Update IdentifierUris

Azure · wyunchi-ms · May 12, 2021 · May 10, 2021 · May 10, 2021 · May 10, 2021
commit 9ddd792937b3cf5ff16341e4319c23e3a3e9d9db
diff --git a/src/Resources/Resources/ActiveDirectory/Cmdlets/NewAzureADApplicationCommand.cs b/src/Resources/Resources/ActiveDirectory/Cmdlets/NewAzureADApplicationCommand.cs
@@ -13,7 +13,6 @@
 // ----------------------------------------------------------------------------------
 
 using Microsoft.WindowsAzure.Commands.Common;
-using Microsoft.WindowsAzure.Commands.Common.CustomAttributes;
 using Microsoft.WindowsAzure.Commands.Utilities.Common;
 using System;
 using System.Management.Automation;
@@ -40,16 +39,15 @@ public class NewAzureADApplicationCommand : ActiveDirectoryBaseCmdlet
         [ValidateNotNullOrEmpty]
         public string DisplayName { get; set; }
 
-        [CmdletParameterBreakingChange("IdentifierUris", ChangeDescription = "The value will be considered valid only if it exists as a verified domain in a tenant.")]
-        [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithoutCredential,
+        [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithoutCredential,
             HelpMessage = "The URIs that identify the application.")]
-        [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithPasswordPlain,
+        [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithPasswordPlain,
             HelpMessage = "The URIs that identify the application.")]
-        [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithPasswordCredential,
+        [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithPasswordCredential,
             HelpMessage = "The URIs that identify the application.")]
-        [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithKeyPlain,
+        [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithKeyPlain,
             HelpMessage = "The URIs that identify the application.")]
-        [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithKeyCredential,
+        [Parameter(Mandatory = false, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.ApplicationWithKeyCredential,
             HelpMessage = "The URIs that identify the application.")]
         [ValidateNotNullOrEmpty]
         public string[] IdentifierUris { get; set; }
@@ -140,7 +138,7 @@ public override void ExecuteCmdlet()
             {
                 DisplayName = DisplayName,
                 HomePage = HomePage,
-                IdentifierUris = IdentifierUris,
+                IdentifierUris = (IdentifierUris == null) ? new string[] { } : IdentifierUris,
                 ReplyUrls = ReplyUrls,
                 AvailableToOtherTenants = AvailableToOtherTenants
             };

diff --git a/src/Resources/Resources/ActiveDirectory/Cmdlets/NewAzureADServicePrincipalCommand.cs b/src/Resources/Resources/ActiveDirectory/Cmdlets/NewAzureADServicePrincipalCommand.cs
@@ -16,12 +16,10 @@
 using Microsoft.Azure.Commands.Resources.Models;
 using Microsoft.Azure.Commands.Resources.Models.Authorization;
 using Microsoft.WindowsAzure.Commands.Common;
-using Microsoft.WindowsAzure.Commands.Common.CustomAttributes;
 using Microsoft.WindowsAzure.Commands.Utilities.Common;
 using System;
 using System.Management.Automation;
-using System.Security;
-using System.Threading;
+using System.Web;
 using ProjectResources = Microsoft.Azure.Commands.Resources.Properties.Resources;
 
 namespace Microsoft.Azure.Commands.ActiveDirectory
@@ -48,7 +46,6 @@ public class NewAzureADServicePrincipalCommand : ActiveDirectoryBaseCmdlet
         [Parameter(Mandatory = false, ParameterSetName = SimpleParameterSet, HelpMessage = "The application id for which service principal is created.")]
         public Guid ApplicationId { get; set; }
 
