Azure-Samples
diff --git a/‎infrastructure/afd-apim-pe/create.ipynb‎
Lines changed: 2 additions & 2 deletions b/‎infrastructure/afd-apim-pe/create.ipynb‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎infrastructure/apim-aca/create.ipynb‎
Lines changed: 1 addition & 1 deletion b/‎infrastructure/apim-aca/create.ipynb‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎infrastructure/simple-apim/create.ipynb‎
Lines changed: 1 addition & 1 deletion b/‎infrastructure/simple-apim/create.ipynb‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎samples/_TEMPLATE/create.ipynb‎
Lines changed: 7 additions & 16 deletions b/‎samples/_TEMPLATE/create.ipynb‎
Lines changed: 7 additions & 16 deletions
diff --git a/‎samples/authX-pro/create.ipynb‎
Lines changed: 12 additions & 28 deletions b/‎samples/authX-pro/create.ipynb‎
Lines changed: 12 additions & 28 deletions
diff --git a/‎samples/authX/create.ipynb‎
Lines changed: 11 additions & 26 deletions b/‎samples/authX/create.ipynb‎
Lines changed: 11 additions & 26 deletions
@@ -187,7 +187,7 @@
     "from apimtesting import ApimTesting\n",
     "\n",
     "reqs = ApimRequests(apim_gateway_url)\n",
-    "tests = ApimTesting(\"AFD-APIM-PE Tests (Pre-Lockdown)\")\n",
+    "tests = ApimTesting(\"AFD-APIM-PE Tests (Pre-Lockdown)\", deployment, deployment)\n",
     "\n",
     "utils.print_message('Calling Hello World (Root) API via API Management Gateway URL. Expect 200 (if run before disabling API Management public network access).')\n",
     "output = reqs.singleGet('/')\n",
@@ -255,7 +255,7 @@
     "\n",
     "reqsApim = ApimRequests(apim_gateway_url)\n",
     "reqsAfd  = ApimRequests(afd_endpoint_url)\n",
-    "tests = ApimTesting(\"AFD-APIM-PE Tests (Post-Lockdown)\")\n",
+    "tests = ApimTesting(\"AFD-APIM-PE Tests (Post-Lockdown)\", deployment, deployment)\n",
     "\n",
     "# 1) Unsuccessful call to APIM Gateway URL (should fail with 403 Forbidden)\n",
     "output = reqsApim.singleGet('/', msg = '1) Calling Hello World (Root) API via API Management Gateway URL. Expect 403 as APIM public access is disabled now.')\n",
 
@@ -130,7 +130,7 @@
     "from apimtesting import ApimTesting\n",
     "\n",
     "reqs = ApimRequests(apim_gateway_url)\n",
-    "tests = ApimTesting(\"APIM-ACA Tests\")\n",
+    "tests = ApimTesting(\"APIM-ACA Tests\", deployment, deployment)\n",
     "\n",
     "output = reqs.singleGet('/', msg = 'Calling Hello World (Root) API')\n",
     "tests.verify(output, 'Hello World from API Management!')\n",
 
@@ -112,7 +112,7 @@
     "from apimtesting import ApimTesting\n",
     "\n",
     "reqs = ApimRequests(apim_gateway_url)\n",
-    "tests = ApimTesting(\"Simple APIM Tests\")\n",
+    "tests = ApimTesting(\"Simple APIM Tests\", deployment, deployment)\n",
     "\n",
     "output = reqs.singleGet('/', msg = 'Calling Hello World (Root) API')\n",
     "tests.verify(output, 'Hello World from API Management!')\n",
 
@@ -30,10 +30,9 @@
     "api_prefix  = ''                            # OPTIONAL: ENTER A PREFIX FOR THE APIS TO REDUCE COLLISION POTENTIAL WITH OTHER SAMPLES\n",
     "\n",
     "# 2) Service-defined parameters (please do not change these)\n",
-    "rg_name = utils.get_infra_rg_name(deployment, index)\n",
-    "supported_infrastructures = []              # ENTER SUPPORTED INFRASTRUCTURES HERE, e.g., [INFRASTRUCTURE.AFD_APIM_PE, INFRASTRUCTURE.AFD_APIM_FE]\n",
-    "utils.validate_infrastructure(deployment, supported_infrastructures)\n",
-    "sample_folder = \"_TEMPLATE\"                 # ENTER THE SAMPLE FOLDER NAME HERE, e.g., '_TEMPLATE'  \n",
+    "rg_name       = utils.get_infra_rg_name(deployment, index)\n",
+    "sample_folder = \"_TEMPLATE\"\n",
+    "nb_helper     = utils.NotebookHelper(sample_folder, rg_name, rg_location, deployment, [INFRASTRUCTURE.SIMPLE_APIM])\n",
     "\n",
     "# 3) Define the APIs and their operations and policies\n",
     "\n",
@@ -74,19 +73,11 @@
     "    'apis': {'value': [api.to_dict() for api in apis]}\n",
     "}\n",
     "\n",
