Merge pull request #23501 from microsoftgraph/main

Merge to publish.

.azure-pipelines/.config/CredScanSuppressions.json

@@ -0,0 +1,57 @@
+{
+  "tool": "Credential Scanner",
+  "suppressions": [
+    {
+      "hash": "4HFMaPyHf2Oq0UHssXYQ+IzVZIRgG18pB/v4dtou7sw=",
+      "_justification": "authenticationmethod-resetpassword.md line 184 Sample password in JSON example"
+    },
+    {
+      "hash": "Dl8lVS64t7J9YPKUCrs6IvmGgwA9lkG/9TTJvKLyIfw=",
+      "_justification": "externallyaccessibleawsstoragebucketfinding-list.md line 118 Sample Azure storage account access key in JSON example"
+    },
+    {
+      "hash": "6uNofS5cYXMBA0lB/CvV80FLhrnf5Pgi8z1A4ouVNzE=",
+      "_justification": "security-passivednsrecord-get.md line 66 Sample general symmetric key in HTTP request example"
+    },
+    {
+      "hash": "DqnzqSuPoql8CRa0NwVQjvMWVEdB/1JVZhMLf5a7caw=",
+      "_justification": "serviceprincipal-createpasswordsinglesignoncredentials.md line 90 Sample common default password in JSON example"
+    },
+    {
+      "hash": "YGEAcd2dkpni4zKf2vds0XCBd4ETjyy6VSqP6wF8K4Y=",
+      "_justification": "security-whoishistoryrecord-get.md line 64 Sample symmetric key in HTTP request example"
+    },
+    {
+      "hash": "yuNZ6vrD0RfK/gi2biOeRwncQ7QBOUsptruQ9gF4fGE=",
+      "_justification": "user-changepassword.md line 67 Sample password in JSON example"
+    },
+    {
+      "hash": "XQQz4syNsXVwCQBB+ROKXms/PeYf1xxMiu93rtFGQzE=",
+      "_justification": "user-validatepassword.md line 69 Sample password in JSON example"
+    },
+    {
+      "hash": "449XS9qz2RDCs4hRlMopVw7CCRxp01qRBUh152CBj1w=",
+      "_justification": "send-sharing-invite-go-snippets.md line 40 Sample password in JSON example"
+    },
+    {
+      "hash": "ezuuJrz3tJVuhDI3QayaAQnoJmJ7OdePNofJCf9yRos=",
+      "_justification": "update-planneruser-go-snippets.md line 22 Sample general symmetric key in code snippets"
+    },
+    {
+      "hash": "4HFMaPyHf2Oq0UHssXYQ+IzVZIRgG18pB/v4dtou7sw=",
+      "_justification": "passwordauthenticationmethod-resetpassword-adminprovided-java-snippets.md line 9 Sample password in code snippets"
+    },
+    {
+      "hash": "pFG5S9mElRlcOZ+ByQRi1yN4nzkV+sW0DBJStZwB13I=",
+      "_justification": "application-saml-sso-configure-api.md line 1004 Sample general symmetric key in JSON example"
+    },
+    {
+      "hash": "lrucAcVPXoYUsoNE7NH+dQDxA5dKVl04BhLUkL2i+k8=",
+      "_justification": "auth-v2-service.md line 166 Sample Azure AD client secret in cURL example"
+    },
+    {
+      "hash": "Yq6kyr67P2hd5i71eNVIOL8EHosrVwv9Mg0R6PdiF6c=",
+      "_justification": "authenticationmethods-get-started.md line 451 Sample general password in JSON example"
+    }
+  ]
+}

Test-Docs.ps1

@@ -8,25 +8,35 @@ $apiDoctorNuGetVersion = $env:API_DOCTOR_NUGET_VERSION
 $apiDoctorGitRepoUrl = $env:API_DOCTOR_GIT_REPO_URL
 $apiDoctorGitBranch = $env:API_DOCTOR_GIT_BRANCH
 $docsRepoPath = (Get-Location).Path
-$docsSubPath = $env:APIDOCTOR_DOCSUBPATH
+$docsSubPath = $env:DOCS_SUB_PATH
 $downloadedApiDoctor = $false
 $downloadedNuGet = $false
 
-Write-Host "Repository location: ", $docsRepoPath
+if ($useNuGetPackage -eq $true) {
+	Write-Host "API Doctor NuGet Version: ", $apiDoctorNuGetVersion
+}
+else {
+	Write-Host "API Doctor Git Repo:"
+    Write-Host "- URL: $apiDoctorGitRepoUrl"
+    Write-Host "- Branch: $apiDoctorGitBranch"
+}
+
+Write-Host "Repository Location: ", $docsRepoPath
+Write-Host "Docs Subpath: ", $docsSubPath
 
 # Check if API Doctor source has been set
-if ($useNuGetPackage -and [string]::IsNullOrWhiteSpace($apiDoctorNuGetVersion)) {
+if ($useNuGetPackage -eq $true -and [string]::IsNullOrWhiteSpace($apiDoctorNuGetVersion)) {
 	Write-Host "API Doctor NuGet package version has not been set. Aborting..."
 	exit 1
 }
-elseif (!$useNuGetPackage -and [string]::IsNullOrWhiteSpace($apiDoctorGitRepoUrl)) {
+elseif ($useNuGetPackage -eq $false -and [string]::IsNullOrWhiteSpace($apiDoctorGitRepoUrl)) {
 	Write-Host "API Doctor Git Repo URL has not been set. Aborting..."
 	exit 1
 }
 
