Feature/extract/openid providers (#771)

* Add openIdConnectProvider resources, extractor, client, dataProcessor

* Add openIdConnectProviders to main template, generate secret values for openIdConnectProviders

* Add openIdConnectProvider extractor tests

* Update supported resources document

Co-authored-by: Farhad Alizada <falizada@microsoft.com>

Author: f-alizada

docs/SupportedResources/2021-08-01.md

@@ -12,7 +12,7 @@ Some of operations could be skipped (not needed for extraction), because they ar
 | API Issue Attachment | ✗ | | |
 | API Issue Comment | ✗ | | |
 | API Management Operations | - | | |
-| API Management Service | ✓ | [main](https://github.com/Azure/azure-api-management-devops-resource-kit) | we can load service description |
+| API Management Service | ✓ | [1.0.0-beta.8](https://github.com/Azure/azure-api-management-devops-resource-kit/releases/tag/1.0.0-beta.8) | we can load service description |
 | API Management Service Skus | - | | |
 | Api Operation | ✓ | [1.0.0-beta.2](https://github.com/Azure/azure-api-management-devops-resource-kit/releases/tag/1.0.0-beta.2) | |
 | Api Operation Policy | ✓ | [1.0.0-beta.2](https://github.com/Azure/azure-api-management-devops-resource-kit/releases/tag/1.0.0-beta.2) | |
@@ -48,7 +48,7 @@ Some of operations could be skipped (not needed for extraction), because they ar
 | Notification Recipient Email | ✗ | | |
 | Notification Recipient User | ✗ | | |
 | Notification Recipient User | ✗ | | |
-| OpenId Connect Provider | ✗ | | |
+| OpenId Connect Provider | ✓ | [main](https://github.com/Azure/azure-api-management-devops-resource-kit) | |
 | Operation | ✗ | | |
 | Policy | ✓ | [1.0.0-beta.2](https://github.com/Azure/azure-api-management-devops-resource-kit/releases/tag/1.0.0-beta.2) | |
 | Policy Description | - | | |

src/ArmTemplates/Commands/Executors/ExtractorExecutor.cs

@@ -22,6 +22,7 @@
 using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.Logger;
 using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.Master;
 using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.NamedValues;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.OpenIdConnectProviders;
 using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.Policy;
 using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.ProductApis;
 using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.Products;
@@ -66,6 +67,7 @@ public class ExtractorExecutor
         readonly IIdentityProviderExtractor identityProviderExtractor;
         readonly IApiManagementServiceExtractor apiManagementServiceExtractor;
         readonly ISchemaExtractor schemaExtractor;
+        readonly IOpenIdConnectProviderExtractor openIdConnectProviderExtractor;
 
         public ExtractorExecutor(
             ILogger<ExtractorExecutor> logger,
@@ -89,7 +91,8 @@ public ExtractorExecutor(
             IGatewayApiExtractor gatewayApiExtractor,
             IIdentityProviderExtractor identityProviderExtractor,
             IApiManagementServiceExtractor apiManagementServiceExtractor,
-            ISchemaExtractor schemaExtractor)
+            ISchemaExtractor schemaExtractor,
+            IOpenIdConnectProviderExtractor openIdConnectProviderExtractor)
         {
             this.logger = logger;
             this.apisClient = apisClient;
@@ -113,6 +116,7 @@ public ExtractorExecutor(
             this.identityProviderExtractor = identityProviderExtractor;
             this.apiManagementServiceExtractor = apiManagementServiceExtractor;
             this.schemaExtractor = schemaExtractor;
+            this.openIdConnectProviderExtractor = openIdConnectProviderExtractor;
         }
 
