-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathgraph_licenses.py
More file actions
170 lines (132 loc) · 4.95 KB
/
graph_licenses.py
File metadata and controls
170 lines (132 loc) · 4.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
# graph_licenses.py
import requests
from typing import Optional, Dict, Any, List
from auth import get_access_token
GRAPH_BASE_URL = "https://graph.microsoft.com/v1.0"
def call_graph(
method: str,
endpoint: str,
token: str,
params: Optional[Dict[str, Any]] = None,
json: Optional[Dict[str, Any]] = None,
) -> Dict[str, Any]:
"""Generic Graph caller returning a structured response."""
url = f"{GRAPH_BASE_URL}{endpoint}"
headers = {
"Authorization": f"Bearer {token}",
"Content-Type": "application/json"
}
response = requests.request(method, url, headers=headers, params=params, json=json)
try:
data = response.json() if response.content else None
except ValueError:
data = None
return {
"success": response.ok,
"status_code": response.status_code,
"data": data,
"error": None if response.ok else data
}
def _resolve_sku_id(sku_name: str, token: str) -> Optional[str]:
"""Resolve a SKU display name or part number to its skuId."""
result = call_graph("GET", "/subscribedSkus", token)
if not result["success"] or not result["data"]:
return None
for sku in result["data"].get("value", []):
if sku.get("skuPartNumber", "").upper() == sku_name.upper():
return sku["skuId"]
return None
# ============================================================
# LIST AVAILABLE LICENSE SKUs
# ============================================================
def list_skus() -> Dict[str, Any]:
"""List all subscribed license SKUs in the tenant."""
token = get_access_token()
result = call_graph("GET", "/subscribedSkus", token)
skus: List[Dict[str, Any]] = []
if result["success"] and result["data"]:
skus = [
{
"skuId": s["skuId"],
"skuPartNumber": s["skuPartNumber"],
"consumed": s.get("consumedUnits"),
"enabled": s.get("prepaidUnits", {}).get("enabled")
}
for s in result["data"].get("value", [])
]
return {
"success": result["success"],
"status_code": result["status_code"],
"skus": skus,
"error": result["error"] if not result["success"] else None
}
# ============================================================
# GET USER LICENSES
# ============================================================
def get_user_licenses(user_id: str) -> Dict[str, Any]:
"""Get licenses assigned to a user."""
token = get_access_token()
result = call_graph("GET", f"/users/{user_id}/licenseDetails", token)
licenses: List[Dict[str, Any]] = []
if result["success"] and result["data"]:
licenses = [
{
"skuId": l["skuId"],
"skuPartNumber": l["skuPartNumber"]
}
for l in result["data"].get("value", [])
]
return {
"success": result["success"],
"status_code": result["status_code"],
"licenses": licenses,
"error": result["error"] if not result["success"] else None
}
# ============================================================
# ASSIGN LICENSE
# ============================================================
def assign_license(user_id: str, sku_name: str) -> Dict[str, Any]:
"""Assign a license to a user by SKU part number (e.g., AAD_PREMIUM_P1)."""
token = get_access_token()
sku_id = _resolve_sku_id(sku_name, token)
if not sku_id:
return {
"success": False,
"reason": "SKUNotFound",
"message": f"SKU '{sku_name}' not found in subscribed SKUs."
}
payload = {
"addLicenses": [{"skuId": sku_id}],
"removeLicenses": []
}
result = call_graph("POST", f"/users/{user_id}/assignLicense", token, json=payload)
return {
"success": result["success"],
"status_code": result["status_code"],
"error": result["error"] if not result["success"] else None
}
# ============================================================
# REMOVE LICENSE
# ============================================================
def remove_license(user_id: str, sku_name: str) -> Dict[str, Any]:
"""Remove a license from a user by SKU part number (e.g., AAD_PREMIUM_P1)."""
token = get_access_token()
sku_id = _resolve_sku_id(sku_name, token)
if not sku_id:
return {
"success": False,
"reason": "SKUNotFound",
"message": f"SKU '{sku_name}' not found in subscribed SKUs."
}
payload = {
"addLicenses": [],
"removeLicenses": [sku_id]
}
result = call_graph("POST", f"/users/{user_id}/assignLicense", token, json=payload)
return {
"success": result["success"],
"status_code": result["status_code"],
"error": result["error"] if not result["success"] else None
}
if __name__ == "__main__":
print("graph_licenses module loaded. Use from main.py for menu-driven flows.")