Skip to content

Commit

Permalink
Change azure deploy template for OIDC changes #111 (#112)
Browse files Browse the repository at this point in the history
  • Loading branch information
@kbeaugrand
kbeaugrand authored Jan 26, 2022
1 parent f55bed6 commit 9789f69
Show file tree
Hide file tree
Showing 4 changed files with 40 additions and 52 deletions.
14 changes: 6 additions & 8 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,11 +42,10 @@ The template will deploy in your Azure subscription the Following resources:
1. Choose a solution prefix for your deployment.
1. Use [Portal AD applications configuration](https://cgi-fr.github.io/IoT-Hub-Portal/docs/b2c-applications.html) page to configure your AD B2C Tenant.
> You should have recorded the following information:
> * Tenant name: `<your-tenant-id>`
> * Tenant ID: `<your-tenant-id>`
> * API Client ID: `<your-client-id>`
> * API Client Secret: `<your-client-secret>`
> * OpenID authority: `<your-openid-authority>`
> * OpenID metadata URL: `<your-openid-provider-metadata-url>`
> * Client ID: `<your-client-id>`
> * API Client ID: `<your-client-id>`
1. Press on the button here below to start your Azure Deployment.

Expand All @@ -56,11 +55,10 @@ The template will deploy in your Azure subscription the Following resources:
* **Resource Group**: A logical "folder" where all the template resource would be put into, just choose a meaningful name.
* **Location**: In which DataCenter the resources should be deployed. Make sure to choose a location where IoT Hub is available
* **Unique Solution Prefix**: A string that would be used as prefix for all the resources name to ensure their uniqueness.
* **B2c Directory Name**: The name of the B2C directory that will be used to authenticate the portal.
* **Tenant Id**: the ID of the B2C tenant that will be used to authenticate the portal.
* **Api Client Id**: the ID of the API client that will be used to authenticate the portal.
* **Api Client Secret**: the secret of the API client that will be used to authenticate the portal.
* **Open Id Authority**: The OpenID authority used by the portal.
* **OpenId Metadata URL**: The OpenID metadata URL used by the portal.
* **Client Id**: the ID of the web client that will be used to authenticate the portal.
* **Api Client Id**: the ID of the API client that will be used to authenticate the portal.
* **Edge gateway name**: the name of your LoRa Gateway node in the IoT Hub.
* **Deploy Device**: Do you want demo end devices to be already provisioned (one using OTAA and one using ABP)? If yes set this to true, the code located in the Arduino folder would be ready to use immediately.
* **Reset pin**: The reset pin of your gateway (the value should be 7 for the Seed Studio LoRaWan, 25 for the IC880A)
Expand Down
1 change: 1 addition & 0 deletions src/AzureIoTHub.Portal.sln
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AzureIoTHub.Portal.Shared",
EndProject
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = ".github", ".github", "{3CA153F4-1172-4AF5-B483-94200717AB5C}"
ProjectSection(SolutionItems) = preProject
..\.github\CODEOWNERS = ..\.github\CODEOWNERS
..\.github\pull_request_template.md = ..\.github\pull_request_template.md
EndProjectSection
EndProject
Expand Down
30 changes: 15 additions & 15 deletions templates/azuredeploy.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,18 +8,25 @@
"description": "Prefix used for resource names. Should be unique as this will also be used for domain names."
}
},
"b2cDirectoryName": {
"openIdAuthority": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "The Azure AD B2C Tenant name"
"description": "The Open ID Authority"
}
},
"tenantId": {
"openIdMetadataURL": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "The Azure AD B2C Tenant Id"
"description": "The Open ID metadata Url from the Identity provider"
}
},
"clientId": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "The client ID for the B2C tenant"
}
},
"apiClientId": {
Expand All @@ -36,13 +43,6 @@
"description": "The API client Secret for the B2C tenant"
}
},
"clientId": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "The client ID for the B2C tenant"
}
},
"edgeGatewayName": {
"type": "string",
"metadata": {
Expand Down Expand Up @@ -152,11 +152,11 @@
"uniqueSolutionPrefix": {
"value": "[parameters('uniqueSolutionPrefix')]"
},
"b2cDirectoryName": {
"value": "[parameters('b2cDirectoryName')]"
"openIdAuthority": {
"value": "[parameters('openIdAuthority')]"
},
"tenantId": {
"value": "[parameters('tenantId')]"
"openIdMetadataURL": {
"value": "[parameters('openIdMetadataURL')]"
},
"apiClientId": {
"value": "[parameters('apiClientId')]"
Expand Down
47 changes: 18 additions & 29 deletions templates/portalDeploy.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,18 +8,25 @@
"description": "Prefix used for resource names. Should be unique as this will also be used for domain names."
}
},
"b2cDirectoryName": {
"openIdAuthority": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "The Azure AD B2C Tenant name"
"description": "The Open ID Authority"
}
},
"tenantId": {
"openIdMetadataURL": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "The Azure AD B2C Tenant Id"
"description": "The Open ID metadata Url from the Identity provider"
}
},
"clientId": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "The client ID for the B2C tenant"
}
},
"apiClientId": {
Expand All @@ -35,13 +42,6 @@
"metadata": {
"description": "The API client Secret for the B2C tenant"
}
},
"clientId": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "The client ID for the B2C tenant"
}
}
},
"variables": {
Expand All @@ -54,10 +54,7 @@
"iotHubOwnerPolicyName": "iothubowner",
"provisioningserviceownerPolicyName": "provisioningserviceowner",
"deviceImageContainerName": "device-images",
"iamDomainName": "[concat(parameters('b2cDirectoryName'), '.onmicrosoft.com')]",
"iamInstanceURl": "[concat('https://', parameters('b2cDirectoryName'), '.b2clogin.com')]",
"iamScopeName": "API.Access",
"iamSignUpSignInPolicyId": "B2C_1_SignIn",
"storageAccountId": "[concat(resourceGroup().id, '/providers/', 'Microsoft.Storage/storageAccounts/', variables('storageAccountName'))]",
"enrollmentGroupName": "DemoGatewayEnrollmentGroup",
"appInsightName": "[concat(parameters('uniqueSolutionPrefix'), 'insight')]"
Expand Down Expand Up @@ -184,33 +181,25 @@
"value": "[listkeys(concat(resourceId('Microsoft.Web/sites', variables('functionAppName')), '/host/default/'),'2021-02-01').masterKey]"
},
{
"name": "MsalSettings__ApiClientId",
"name": "OIDC__ApiClientId",
"value": "[parameters('apiClientId')]"
},
{
"name": "MsalSettings__ClientId",
"name": "OIDC__ClientId",
"value": "[parameters('clientId')]"
},
{
"name": "MsalSettings__Domain",
"value": "[variables('iamDomainName')]"
"name": "OIDC__Authority",
"value": "[parameters('openIdAuthority')]"
},
{
"name": "MsalSettings__Instance",
"value": "[variables('iamInstanceURl')]"
"name": "OIDC__MetadataUrl",
"value": "[parameters('openIdMetadataURL')]"
},
{
"name": "MsalSettings__ScopeName",
"name": "OIDC__Scope",
"value": "[variables('iamScopeName')]"
},
{
"name": "MsalSettings__SignUpSignInPolicyId",
"value": "[variables('iamSignUpSignInPolicyId')]"
},
{
"name": "MsalSettings__TenantId",
"value": "[parameters('tenantId')]"
},
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(resourceId(resourceGroup().name,'Microsoft.Insights/components', variables('appInsightName')), '2015-05-01', 'Full').properties.InstrumentationKey]"
Expand Down

0 comments on commit 9789f69

Please sign in to comment.