Class: Azure::ARM::Web::Models::SiteAuthSettings

Inherits:

Object

• Object
• Azure::ARM::Web::Models::SiteAuthSettings

Includes:

MsRestAzure

Defined in:

lib/generated/azure_mgmt_web/models/site_auth_settings.rb

Overview

Configuration settings for the Azure App Service Authentication / Authorization feature.

Instance Attribute Summary

• #aad_client_id ⇒ String
• #additional_login_params ⇒ Array<String>

  send to the OpenID Connect authorization endpoint when a user logs in.

• #allowed_audiences ⇒ Array<String>

  to consider when validating JWTs issued by Azure Active Directory.

• #allowed_external_redirect_urls ⇒ Array<String>

  that can be redirected to as part of logging in or logging out of the web app.

• #client_id ⇒ String

  application, known as the client_id.

• #client_secret ⇒ String

  application (in Azure Active Directory, this is also referred to as the Key).

• #default_provider ⇒ BuiltInAuthenticationProvider

  authentication provider to use when multiple providers are configured.

• #enabled ⇒ Boolean

  Authentication / Authorization feature is enabled for the current app.

• #facebook_app_id ⇒ String

  login.

• #facebook_app_secret ⇒ String

  for Facebook Login.

• #facebook_oauth_scopes ⇒ Array<String>

  requested as part of Facebook Login authentication.

• #google_client_id ⇒ String

  Google web application.

• #google_client_secret ⇒ String

  Google web application.

• #google_oauth_scopes ⇒ Array<String>

  requested as part of Google Sign-In authentication.

• #http_api_prefix_path ⇒ String

  platform HTTP APIs.

• #issuer ⇒ String

  represents the entity which issues access tokens for this application.

• #microsoft_account_client_id ⇒ String

  for the app used for authentication.

• #microsoft_account_client_secret ⇒ String

  created for the app used for authentication.

• #microsoft_account_oauth_scopes ⇒ Array<String>

  requested as part of Microsoft Account authentication.

• #open_id_issuer ⇒ String
• #token_refresh_extension_hours ⇒ Float

  expiration that a session token can be used to call the token refresh API.

• #token_store_enabled ⇒ Boolean

  store platform-specific security tokens obtained during login flows.

• #twitter_consumer_key ⇒ String

  Twitter application used for sign-in.

• #twitter_consumer_secret ⇒ String

  Twitter application used for sign-in.

• #unauthenticated_client_action ⇒ UnauthenticatedClientAction

  when an unauthenticated client attempts to access the app.

Class Method Summary

• .mapper ⇒ Object

  Mapper for SiteAuthSettings class as Ruby Hash.

Instance Attribute Details

#aad_client_id ⇒ String

Returns:

• (String)

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 109

def aad_client_id
  @aad_client_id
end

#additional_login_params ⇒ Array<String>

send to the OpenID Connect authorization endpoint when a user logs in. Each parameter must be in the form “key=value”.

Returns:

• (Array<String>) —

  Gets or sets a list of login parameters to

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 106

def additional_login_params
  @additional_login_params
end

#allowed_audiences ⇒ Array<String>

to consider when validating JWTs issued by Azure Active Directory. Note that the Microsoft.Web.Hosting.Administration.SiteAuthSettings.ClientId value is always considered an allowed audience, regardless of this setting.

Returns:

• (Array<String>) —

  Gets or sets a list of allowed audience values

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 100

def allowed_audiences
  @allowed_audiences
end

#allowed_external_redirect_urls ⇒ Array<String>

that can be redirected to as part of logging in or logging out of the web app. Note that the query string part of the URL is ignored. This is an advanced setting typically only needed by Windows Store application backends. Note that URLs within the current domain are always implicitly allowed.

