public PSADServicePrincipal CreateServicePrincipal(CreatePSServicePrincipalParameters createParameters)
{
IList<PasswordCredential> passwordCredentials = createParameters.PasswordCredentials != null
? createParameters.PasswordCredentials.Select(psCredential => psCredential.ToGraphPasswordCredential()).ToList()
: null;
IList<KeyCredential> keyCredentials = createParameters.KeyCredentials != null
? createParameters.KeyCredentials.Select(psCredential => psCredential.ToGraphKeyCredential()).ToList()
: null;
ServicePrincipalCreateParameters graphParameters = new ServicePrincipalCreateParameters
{
AppId = createParameters.ApplicationId.ToString(),
AccountEnabled = createParameters.AccountEnabled,
KeyCredentials = keyCredentials,
PasswordCredentials = passwordCredentials
};
try
{
return GraphClient.ServicePrincipals.Create(graphParameters).ToPSADServicePrincipal();
}
catch (GraphErrorException ce)
{
if (ce.Response.StatusCode == HttpStatusCode.Forbidden)
{
AADObject currentUser = GraphClient.Objects.GetCurrentUser();
if (currentUser != null && string.Equals(currentUser.UserType, "Guest", StringComparison.InvariantCultureIgnoreCase))
{
throw new InvalidOperationException(ProjectResources.CreateServicePrincipalNotAllowedGuestUser);
}
}
throw;
}
}