-        [CmdletParameterBreakingChange("DisplayName", ChangeDescription = "DisplayName is used as the IdentifierUri of created application. The value will be considered valid only if it exists as a verified domain in a tenant.")]
         [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.DisplayNameWithoutCredential,
             HelpMessage = "The display name for the application.")]
         [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.DisplayNameWithPasswordPlain,
@@ -59,8 +56,7 @@ public class NewAzureADServicePrincipalCommand : ActiveDirectoryBaseCmdlet
             HelpMessage = "The display name for the application.")]
         [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = ParameterSet.DisplayNameWithKeyCredential,
             HelpMessage = "The display name for the application.")]
-        [Parameter(Mandatory = false, ParameterSetName = SimpleParameterSet, HelpMessage = "The display name for the application. If a display name is not provided, " +
-            "this value will default to 'azure-powershell-MM-dd-yyyy-HH-mm-ss', where the suffix is the time of application creation.")]
+        [Parameter(Mandatory = false, ParameterSetName = SimpleParameterSet, HelpMessage = "The display name for the service principal is derived from the IdentifierUris of created application.")]
         [ValidateNotNullOrEmpty]
         public string DisplayName { get; set; }
 
@@ -196,15 +192,18 @@ public override void ExecuteCmdlet()
 
                 if (ApplicationId == Guid.Empty)
                 {
-                    string uri = "http://" + DisplayName.Trim().Replace(' ', '_');
+
 
                     // Create an application and get the applicationId
-                    CreatePSApplicationParameters appParameters = new CreatePSApplicationParameters
+                    CreatePSApplicationParameters appParameters = new CreatePSApplicationParameters();
+
+                    if(this.IsParameterBound(c => c.DisplayName) && !string.IsNullOrEmpty(DisplayName))
                     {
-                        DisplayName = DisplayName,
-                        IdentifierUris = new[] { uri },
-                        HomePage = uri
-                    };
+                        string uri = "http://" + HttpUtility.UrlEncode(DisplayName.Trim());
+                        appParameters.IdentifierUris = new[] { uri };
+                        appParameters.HomePage = uri;
+                        appParameters.DisplayName = DisplayName;
+                    }
 
                     if (this.IsParameterBound(c => c.PasswordCredential))
                     {
@@ -271,8 +270,6 @@ private void CreateSimpleServicePrincipal()
                 WriteVerbose(string.Format("No display name provided - using the default display name of '{0}'", DisplayName));
             }
 
-            var identifierUri = "http://" + DisplayName;
-
             bool printPassword = false;
             bool printUseExistingSecret = true;
 
@@ -286,8 +283,7 @@ private void CreateSimpleServicePrincipal()
                 CreatePSApplicationParameters appParameters = new CreatePSApplicationParameters
                 {
                     DisplayName = DisplayName,
-                    IdentifierUris = new[] { identifierUri },
-                    HomePage = identifierUri,
+                    HomePage = "http://" + HttpUtility.UrlEncode(DisplayName.Trim()),
                     PasswordCredentials = new PSADPasswordCredential[]
                     {
                         new PSADPasswordCredential()

diff --git a/src/Resources/Resources/ChangeLog.md b/src/Resources/Resources/ChangeLog.md
@@ -19,6 +19,8 @@
 -->
 
 ## Upcoming Release
+* Changed `-IdentifierUris` in `New-AzADApplication` to optional parameter
+* Removed default DisplayName of ADServicePrincipal when it is not specified
 * Added `AdditionalProperties` to PSADUser and PSADGroup [#14568]
 * Supported `CustomKeyIdentifier` in `New-AzADAppCredential` and `Get-AzADAppCredential` [#11457], [#13723]
 

diff --git a/src/Resources/Resources/help/New-AzADApplication.md b/src/Resources/Resources/help/New-AzADApplication.md
@@ -15,35 +15,35 @@ Creates a new azure active directory application.
 