Returns:

• (Array<String>) —

  Gets or sets a collection of external URLs

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 45

def allowed_external_redirect_urls
  @allowed_external_redirect_urls
end

#client_id ⇒ String

application, known as the client_id. This setting is required for enabling OpenID Connection authentication with Azure Active Directory or other 3rd party OpenID Connect providers. More information on OpenID Connect: openid.net/specs/openid-connect-core-1_0.html

Returns:

• (String) —

  Gets or sets the Client ID of this relying party

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 69

def client_id
  @client_id
end

#client_secret ⇒ String

application (in Azure Active Directory, this is also referred to as the Key). This setting is optional. If no client secret is configured, the OpenID Connect implicit auth flow is used to authenticate end users. Otherwise, the OpenID Connect Authorization Code Flow is used to authenticate end users. More information on OpenID Connect: openid.net/specs/openid-connect-core-1_0.html

Returns:

• (String) —

  Gets or sets the Client Secret of this relying party

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 81

def client_secret
  @client_secret
end

#default_provider ⇒ BuiltInAuthenticationProvider

authentication provider to use when multiple providers are configured. This setting is only needed if multiple providers are configured and the unauthenticated client action is set to “RedirectToLoginPage”. Possible values include: ‘AzureActiveDirectory’, ‘Facebook’, ‘Google’, ‘MicrosoftAccount’, ‘Twitter’

Returns:

• (BuiltInAuthenticationProvider) —

  Gets or sets the default

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 55

def default_provider
  @default_provider
end

#enabled ⇒ Boolean

Authentication / Authorization feature is enabled for the current app.

Returns:

• (Boolean) —

  Gets or sets a value indicating whether the

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 18

def enabled
  @enabled
end

#facebook_app_id ⇒ String

login. This setting is required for enabling Facebook Login. Facebook Login documentation: developers.facebook.com/docs/facebook-login

Returns:

• (String) —

  Gets or sets the App ID of the Facebook app used for

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 141

def facebook_app_id
  @facebook_app_id
end

#facebook_app_secret ⇒ String

for Facebook Login. This setting is required for enabling Facebook Login. Facebook Login documentation: developers.facebook.com/docs/facebook-login

Returns:

• (String) —

  Gets or sets the App Secret of the Facebook app used

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 148

def facebook_app_secret
  @facebook_app_secret
end

#facebook_oauth_scopes ⇒ Array<String>

requested as part of Facebook Login authentication. This setting is optional. Facebook Login documentation: developers.facebook.com/docs/facebook-login

Returns:

• (Array<String>) —

  Gets or sets the OAuth 2.0 scopes that will be

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 155

def facebook_oauth_scopes
  @facebook_oauth_scopes
end

#google_client_id ⇒ String

Google web application. This setting is required for enabling Google Sign-In. Google Sign-In documentation: developers.google.com/identity/sign-in/web/

Returns:

• (String) —

  Gets or sets the OpenID Connect Client ID for the

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 119

def google_client_id
  @google_client_id
end

#google_client_secret ⇒ String

Google web application. This setting is required for enabling Google Sign-In. Google Sign-In documentation: developers.google.com/identity/sign-in/web/

Returns:

• (String) —

  Gets or sets the client secret associated with the

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 126

def google_client_secret
  @google_client_secret
end

#google_oauth_scopes ⇒ Array<String>

requested as part of Google Sign-In authentication. This setting is optional. If not specified, “openid”, “profile”, and “email” are used as default scopes. Google Sign-In documentation: developers.google.com/identity/sign-in/web/

Returns:

• (Array<String>) —

  Gets or sets the OAuth 2.0 scopes that will be

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 134

def google_oauth_scopes
  @google_oauth_scopes
end

#http_api_prefix_path ⇒ String

platform HTTP APIs. Changing this value is not recommended except for compatibility reasons.