         /// <summary>
@@ -141,7 +145,8 @@ public static ExtractorExecutor BuildExtractorExecutor(
             IGatewayApiExtractor gatewayApiExtractor = null,
             IIdentityProviderExtractor identityProviderExtractor = null,
             IApiManagementServiceExtractor apiManagementServiceExtractor = null,
-            ISchemaExtractor schemaExtractor = null)
+            ISchemaExtractor schemaExtractor = null,
+            IOpenIdConnectProviderExtractor openIdConnectProviderExtractor = null)
         => new ExtractorExecutor(
                 logger,
                 apisClient,
@@ -164,7 +169,8 @@ public static ExtractorExecutor BuildExtractorExecutor(
                 gatewayApiExtractor,
                 identityProviderExtractor,
                 apiManagementServiceExtractor,
-                schemaExtractor);
+                schemaExtractor,
+                openIdConnectProviderExtractor);
 
         public void SetExtractorParameters(ExtractorParameters extractorParameters)
         {
@@ -420,6 +426,7 @@ public async Task<Template> GenerateParametersTemplateAsync(
             BackendTemplateResources backendResources,
             NamedValuesResources namedValuesResources,
             IdentityProviderResources identityProviderResources,
+            OpenIdConnectProviderResources openIdConnectProviderResources,
             string baseFilesGenerationDirectory)
         {
             this.logger.LogInformation("Started generation of parameters template...");
@@ -431,6 +438,7 @@ public async Task<Template> GenerateParametersTemplateAsync(
                 backendResources,
                 namedValuesResources,
                 identityProviderResources,
+                openIdConnectProviderResources,
                 this.extractorParameters);
 
             if (!templateParameters.Parameters.IsNullOrEmpty())
@@ -460,7 +468,8 @@ public async Task<Template<MasterTemplateResources>> GenerateMasterTemplateAsync
            TagTemplateResources tagTemplateResources = null,
            GroupTemplateResources groupTemplateResources = null,
            IdentityProviderResources identityProviderTemplateResources = null,
-           SchemaTemplateResources schemaTemplateResources = null)
+           SchemaTemplateResources schemaTemplateResources = null,
+           OpenIdConnectProviderResources openIdConnectProviderResources = null)
         {
             if (string.IsNullOrEmpty(this.extractorParameters.LinkedTemplatesBaseUrl))
             {
@@ -474,7 +483,7 @@ public async Task<Template<MasterTemplateResources>> GenerateMasterTemplateAsync
                 this.extractorParameters, apiTemplateResources, policyTemplateResources, apiVersionSetTemplateResources,
                 productsTemplateResources, productApisTemplateResources, apiTagsTemplateResources, loggersTemplateResources,
                 backendsTemplateResources, authorizationServersTemplateResources, namedValuesTemplateResources, tagTemplateResources, 
-                groupTemplateResources, identityProviderTemplateResources, schemaTemplateResources);
+                groupTemplateResources, identityProviderTemplateResources, schemaTemplateResources, openIdConnectProviderResources);
 
             if (masterTemplate?.HasResources() == true)
             {
@@ -708,6 +717,29 @@ await FileWriter.SaveAsJsonAsync(
             return identityProviderTemplate;
         }
 