 # Check if docs subpath has been set
 if ([string]::IsNullOrWhiteSpace($docsSubPath)) {
-	Write-Host "API Doctor subpath has not been set. Aborting..."
+	Write-Host "Docs subpath has not been set. Aborting..."
 	exit 1
 }
 
@@ -56,15 +66,15 @@ else {
 	$apidocPath = Join-Path $docsRepoPath -ChildPath "apidoctor"
 	New-Item -ItemType Directory -Force -Path $apidocPath
 
-	if ($useNuGetPackage) {		
+	if ($useNuGetPackage -eq $true) {		
 		# Install API Doctor from NuGet
 		Write-Host "Running nuget.exe from ", $nugetPath
 		$nugetParams = "install", "ApiDoctor", "-Version", $apiDoctorNuGetVersion, "-OutputDirectory", $apidocPath, "-NonInteractive", "-DisableParallelProcessing"
 		& $nugetPath $nugetParams
 
 		if ($LastExitCode -ne 0) { 
 			# NuGet error, so we can't proceed
-			Write-Host "Error installing API Doctor from NuGet. Aborting."
+			Write-Host "Error installing API Doctor from NuGet. Aborting..."
 			Remove-Item $nugetPath
 			exit $LastExitCode
 		}

api-reference/beta/api/accesspackageresource-refresh.md

@@ -89,7 +89,6 @@ POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/a
 
 ---
 
-
 ### Response
 
 The following example shows the response.

api-reference/beta/api/application-addkey.md

@@ -59,7 +59,7 @@ In the request body, provide the following required properties.
 |:---------------|:--------|:----------|
 | keyCredential | [keyCredential](../resources/keycredential.md) | The new application key credential to add. The __type__, __usage__ and __key__ are required properties for this usage. Supported key types are:<br><ul><li>`AsymmetricX509Cert`: The usage must be `Verify`.</li><li>`X509CertAndPassword`: The usage must be `Sign`</li></ul>|
 | passwordCredential | [passwordCredential](../resources/passwordcredential.md) | Only __secretText__ is required to be set which should contain the password for the key. This property is required only for keys of type `X509CertAndPassword`. Set it to `null` otherwise.|
-| proof | String | A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed using the private key of one of the application's existing valid certificates. The token should contain the following claims:<ul><li>`aud` - Audience needs to be `00000003-0000-0000-c000-000000000000`.</li><li>`iss` - Issuer needs to be the __id__  of the application that is making the call.</li><li>`nbf` - Not before time.</li><li>`exp` - Expiration time should be `nbf` + 10 mins.</li></ul><br>For steps to generate this proof of possession token, see [Generating proof of possession tokens for rolling keys](/graph/application-rollkey-prooftoken). For more information about the claim types, see [Claims payload](/azure/active-directory/develop/active-directory-certificate-credentials).|
+| proof | String | A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed using the private key of one of the application's existing valid certificates. The token should contain the following claims:<ul><li>**aud**: Audience needs to be `00000002-0000-0000-c000-000000000000`.</li><li>**iss**: Issuer needs to be the ID of the **application** that initiates the request.</li><li>**nbf**: Not before time.</li><li>**exp**: Expiration time should be the value of **nbf** + 10 minutes.</li></ul><br>For steps to generate this proof of possession token, see [Generating proof of possession tokens for rolling keys](/graph/application-rollkey-prooftoken). For more information about the claim types, see [Claims payload](/azure/active-directory/develop/active-directory-certificate-credentials).|
 
 ## Response
 

api-reference/beta/api/application-removekey.md

@@ -55,7 +55,7 @@ In the request body, provide the following required properties.
 | Property	| Type | Description|
 |:----------|:-----|:-----------|
 | keyId     | Guid | The unique identifier for the password.|
-| proof | String | A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed using the private key of one of the application's existing valid certificates. The token should contain the following claims:<ul><li>`aud` - Audience needs to be `00000002-0000-0000-c000-000000000000`.</li><li>`iss` - Issuer needs to be the __id__  of the application that is making the call.</li><li>`nbf` - Not before time.</li><li>`exp` - Expiration time should be `nbf` + 10 mins.</li></ul><br>For steps to generate this proof of possession token, see [Generating proof of possession tokens for rolling keys](/graph/application-rollkey-prooftoken).|
+| proof | String | A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed using the private key of one of the application's existing valid certificates. The token should contain the following claims:<ul><li>**aud**: Audience needs to be `00000002-0000-0000-c000-000000000000`.</li><li>**iss**: Issuer needs to be the ID of the **application** that initiates the request.</li><li>**nbf**: Not before time.</li><li>**exp**: Expiration time should be the value of **nbf** + 10 minutes.</li></ul><br>For steps to generate this proof of possession token, see [Generating proof of possession tokens for rolling keys](/graph/application-rollkey-prooftoken).|
 
 ## Response