the # Google web application. # This setting is required for enabling Google Sign-In. # Google Sign-In documentation: # https://developers.google.com/identity/sign-in/web/ attr_accessor :google_client_id # @return [String] Gets or sets the client secret associated with the # Google web application. # This setting is required for enabling Google Sign-In. # Google Sign-In documentation: # https://developers.google.com/identity/sign-in/web/ attr_accessor :google_client_secret # @return [Array] Gets or sets the OAuth 2.0 scopes that will be # requested as part of Google Sign-In authentication. # This setting is optional. If not specified, "openid", # "profile", and "email" are used as default scopes. # Google Sign-In documentation: # https://developers.google.com/identity/sign-in/web/ attr_accessor :google_oauth_scopes # @return [String] Gets or sets the App ID of the Facebook app used for # login. # This setting is required for enabling Facebook Login. # Facebook Login documentation: # https://developers.facebook.com/docs/facebook-login attr_accessor :facebook_app_id # @return [String] Gets or sets the App Secret of the Facebook app used # for Facebook Login. # This setting is required for enabling Facebook Login. # Facebook Login documentation: # https://developers.facebook.com/docs/facebook-login attr_accessor :facebook_app_secret # @return [Array] Gets or sets the OAuth 2.0 scopes that will be # requested as part of Facebook Login authentication. # This setting is optional. # Facebook Login documentation: # https://developers.facebook.com/docs/facebook-login attr_accessor :facebook_oauth_scopes # @return [String] Gets or sets the OAuth 1.0a consumer key of the # Twitter application used for sign-in. # This setting is required for enabling Twitter Sign-In. # Twitter Sign-In documentation: # https://dev.twitter.com/web/sign-in attr_accessor :twitter_consumer_key # @return [String] Gets or sets the OAuth 1.0a consumer secret of the # Twitter application used for sign-in. # This setting is required for enabling Twitter Sign-In. # Twitter Sign-In documentation: # https://dev.twitter.com/web/sign-in attr_accessor :twitter_consumer_secret # @return [String] Gets or sets the OAuth 2.0 client ID that was created # for the app used for authentication. # This setting is required for enabling Microsoft Account # authentication. # Microsoft Account OAuth documentation: # https://dev.onedrive.com/auth/msa_oauth.htm attr_accessor :microsoft_account_client_id # @return [String] Gets or sets the OAuth 2.0 client secret that was # created for the app used for authentication. # This setting is required for enabling Microsoft Account # authentication. # Microsoft Account OAuth documentation: # https://dev.onedrive.com/auth/msa_oauth.htm attr_accessor :microsoft_account_client_secret # @return [Array] Gets or sets the OAuth 2.0 scopes that will be # requested as part of Microsoft Account authentication. # This setting is optional. If not specified, "wl.basic" is # used as the default scope. # Microsoft Account Scopes and permissions documentation: # https://msdn.microsoft.com/en-us/library/dn631845.aspx attr_accessor :microsoft_account_oauth_scopes # # Validate the object. Throws ValidationError if validation fails. # def validate @allowed_external_redirect_urls.each{ |e| e.validate if e.respond_to?(:validate) } unless @allowed_external_redirect_urls.nil? @allowed_audiences.each{ |e| e.validate if e.respond_to?(:validate) } unless @allowed_audiences.nil? @additional_login_params.each{ |e| e.validate if e.respond_to?(:validate) } unless @additional_login_params.nil? @google_oauth_scopes.each{ |e| e.validate if e.respond_to?(:validate) } unless @google_oauth_scopes.nil? @facebook_oauth_scopes.each{ |e| e.validate if e.respond_to?(:validate) } unless @facebook_oauth_scopes.nil? @microsoft_account_oauth_scopes.each{ |e| e.validate if e.respond_to?(:validate) } unless @microsoft_account_oauth_scopes.nil? end # # Serializes given Model object into Ruby Hash. # @param object Model object to serialize. # @return [Hash] Serialized object in form of Ruby Hash. # def self.serialize_object(object) object.validate output_object = {} serialized_property = object.enabled output_object['enabled'] = serialized_property unless serialized_property.nil? serialized_property = object.http_api_prefix_path output_object['httpApiPrefixPath'] = serialized_property unless serialized_property.nil? serialized_property = object.unauthenticated_client_action output_object['unauthenticatedClientAction'] = serialized_property unless serialized_property.nil? serialized_property = object.token_store_enabled output_object['tokenStoreEnabled'] = serialized_property unless serialized_property.nil? serialized_property = object.allowed_external_redirect_urls output_object['allowedExternalRedirectUrls'] = serialized_property unless serialized_property.nil? serialized_property = object.default_provider output_object['defaultProvider'] = serialized_property unless serialized_property.nil? serialized_property = object.token_refresh_extension_hours output_object['tokenRefreshExtensionHours'] = serialized_property unless serialized_property.nil? serialized_property = object.client_id output_object['clientId'] = serialized_property unless serialized_property.nil? serialized_property = object.client_secret output_object['clientSecret'] = serialized_property unless serialized_property.nil? serialized_property = object.issuer output_object['issuer'] = serialized_property unless serialized_property.nil? serialized_property = object.allowed_audiences output_object['allowedAudiences'] = serialized_property unless serialized_property.nil? serialized_property = object.additional_login_params output_object['additionalLoginParams'] = serialized_property unless