+        /// <summary>
+        /// Generates openId connect providers template in the desired folder
+        /// </summary>
+        /// <param name="baseFilesGenerationDirectory">name of base folder where to save output files</param>
+        /// <returns>generated openId connect provider template</returns>
+        public async Task<Template<OpenIdConnectProviderResources>> GenerateOpenIdConnectProviderTemplateAsync(string baseFilesGenerationDirectory)
+        {
+            this.logger.LogInformation("Started generation of openId connect provider template...");
+
+            var openIdConnectProviderTemplate = await this.openIdConnectProviderExtractor.GenerateOpenIdConnectProvidersTemplateAsync(this.extractorParameters);
+
+            if (openIdConnectProviderTemplate?.HasResources() == true)
+            {
+                await FileWriter.SaveAsJsonAsync(
+                    openIdConnectProviderTemplate,
+                    directory: baseFilesGenerationDirectory,
+                    fileName: this.extractorParameters.FileNames.OpenIdConnectProviders);
+            }
+
+            this.logger.LogInformation("Finished generation of openId connect providers template...");
+            return openIdConnectProviderTemplate;
+        }
+
         /// <summary>
         /// Generates gateway-api template in the desired folder
         /// </summary>
@@ -961,11 +993,12 @@ async Task GenerateTemplates(
             var backendTemplate = await this.GenerateBackendTemplateAsync(singleApiName, apiTemplate.TypedResources.GetAllPolicies(), namedValueTemplate.TypedResources.NamedValues, baseFilesGenerationDirectory);
             var groupTemplate = await this.GenerateGroupsTemplateAsync(baseFilesGenerationDirectory);
             var identityProviderTemplate = await this.GenerateIdentityProviderTemplateAsync(baseFilesGenerationDirectory);
+            var openIdConnectProviderTemplate = await this.GenerateOpenIdConnectProviderTemplateAsync(baseFilesGenerationDirectory);
             var schemasTempate = await this.GenerateSchemasTemplateAsync(baseFilesGenerationDirectory);
             await this.GenerateGatewayTemplateAsync(singleApiName, baseFilesGenerationDirectory);
             await this.GenerateGatewayApiTemplateAsync(singleApiName, multipleApiNames, baseFilesGenerationDirectory);
             await this.GenerateApiManagementServiceTemplate(baseFilesGenerationDirectory);
-            await this.GenerateParametersTemplateAsync(apisToExtract, loggerTemplate.TypedResources, backendTemplate.TypedResources, namedValueTemplate.TypedResources, identityProviderTemplate.TypedResources, baseFilesGenerationDirectory);
+            await this.GenerateParametersTemplateAsync(apisToExtract, loggerTemplate.TypedResources, backendTemplate.TypedResources, namedValueTemplate.TypedResources, identityProviderTemplate.TypedResources, openIdConnectProviderTemplate.TypedResources, baseFilesGenerationDirectory);
 
             await this.GenerateMasterTemplateAsync(
                 baseFilesGenerationDirectory,
@@ -982,7 +1015,8 @@ await this.GenerateMasterTemplateAsync(
                 tagTemplateResources: tagTemplate.TypedResources,
                 groupTemplateResources: groupTemplate.TypedResources,
                 identityProviderTemplateResources: identityProviderTemplate.TypedResources,
-                schemaTemplateResources: schemasTempate.TypedResources);
+                schemaTemplateResources: schemasTempate.TypedResources,
+                openIdConnectProviderResources: openIdConnectProviderTemplate.TypedResources);
         }
 
 

src/ArmTemplates/Common/API/Clients/Abstractions/IOpenIdConnectProvidersClient.cs

@@ -0,0 +1,19 @@
+// --------------------------------------------------------------------------
+//  Copyright (c) Microsoft Corporation. All rights reserved.
+//  Licensed under the MIT License.
+// --------------------------------------------------------------------------
+
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.OpenIdConnectProviders;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Extractor.Models;
+
+namespace Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.API.Clients.Abstractions
+{
+    public interface IOpenIdConnectProvidersClient
+    {
+        Task<List<OpenIdConnectProviderResource>> GetAllAsync(ExtractorParameters extractorParameters);
+
+        Task<OpenIdConnectProviderSecret> ListOpenIdConnectProviderSecretsAsync(string openIdConnectProviderName, ExtractorParameters extractorParameters);
+    }
+}

src/ArmTemplates/Common/API/Clients/OpenIdConnectProviders/OpenIdConnectProviderClient.cs