-    "# 2) Infrastructure must be in place before samples can be layered on top\n",
-    "if not utils.does_resource_group_exist(rg_name):\n",
-    "    utils.print_error(f'The specified infrastructure resource group and its resources must exist first. Please check that the user-defined parameters above are correctly referencing an existing infrastructure. If it does not yet exist, run the desired infrastructure in the /infra/ folder first.')\n",
-    "    raise SystemExit(1)\n",
+    "# 2) Deploy the bicep template\n",
+    "output = nb_helper.deploy_bicep(bicep_parameters)\n",
     "\n",
-    "# 3) Run the deployment using the utility function that handles working directory management\n",
-    "output = utils.create_bicep_deployment_group_for_sample('_TEMPLATE', rg_name, rg_location, bicep_parameters)\n",
-    "\n",
-    "# 4) Print a deployment summary, if successful; otherwise, exit with an error\n",
-    "if not output.success:\n",
-    "    raise SystemExit('Deployment failed')\n",
-    "\n",
-    "if output.success and output.json_data:\n",
+    "if output.json_data:\n",
+    "    apim_name = output.get('apimServiceName', 'APIM Service Name')\n",
     "    apim_gateway_url = output.get('apimResourceGatewayURL', 'APIM API Gateway URL')\n",
     "\n",
     "utils.print_ok('Deployment completed')"
 
@@ -18,7 +18,6 @@
    "outputs": [],
    "source": [
     "import utils\n",
-    "import time\n",
     "from apimtypes import *\n",
     "\n",
     "# 1) User-defined parameters (change these as needed)\n",
@@ -29,28 +28,21 @@
     "api_prefix  = 'authX-pro-'               # OPTIONAL: ENTER A PREFIX FOR THE APIS TO REDUCE COLLISION POTENTIAL WITH OTHER SAMPLES\n",
     "\n",
     "# 2) Service-defined parameters (please do not change these)\n",
-    "rg_name = utils.get_infra_rg_name(deployment, index)\n",
-    "supported_infrastructures = [INFRASTRUCTURE.SIMPLE_APIM, INFRASTRUCTURE.AFD_APIM_PE, INFRASTRUCTURE.APIM_ACA]        # ENTER SUPPORTED INFRASTRUCTURES HERE, e.g., [INFRASTRUCTURE.AFD_APIM_PE, INFRASTRUCTURE.AFD_APIM_FE]\n",
-    "utils.validate_infrastructure(deployment, supported_infrastructures)\n",
+    "rg_name       = utils.get_infra_rg_name(deployment, index)\n",
     "sample_folder = \"authX-pro\"\n",
-    "\n",
-    "# Set up the signing key for the JWT policy\n",
-    "jwt_key_name = f'JwtSigningKey{int(time.time())}'\n",
-    "jwt_key_value, jwt_key_value_bytes_b64 = utils.generate_signing_key()\n",
-    "utils.print_val('JWT key value', jwt_key_value)                         # this value is used to create the signed JWT token for requests to APIM\n",
-    "utils.print_val('JWT key value (base64)', jwt_key_value_bytes_b64)      # this value is used in the APIM validate-jwt policy's issuer-signing-key attribute  \n",
+    "nb_helper     = utils.NotebookHelper(sample_folder, rg_name, rg_location, deployment, [INFRASTRUCTURE.AFD_APIM_PE, INFRASTRUCTURE.APIM_ACA, INFRASTRUCTURE.SIMPLE_APIM], True)\n",
     "\n",
     "# 3) Set up the named values\n",
     "nvs: List[NamedValue] = [\n",
-    "    NamedValue(jwt_key_name, jwt_key_value_bytes_b64, True),\n",
+    "    NamedValue(nb_helper.jwt_key_name, nb_helper.jwt_key_value_bytes_b64, True),\n",
     "    NamedValue('HRMemberRoleId', Role.HR_MEMBER),\n",
     "    NamedValue('HRAssociateRoleId', Role.HR_ASSOCIATE),\n",
     "    NamedValue('HRAdministratorRoleId', Role.HR_ADMINISTRATOR)\n",
     "]\n",
     "\n",
     "# 4) Set up the policy fragments\n",
     "pf_authx_hr_member_xml = utils.read_policy_xml('pf-authx-hr-member.xml', {\n",
-    "    'jwt_signing_key': jwt_key_name,\n",
+    "    'jwt_signing_key': nb_helper.jwt_key_name,\n",
     "    'hr_member_role_id': 'HRMemberRoleId'\n",
     "}, sample_folder)\n",
     "\n",
@@ -62,7 +54,7 @@
     "\n",
     "# HR Product with authentication policy, including authorization via a required claim check for HR member role\n",
     "hr_product_xml = utils.read_policy_xml('hr_product.xml', {\n",
-    "    'jwt_signing_key': jwt_key_name, \n",