serialized_property.nil? serialized_property = object.aad_client_id output_object['aadClientId'] = serialized_property unless serialized_property.nil? serialized_property = object.open_id_issuer output_object['openIdIssuer'] = serialized_property unless serialized_property.nil? serialized_property = object.google_client_id output_object['googleClientId'] = serialized_property unless serialized_property.nil? serialized_property = object.google_client_secret output_object['googleClientSecret'] = serialized_property unless serialized_property.nil? serialized_property = object.google_oauth_scopes output_object['googleOAuthScopes'] = serialized_property unless serialized_property.nil? serialized_property = object.facebook_app_id output_object['facebookAppId'] = serialized_property unless serialized_property.nil? serialized_property = object.facebook_app_secret output_object['facebookAppSecret'] = serialized_property unless serialized_property.nil? serialized_property = object.facebook_oauth_scopes output_object['facebookOAuthScopes'] = serialized_property unless serialized_property.nil? serialized_property = object.twitter_consumer_key output_object['twitterConsumerKey'] = serialized_property unless serialized_property.nil? serialized_property = object.twitter_consumer_secret output_object['twitterConsumerSecret'] = serialized_property unless serialized_property.nil? serialized_property = object.microsoft_account_client_id output_object['microsoftAccountClientId'] = serialized_property unless serialized_property.nil? serialized_property = object.microsoft_account_client_secret output_object['microsoftAccountClientSecret'] = serialized_property unless serialized_property.nil? serialized_property = object.microsoft_account_oauth_scopes output_object['microsoftAccountOAuthScopes'] = serialized_property unless serialized_property.nil? output_object end # # Deserializes given Ruby Hash into Model object. # @param object [Hash] Ruby Hash object to deserialize. # @return [SiteAuthSettings] Deserialized object. # def self.deserialize_object(object) return if object.nil? output_object = SiteAuthSettings.new deserialized_property = object['enabled'] output_object.enabled = deserialized_property deserialized_property = object['httpApiPrefixPath'] output_object.http_api_prefix_path = deserialized_property deserialized_property = object['unauthenticatedClientAction'] if (!deserialized_property.nil? && !deserialized_property.empty?) enum_is_valid = UnauthenticatedClientAction.constants.any? { |e| UnauthenticatedClientAction.const_get(e).to_s.downcase == deserialized_property.downcase } warn 'Enum UnauthenticatedClientAction does not contain ' + deserialized_property.downcase + ', but was received from the server.' unless enum_is_valid end output_object.unauthenticated_client_action = deserialized_property deserialized_property = object['tokenStoreEnabled'] output_object.token_store_enabled = deserialized_property deserialized_property = object['allowedExternalRedirectUrls'] output_object.allowed_external_redirect_urls = deserialized_property deserialized_property = object['defaultProvider'] if (!deserialized_property.nil? && !deserialized_property.empty?) enum_is_valid = BuiltInAuthenticationProvider.constants.any? { |e| BuiltInAuthenticationProvider.const_get(e).to_s.downcase == deserialized_property.downcase } warn 'Enum BuiltInAuthenticationProvider does not contain ' + deserialized_property.downcase + ', but was received from the server.' unless enum_is_valid end output_object.default_provider = deserialized_property deserialized_property = object['tokenRefreshExtensionHours'] deserialized_property = Float(deserialized_property) unless deserialized_property.to_s.empty? output_object.token_refresh_extension_hours = deserialized_property deserialized_property = object['clientId'] output_object.client_id = deserialized_property deserialized_property = object['clientSecret'] output_object.client_secret = deserialized_property deserialized_property = object['issuer'] output_object.issuer = deserialized_property deserialized_property = object['allowedAudiences'] output_object.allowed_audiences = deserialized_property deserialized_property = object['additionalLoginParams'] output_object.additional_login_params = deserialized_property deserialized_property = object['aadClientId'] output_object.aad_client_id = deserialized_property deserialized_property = object['openIdIssuer'] output_object.open_id_issuer = deserialized_property deserialized_property = object['googleClientId'] output_object.google_client_id = deserialized_property deserialized_property = object['googleClientSecret'] output_object.google_client_secret = deserialized_property deserialized_property = object['googleOAuthScopes'] output_object.google_oauth_scopes = deserialized_property deserialized_property = object['facebookAppId'] output_object.facebook_app_id = deserialized_property deserialized_property = object['facebookAppSecret'] output_object.facebook_app_secret = deserialized_property deserialized_property = object['facebookOAuthScopes'] output_object.facebook_oauth_scopes = deserialized_property deserialized_property = object['twitterConsumerKey'] output_object.twitter_consumer_key = deserialized_property deserialized_property = object['twitterConsumerSecret'] output_object.twitter_consumer_secret = deserialized_property deserialized_property = object['microsoftAccountClientId'] output_object.microsoft_account_client_id = deserialized_property deserialized_property = object['microsoftAccountClientSecret'] output_object.microsoft_account_client_secret = deserialized_property deserialized_property = object['microsoftAccountOAuthScopes'] output_object.microsoft_account_oauth_scopes = deserialized_property output_object end end end end