@@ -0,0 +1,55 @@
+// --------------------------------------------------------------------------
+//  Copyright (c) Microsoft Corporation. All rights reserved.
+//  Licensed under the MIT License.
+// --------------------------------------------------------------------------
+
+using System.Collections.Generic;
+using System.Net.Http;
+using System.Threading.Tasks;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.API.Clients.Abstractions;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.API.Models;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Constants;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.OpenIdConnectProviders;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Extractor.Models;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Extractor.Utilities.DataProcessors.Absctraction;
+
+namespace Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.API.Clients.OpenIdConnectProviders
+{
+    public class OpenIdConnectProviderClient : ApiClientBase, IOpenIdConnectProvidersClient
+    {
+        const string GetAllOpenIdConnectProvidersProvidersRequest = "{0}/subscriptions/{1}/resourceGroups/{2}/providers/Microsoft.ApiManagement/service/{3}/openidConnectProviders?api-version={4}";
+        const string ListOpenIdConnectProviderSecret = "{0}/subscriptions/{1}/resourceGroups/{2}/providers/Microsoft.ApiManagement/service/{3}/openidConnectProviders/{4}/listSecrets?api-version={5}";
+
+        readonly IOpenIdConnectProviderProcessor openIdConnectProviderProcessor;
+
+        public OpenIdConnectProviderClient(
+            IHttpClientFactory httpClientFactory,
+            IOpenIdConnectProviderProcessor openIdConnectProviderProcessor) : base(httpClientFactory)
+        {
+            this.openIdConnectProviderProcessor = openIdConnectProviderProcessor;
+        }
+
+        public async Task<List<OpenIdConnectProviderResource>> GetAllAsync(ExtractorParameters extractorParameters)
+        {
+            var (azToken, azSubId) = await this.Auth.GetAccessToken();
+
+            string requestUrl = string.Format(GetAllOpenIdConnectProvidersProvidersRequest,
+               this.BaseUrl, azSubId, extractorParameters.ResourceGroup, extractorParameters.SourceApimName, GlobalConstants.ApiVersion);
+
+            var openIdConnectProviderResources = await this.GetPagedResponseAsync<OpenIdConnectProviderResource>(azToken, requestUrl);
+            this.openIdConnectProviderProcessor.ProcessData(openIdConnectProviderResources, extractorParameters);
+
+            return openIdConnectProviderResources;
+        }
+
+        public async Task<OpenIdConnectProviderSecret> ListOpenIdConnectProviderSecretsAsync(string openIdConnectProviderName, ExtractorParameters extractorParameters)
+        {
+            var (azToken, azSubId) = await this.Auth.GetAccessToken();
+
+            string requestUrl = string.Format(ListOpenIdConnectProviderSecret,
+               this.BaseUrl, azSubId, extractorParameters.ResourceGroup, extractorParameters.SourceApimName, openIdConnectProviderName, GlobalConstants.ApiVersion);
+
+            return await this.GetResponseAsync<OpenIdConnectProviderSecret>(azToken, requestUrl, useCache: false, method: ClientHttpMethod.POST);
+        }
+    }
+}

src/ArmTemplates/Common/Constants/GlobalConstants.cs

@@ -42,6 +42,7 @@ public static class ParameterNames
         public const string ApiOauth2ScopeSettings = "apiOauth2ScopeSettings";
         public const string SecretValues = "secretValues";
         public const string IdentityProvidersSecretValues = "identityProviders";
+        public const string OpenIdConnectProvidersSecretValues = "openIdConnectProviders";
     }
 
     public static class ParameterPrefix

src/ArmTemplates/Common/Constants/ResourceTypeConstants.cs

@@ -37,5 +37,6 @@ public static class ResourceTypeConstants
         public const string IdentityProviders = "Microsoft.ApiManagement/service/identityProviders";
         public const string ApiManagementService = "Microsoft.ApiManagement/service";
         public const string Schema = "Microsoft.ApiManagement/service/schemas";
+        public const string OpenIdConnectProvider = "Microsoft.ApiManagement/service/openidConnectProviders";
     }
 }

src/ArmTemplates/Common/FileHandlers/FileNameGenerator.cs

@@ -35,6 +35,7 @@ public static FileNames GenerateFileNames(string baseFileName)
                 Gateway = $@"{baseFileName}gateways.template.json",
                 GatewayApi = $@"{baseFileName}gateways-apis.template.json",
                 IdentityProviders = $@"{baseFileName}identity-providers.template.json",
+                OpenIdConnectProviders = $@"{baseFileName}openid-connect-providers.template.json",
                 ApiManagementService = $@"{baseFileName}api-management-service.template.json",
                 TagApi = $@"{baseFileName}apiTags.template.json",
                 Schema = $@"{baseFileName}schemas.template.json",

src/ArmTemplates/Common/FileHandlers/FileNames.cs

@@ -35,6 +35,8 @@ public class FileNames
 
         public string IdentityProviders { get; set; }
 
+        public string OpenIdConnectProviders { get; set; }
+
         public string ApiManagementService { get; set; }
 
         public string Schema { get; set; }

src/ArmTemplates/Common/Templates/Builders/Abstractions/ITemplateBuilder.cs

@@ -40,6 +40,6 @@ public Template<TTemplateResources> Build<TTemplateResources>()
 