Returns:

• (String) —

  Gets or sets the relative path prefix used by

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 24

def http_api_prefix_path
  @http_api_prefix_path
end

#issuer ⇒ String

represents the entity which issues access tokens for this application. When using Azure Active Directory, this value is the URI of the directory tenant, e.g. sts.windows.net/tenant-guid/. This URI is a case-sensitive identifier for the token issuer. More information on OpenID Connect Discovery: openid.net/specs/openid-connect-discovery-1_0.html

Returns:

• (String) —

  Gets or sets the OpenID Connect Issuer URI that

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 92

def issuer
  @issuer
end

#microsoft_account_client_id ⇒ String

for the app used for authentication. This setting is required for enabling Microsoft Account authentication. Microsoft Account OAuth documentation: dev.onedrive.com/auth/msa_oauth.htm

Returns:

• (String) —

  Gets or sets the OAuth 2.0 client ID that was created

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 177

def microsoft_account_client_id
  @microsoft_account_client_id
end

#microsoft_account_client_secret ⇒ String

created for the app used for authentication. This setting is required for enabling Microsoft Account authentication. Microsoft Account OAuth documentation: dev.onedrive.com/auth/msa_oauth.htm

Returns:

• (String) —

  Gets or sets the OAuth 2.0 client secret that was

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 185

def microsoft_account_client_secret
  @microsoft_account_client_secret
end

#microsoft_account_oauth_scopes ⇒ Array<String>

requested as part of Microsoft Account authentication. This setting is optional. If not specified, “wl.basic” is used as the default scope. Microsoft Account Scopes and permissions documentation: msdn.microsoft.com/en-us/library/dn631845.aspx

Returns:

• (Array<String>) —

  Gets or sets the OAuth 2.0 scopes that will be

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 193

def microsoft_account_oauth_scopes
  @microsoft_account_oauth_scopes
end

#open_id_issuer ⇒ String

Returns:

• (String)

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 112

def open_id_issuer
  @open_id_issuer
end

#token_refresh_extension_hours ⇒ Float

expiration that a session token can be used to call the token refresh API. The default is 72 hours.

Returns:

• (Float) —

  Gets or sets the number of hours after session token

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 60

def token_refresh_extension_hours
  @token_refresh_extension_hours
end

#token_store_enabled ⇒ Boolean

store platform-specific security tokens obtained during login flows. This capability is disabled by default.

Returns:

• (Boolean) —

  Gets or sets a value indicating whether to durably

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 35

def token_store_enabled
  @token_store_enabled
end

#twitter_consumer_key ⇒ String

Twitter application used for sign-in. This setting is required for enabling Twitter Sign-In. Twitter Sign-In documentation: dev.twitter.com/web/sign-in

Returns:

• (String) —

  Gets or sets the OAuth 1.0a consumer key of the

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 162

def twitter_consumer_key
  @twitter_consumer_key
end

#twitter_consumer_secret ⇒ String

Twitter application used for sign-in. This setting is required for enabling Twitter Sign-In. Twitter Sign-In documentation: dev.twitter.com/web/sign-in

Returns:

• (String) —

  Gets or sets the OAuth 1.0a consumer secret of the

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 169

def twitter_consumer_secret
  @twitter_consumer_secret
end

#unauthenticated_client_action ⇒ UnauthenticatedClientAction

when an unauthenticated client attempts to access the app. Possible values include: ‘RedirectToLoginPage’, ‘AllowAnonymous’

Returns:

• (UnauthenticatedClientAction) —

  Gets or sets the action to take

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 29

def unauthenticated_client_action
  @unauthenticated_client_action
end

Class Method Details

.mapper ⇒ Object

Mapper for SiteAuthSettings class as Ruby Hash. This will be used for serialization/deserialization.