+    "    'jwt_signing_key': nb_helper.jwt_key_name, \n",
     "    'hr_member_role_id': 'HRMemberRoleId'\n",
     "}, sample_folder)\n",
     "\n",
@@ -125,19 +117,11 @@
     "    'products': {'value': [product.to_dict() for product in products]}\n",
     "}\n",
     "\n",
-    "# 2) Infrastructure must be in place before samples can be layered on top\n",
-    "if not utils.does_resource_group_exist(rg_name):\n",
-    "    utils.print_error(f'The specified infrastructure resource group and its resources must exist first. Please check that the user-defined parameters above are correctly referencing an existing infrastructure. If it does not yet exist, run the desired infrastructure in the /infra/ folder first.')\n",
-    "    raise SystemExit(1)\n",
-    "\n",
-    "# 3) Run the deployment using the utility function that handles working directory management\n",
-    "output = utils.create_bicep_deployment_group_for_sample(sample_folder, rg_name, rg_location, bicep_parameters)\n",
-    "\n",
-    "# 4) Print a deployment summary, if successful; otherwise, exit with an error\n",
-    "if not output.success:\n",
-    "    raise SystemExit('Deployment failed')\n",
+    "# 2) Deploy the bicep template\n",
+    "output = nb_helper.deploy_bicep(bicep_parameters)\n",
     "\n",
-    "if output.success and output.json_data:\n",
+    "if output.json_data:\n",
+    "    apim_name = output.get('apimServiceName', 'APIM Service Name')\n",
     "    apim_gateway_url = output.get('apimResourceGatewayURL', 'APIM API Gateway URL')\n",
     "\n",
     "utils.print_ok('Deployment completed')"
@@ -167,14 +151,14 @@
     "from users import UserHelper\n",
     "from authfactory import AuthFactory\n",
     "\n",
-    "tests = ApimTesting(\"AuthX-Pro Sample Tests\")\n",
+    "tests = ApimTesting(\"AuthX-Pro Sample Tests\", sample_folder, deployment)\n",
     "\n",
     "# Preflight: Check if the infrastructure architecture deployment uses Azure Front Door. If so, assume that APIM is not directly accessible and use the Front Door URL instead.\n",
     "endpoint_url = utils.test_url_preflight_check(deployment, rg_name, apim_gateway_url)\n",
     "\n",
     "# 1) HR Administrator\n",
     "# Create a JSON Web Token with a payload and sign it with the symmetric key from above.\n",
-    "encoded_jwt_token_hr_admin = AuthFactory.create_symmetric_jwt_token_for_user(UserHelper.get_user_by_role(Role.HR_ADMINISTRATOR), jwt_key_value)\n",
+    "encoded_jwt_token_hr_admin = AuthFactory.create_symmetric_jwt_token_for_user(UserHelper.get_user_by_role(Role.HR_ADMINISTRATOR), nb_helper.jwt_key_value)\n",
     "print(f'\\nJWT token for HR Admin:\\n{encoded_jwt_token_hr_admin}')  # this value is used to call the APIs via APIM\n",
     "\n",
     "# Set up an APIM requests object with the JWT token\n",
@@ -196,7 +180,7 @@
     "\n",
     "# 2) HR Associate\n",
     "# Create a JSON Web Token with a payload and sign it with the symmetric key from above.\n",
-    "encoded_jwt_token_hr_associate = AuthFactory.create_symmetric_jwt_token_for_user(UserHelper.get_user_by_role(Role.HR_ASSOCIATE), jwt_key_value)\n",
+    "encoded_jwt_token_hr_associate = AuthFactory.create_symmetric_jwt_token_for_user(UserHelper.get_user_by_role(Role.HR_ASSOCIATE), nb_helper.jwt_key_value)\n",
     "print(f'\\nJWT token for HR Associate:\\n{encoded_jwt_token_hr_associate}')  # this value is used to call the APIs via APIM\n",
     "\n",
     "# Set up an APIM requests object with the JWT token\n",
 
@@ -30,23 +30,16 @@
     "api_prefix  = 'authX-'               # OPTIONAL: ENTER A PREFIX FOR THE APIS TO REDUCE COLLISION POTENTIAL WITH OTHER SAMPLES\n",
     "\n",
     "# 2) Service-defined parameters (please do not change these)\n",
-    "rg_name = utils.get_infra_rg_name(deployment, index)\n",
-    "supported_infrastructures = [INFRASTRUCTURE.SIMPLE_APIM, INFRASTRUCTURE.AFD_APIM_PE, INFRASTRUCTURE.APIM_ACA]        # ENTER SUPPORTED INFRASTRUCTURES HERE, e.g., [INFRASTRUCTURE.AFD_APIM_PE, INFRASTRUCTURE.AFD_APIM_FE]\n",