         TemplateBuilder AddParameterizedLogResourceIdProperty(ExtractorParameters extractorParameters);
 
-        TemplateBuilder AddParametrizedIdentityProvidersSecrets();
+        TemplateBuilder AddParametrizedSecrets();
     }
 }

src/ArmTemplates/Common/Templates/Builders/TemplateBuilder.cs

@@ -145,7 +145,7 @@ public TemplateBuilder AddParameterizedApiLoggerIdProperty(ExtractorParameters e
             return this;
         }
 
-        public TemplateBuilder AddParametrizedIdentityProvidersSecrets()
+        public TemplateBuilder AddParametrizedSecrets()
         {
             var secretValuesProperty = new TemplateParameterProperties()
             {

src/ArmTemplates/Common/Templates/OpenIdConnectProviders/OpenIdConnectProviderProperties.cs

@@ -0,0 +1,21 @@
+// --------------------------------------------------------------------------
+//  Copyright (c) Microsoft Corporation. All rights reserved.
+//  Licensed under the MIT License.
+// --------------------------------------------------------------------------
+
+
+namespace Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.OpenIdConnectProviders
+{
+    public class OpenIdConnectProviderProperties
+    {
+        public string DisplayName { get; set; }
+
+        public string Description { get; set; }
+
+        public string MetadataEndpoint { get; set; }
+
+        public string ClientId { get; set; }
+
+        public string ClientSecret { get; set; }
+    }
+}

src/ArmTemplates/Common/Templates/OpenIdConnectProviders/OpenIdConnectProviderResource.cs

@@ -0,0 +1,18 @@
+// --------------------------------------------------------------------------
+//  Copyright (c) Microsoft Corporation. All rights reserved.
+//  Licensed under the MIT License.
+// --------------------------------------------------------------------------
+
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.Abstractions;
+using Newtonsoft.Json;
+
+namespace Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.OpenIdConnectProviders
+{
+    public class OpenIdConnectProviderResource : TemplateResource
+    {
+        [JsonIgnore]
+        public string OriginalName { get; set; }
+
+        public OpenIdConnectProviderProperties Properties { get; set; }
+    }
+}

src/ArmTemplates/Common/Templates/OpenIdConnectProviders/OpenIdConnectProviderResources.cs

@@ -0,0 +1,26 @@
+// --------------------------------------------------------------------------
+//  Copyright (c) Microsoft Corporation. All rights reserved.
+//  Licensed under the MIT License.
+// --------------------------------------------------------------------------
+
+using System.Collections.Generic;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Extensions;
+using Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.Abstractions;
+
+namespace Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.OpenIdConnectProviders
+{
+    public class OpenIdConnectProviderResources: TemplateResourcesBase, ITemplateResources
+    {
+        public List<OpenIdConnectProviderResource> OpenIdConnectProviders { get; set; } = new();
+
+        public TemplateResource[] BuildTemplateResources()
+        {
+            return this.OpenIdConnectProviders.ToArray();
+        }
+
+        public bool HasContent()
+        {
+            return !this.OpenIdConnectProviders.IsNullOrEmpty();
+        }
+    }
+}

src/ArmTemplates/Common/Templates/OpenIdConnectProviders/OpenIdConnectProviderSecret.cs

@@ -0,0 +1,12 @@
+// --------------------------------------------------------------------------
+//  Copyright (c) Microsoft Corporation. All rights reserved.
+//  Licensed under the MIT License.
+// --------------------------------------------------------------------------
+
+namespace Microsoft.Azure.Management.ApiManagement.ArmTemplates.Common.Templates.OpenIdConnectProviders
+{
+    public class OpenIdConnectProviderSecret
+    {
+        public string ClientSecret { get; set; }
+    }
+}