# File 'lib/generated/azure_mgmt_web/models/site_auth_settings.rb', line 200

def self.mapper()
  {
    required: false,
    serialized_name: 'SiteAuthSettings',
    type: {
      name: 'Composite',
      class_name: 'SiteAuthSettings',
      model_properties: {
        enabled: {
          required: false,
          serialized_name: 'enabled',
          type: {
            name: 'Boolean'
          }
        },
        http_api_prefix_path: {
          required: false,
          serialized_name: 'httpApiPrefixPath',
          type: {
            name: 'String'
          }
        },
        unauthenticated_client_action: {
          required: false,
          serialized_name: 'unauthenticatedClientAction',
          type: {
            name: 'Enum',
            module: 'UnauthenticatedClientAction'
          }
        },
        token_store_enabled: {
          required: false,
          serialized_name: 'tokenStoreEnabled',
          type: {
            name: 'Boolean'
          }
        },
        allowed_external_redirect_urls: {
          required: false,
          serialized_name: 'allowedExternalRedirectUrls',
          type: {
            name: 'Sequence',
            element: {
                required: false,
                serialized_name: 'StringElementType',
                type: {
                  name: 'String'
                }
            }
          }
        },
        default_provider: {
          required: false,
          serialized_name: 'defaultProvider',
          type: {
            name: 'Enum',
            module: 'BuiltInAuthenticationProvider'
          }
        },
        token_refresh_extension_hours: {
          required: false,
          serialized_name: 'tokenRefreshExtensionHours',
          type: {
            name: 'Double'
          }
        },
        client_id: {
          required: false,
          serialized_name: 'clientId',
          type: {
            name: 'String'
          }
        },
        client_secret: {
          required: false,
          serialized_name: 'clientSecret',
          type: {
            name: 'String'
          }
        },
        issuer: {
          required: false,
          serialized_name: 'issuer',
          type: {
            name: 'String'
          }
        },
        allowed_audiences: {
          required: false,
          serialized_name: 'allowedAudiences',
          type: {
            name: 'Sequence',
            element: {
                required: false,
                serialized_name: 'StringElementType',
                type: {
                  name: 'String'
                }
            }
          }
        },
        additional_login_params: {
          required: false,
          serialized_name: 'additionalLoginParams',
          type: {
            name: 'Sequence',
            element: {
                required: false,
                serialized_name: 'StringElementType',
                type: {
                  name: 'String'
                }
            }
          }
        },
        aad_client_id: {
          required: false,
          serialized_name: 'aadClientId',
          type: {
            name: 'String'
          }
        },
        open_id_issuer: {
          required: false,
          serialized_name: 'openIdIssuer',
          type: {
            name: 'String'
          }
        },
        google_client_id: {
          required: false,
          serialized_name: 'googleClientId',
          type: {
            name: 'String'
          }
        },
        google_client_secret: {
          required: false,
          serialized_name: 'googleClientSecret',
          type: {
            name: 'String'
          }
        },
        google_oauth_scopes: {
          required: false,
          serialized_name: 'googleOAuthScopes',
          type: {
            name: 'Sequence',
            element: {
                required: false,
                serialized_name: 'StringElementType',
                type: {
                  name: 'String'
                }
            }
          }
        },
        facebook_app_id: {
          required: false,
          serialized_name: 'facebookAppId',
          type: {
            name: 'String'
          }
        },
        facebook_app_secret: {
          required: false,
          serialized_name: 'facebookAppSecret',
          type: {
            name: 'String'
          }
        },
        facebook_oauth_scopes: {
          required: false,
          serialized_name: 'facebookOAuthScopes',
          type: {
            name: 'Sequence',
            element: {
                required: false,
                serialized_name: 'StringElementType',
                type: {
                  name: 'String'
                }
            }
          }
        },
        twitter_consumer_key: {
          required: false,
          serialized_name: 'twitterConsumerKey',
          type: {
            name: 'String'
          }
        },
        twitter_consumer_secret: {
          required: false,
          serialized_name: 'twitterConsumerSecret',
          type: {
            name: 'String'
          }
        },
        microsoft_account_client_id: {
          required: false,
          serialized_name: 'microsoftAccountClientId',
          type: {
            name: 'String'
          }
        },
        microsoft_account_client_secret: {
          required: false,
          serialized_name: 'microsoftAccountClientSecret',
          type: {
            name: 'String'
          }
        },
        microsoft_account_oauth_scopes: {
          required: false,
          serialized_name: 'microsoftAccountOAuthScopes',
          type: {
            name: 'Sequence',
            element: {
                required: false,
                serialized_name: 'StringElementType',
                type: {
                  name: 'String'
                }
            }
          }
        }
      }
    }
  }
end