 ### ApplicationWithoutCredentialParameterSet (Default)
 ```
-New-AzADApplication -DisplayName <String> -IdentifierUris <String[]> [-HomePage <String>]
+New-AzADApplication -DisplayName <String> [-IdentifierUris <String[]>] [-HomePage <String>]
  [-ReplyUrls <String[]>] [-AvailableToOtherTenants <Boolean>] [-DefaultProfile <IAzureContextContainer>]
  [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationWithPasswordPlainParameterSet
 ```
-New-AzADApplication -DisplayName <String> -IdentifierUris <String[]> [-HomePage <String>]
+New-AzADApplication -DisplayName <String> [-IdentifierUris <String[]>] [-HomePage <String>]
  [-ReplyUrls <String[]>] [-AvailableToOtherTenants <Boolean>] -Password <SecureString> [-StartDate <DateTime>]
  [-EndDate <DateTime>] [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationWithPasswordCredentialParameterSet
 ```
-New-AzADApplication -DisplayName <String> -IdentifierUris <String[]> [-HomePage <String>]
+New-AzADApplication -DisplayName <String> [-IdentifierUris <String[]>] [-HomePage <String>]
  [-ReplyUrls <String[]>] [-AvailableToOtherTenants <Boolean>] -PasswordCredentials <PSADPasswordCredential[]>
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationWithKeyPlainParameterSet
 ```
-New-AzADApplication -DisplayName <String> -IdentifierUris <String[]> [-HomePage <String>]
+New-AzADApplication -DisplayName <String> [-IdentifierUris <String[]>] [-HomePage <String>]
  [-ReplyUrls <String[]>] [-AvailableToOtherTenants <Boolean>] -CertValue <String> [-StartDate <DateTime>]
  [-EndDate <DateTime>] [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationWithKeyCredentialParameterSet
 ```
-New-AzADApplication -DisplayName <String> -IdentifierUris <String[]> [-HomePage <String>]
+New-AzADApplication -DisplayName <String> [-IdentifierUris <String[]>] [-HomePage <String>]
  [-ReplyUrls <String[]>] [-AvailableToOtherTenants <Boolean>] -KeyCredentials <PSADKeyCredential[]>
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
@@ -180,7 +180,7 @@ Type: System.String[]
 Parameter Sets: (All)
 Aliases:
 
-Required: True
+Required: False
 Position: Named
 Default value: None
 Accept pipeline input: True (ByPropertyName)

diff --git a/src/Resources/Resources/help/New-AzADServicePrincipal.md b/src/Resources/Resources/help/New-AzADServicePrincipal.md
@@ -14,106 +14,91 @@ Creates a new Azure active directory service principal.
 ## SYNTAX
 
 ### SimpleParameterSet (Default)
-
 ```
 New-AzADServicePrincipal [-ApplicationId <Guid>] [-DisplayName <String>] [-StartDate <DateTime>]
  [-EndDate <DateTime>] [-Scope <String>] [-Role <String>] [-SkipAssignment]
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationWithoutCredentialParameterSet
-
 ```
 New-AzADServicePrincipal -ApplicationId <Guid> [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm]
  [<CommonParameters>]
 ```
 
 ### ApplicationWithPasswordPlainParameterSet
-
 ```
 New-AzADServicePrincipal -ApplicationId <Guid> [-StartDate <DateTime>] [-EndDate <DateTime>]
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationWithPasswordCredentialParameterSet
-
 ```
 New-AzADServicePrincipal -ApplicationId <Guid> -PasswordCredential <PSADPasswordCredential[]>
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationWithKeyPlainParameterSet
-
 ```
 New-AzADServicePrincipal -ApplicationId <Guid> -CertValue <String> [-StartDate <DateTime>]
  [-EndDate <DateTime>] [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationWithKeyCredentialParameterSet
-
 ```
 New-AzADServicePrincipal -ApplicationId <Guid> -KeyCredential <PSADKeyCredential[]>
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### DisplayNameWithoutCredentialParameterSet
-
 ```
 New-AzADServicePrincipal -DisplayName <String> [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm]
  [<CommonParameters>]
 ```
 
 ### DisplayNameWithPasswordPlainParameterSet
-
 ```
 New-AzADServicePrincipal -DisplayName <String> [-StartDate <DateTime>] [-EndDate <DateTime>]
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### DisplayNameWithPasswordCredentialParameterSet
-
 ```
 New-AzADServicePrincipal -DisplayName <String> -PasswordCredential <PSADPasswordCredential[]>
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### DisplayNameWithKeyPlainParameterSet
-
 ```
 New-AzADServicePrincipal -DisplayName <String> -CertValue <String> [-StartDate <DateTime>]
  [-EndDate <DateTime>] [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### DisplayNameWithKeyCredentialParameterSet
-
 ```
 New-AzADServicePrincipal -DisplayName <String> -KeyCredential <PSADKeyCredential[]>
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationObjectWithPasswordPlainParameterSet
-
 ```
 New-AzADServicePrincipal -ApplicationObject <PSADApplication> [-StartDate <DateTime>] [-EndDate <DateTime>]
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationObjectWithPasswordCredentialParameterSet
-
 ```
 New-AzADServicePrincipal -ApplicationObject <PSADApplication> -PasswordCredential <PSADPasswordCredential[]>
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationObjectWithKeyPlainParameterSet
-
 ```
 New-AzADServicePrincipal -ApplicationObject <PSADApplication> -CertValue <String> [-StartDate <DateTime>]
  [-EndDate <DateTime>] [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ### ApplicationObjectWithKeyCredentialParameterSet
-
 ```
 New-AzADServicePrincipal -ApplicationObject <PSADApplication> -KeyCredential <PSADKeyCredential[]>
  [-DefaultProfile <IAzureContextContainer>] [-WhatIf] [-Confirm] [<CommonParameters>]
@@ -150,11 +135,13 @@ New-AzADServicePrincipal
 
 ```Output
 Secret                : System.Security.SecureString
-ServicePrincipalNames : {00000000-0000-0000-0000-000000000000, http://azure-powershell-05-22-2018-18-23-43}
+ServicePrincipalNames : {00000000-0000-0000-0000-000000000000}
 ApplicationId         : 00000000-0000-0000-0000-000000000000
 DisplayName           : azure-powershell-05-22-2018-18-23-43
 Id                    : 00000000-0000-0000-0000-000000000000
 Type                  : ServicePrincipal
+
+WARNING: Assigning role 'Contributor' over scope '/subscriptions/00000000-0000-0000-0000-000000000000' to the new service principal.
 ```
 
 ### Example 2: Simple AD service principal creation with a specified role and default scope
@@ -170,7 +157,7 @@ New-AzADServicePrincipal -Role Reader
 
 ```Output
 Secret                : System.Security.SecureString
-ServicePrincipalNames : {00000000-0000-0000-0000-000000000000, http://azure-powershell-05-22-2018-18-23-43}
+ServicePrincipalNames : {00000000-0000-0000-0000-000000000000}
 ApplicationId         : 00000000-0000-0000-0000-000000000000
 DisplayName           : azure-powershell-05-22-2018-18-23-43
 Id                    : 00000000-0000-0000-0000-000000000000
@@ -192,7 +179,7 @@ New-AzADServicePrincipal -Scope /subscriptions/00000000-0000-0000-0000-000000000
 
 ```Output
 Secret                : System.Security.SecureString
-ServicePrincipalNames : {00000000-0000-0000-0000-000000000000, http://azure-powershell-05-22-2018-18-23-43}
+ServicePrincipalNames : {00000000-0000-0000-0000-000000000000}
 ApplicationId         : 00000000-0000-0000-0000-000000000000
 DisplayName           : azure-powershell-05-22-2018-18-23-43
 Id                    : 00000000-0000-0000-0000-000000000000
@@ -214,7 +201,7 @@ New-AzADServicePrincipal -Role Reader -Scope /subscriptions/00000000-0000-0000-0
 
 ```Output
 Secret                : System.Security.SecureString
-ServicePrincipalNames : {00000000-0000-0000-0000-000000000000, http://azure-powershell-05-22-2018-18-23-43}
+ServicePrincipalNames : {00000000-0000-0000-0000-000000000000}
 ApplicationId         : 00000000-0000-0000-0000-000000000000
 DisplayName           : azure-powershell-05-22-2018-18-23-43
 Id                    : 00000000-0000-0000-0000-000000000000
@@ -614,10 +601,8 @@ Accept wildcard characters: False
 ```
 
 ### CommonParameters
-This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
--InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose,
--WarningAction, and -WarningVariable. For more information, see
-[about_CommonParameters](/powershell/module/microsoft.powershell.core/about/about_commonparameters).
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
+
 ## INPUTS
 
 ### System.Guid