-    "utils.validate_infrastructure(deployment, supported_infrastructures)\n",
+    "rg_name       = utils.get_infra_rg_name(deployment, index)\n",
     "sample_folder = \"authX\"\n",
-    "\n",
-    "# Set up the signing key for the JWT policy\n",
-    "jwt_key_name = f'JwtSigningKey{int(time.time())}'\n",
-    "jwt_key_value, jwt_key_value_bytes_b64 = utils.generate_signing_key()\n",
-    "utils.print_val('JWT key value', jwt_key_value)                         # this value is used to create the signed JWT token for requests to APIM\n",
-    "utils.print_val('JWT key value (base64)', jwt_key_value_bytes_b64)      # this value is used in the APIM validate-jwt policy's issuer-signing-key attribute  \n",
+    "nb_helper     = utils.NotebookHelper(sample_folder, rg_name, rg_location, deployment, [INFRASTRUCTURE.AFD_APIM_PE, INFRASTRUCTURE.APIM_ACA, INFRASTRUCTURE.SIMPLE_APIM], True)\n",
     "\n",
     "# 3) Define the APIs and their operations and policies\n",
     "\n",
     "# Policies\n",
     "# Named values must be set up a bit differently as they need to have two surrounding curly braces\n",
     "hr_all_operations_xml = utils.read_policy_xml('hr_all_operations.xml', sample_name = sample_folder).format(\n",
-    "    jwt_signing_key = '{{' + jwt_key_name + '}}', \n",
+    "    jwt_signing_key = '{{' + nb_helper.jwt_key_name + '}}', \n",
     "    hr_member_role_id = '{{HRMemberRoleId}}'\n",
     ")\n",
     "hr_get_xml = utils.read_policy_xml('hr_get.xml', sample_name = sample_folder).format(\n",
@@ -67,7 +60,7 @@
     "\n",
     "# 4) Set up the named values\n",
     "nvs: List[NamedValue] = [\n",
-    "    NamedValue(jwt_key_name, jwt_key_value_bytes_b64, True),\n",
+    "    NamedValue(nb_helper.jwt_key_name, nb_helper.jwt_key_value_bytes_b64, True),\n",
     "    NamedValue('HRMemberRoleId', Role.HR_MEMBER),\n",
     "    NamedValue('HRAssociateRoleId', Role.HR_ASSOCIATE),\n",
     "    NamedValue('HRAdministratorRoleId', Role.HR_ADMINISTRATOR)\n",
@@ -99,19 +92,11 @@
     "    'namedValues': {'value': [nv.to_dict() for nv in nvs]}\n",
     "}\n",
     "\n",
-    "# 2) Infrastructure must be in place before samples can be layered on top\n",
-    "if not utils.does_resource_group_exist(rg_name):\n",
-    "    utils.print_error(f'The specified infrastructure resource group and its resources must exist first. Please check that the user-defined parameters above are correctly referencing an existing infrastructure. If it does not yet exist, run the desired infrastructure in the /infra/ folder first.')\n",
-    "    raise SystemExit(1)\n",
-    "\n",
-    "# 3) Run the deployment using the utility function that handles working directory management\n",
-    "output = utils.create_bicep_deployment_group_for_sample(sample_folder, rg_name, rg_location, bicep_parameters)\n",
-    "\n",
-    "# 4) Print a deployment summary, if successful; otherwise, exit with an error\n",
-    "if not output.success:\n",
-    "    raise SystemExit('Deployment failed')\n",
+    "# 2) Deploy the bicep template\n",
+    "output = nb_helper.deploy_bicep(bicep_parameters)\n",
     "\n",
-    "if output.success and output.json_data:\n",
+    "if output.json_data:\n",
+    "    apim_name = output.get('apimServiceName', 'APIM Service Name')\n",
     "    apim_gateway_url = output.get('apimResourceGatewayURL', 'APIM API Gateway URL')\n",
     "\n",
     "utils.print_ok('Deployment completed')"
@@ -141,14 +126,14 @@
     "from users import UserHelper\n",
     "from authfactory import AuthFactory\n",
     "\n",
-    "tests = ApimTesting(\"AuthX Sample Tests\")\n",
+    "tests = ApimTesting(\"AuthX Sample Tests\", sample_folder, deployment)\n",
     "\n",
     "# Preflight: Check if the infrastructure architecture deployment uses Azure Front Door. If so, assume that APIM is not directly accessible and use the Front Door URL instead.\n",
     "endpoint_url = utils.test_url_preflight_check(deployment, rg_name, apim_gateway_url)\n",
     "\n",
     "# 1) HR Administrator\n",
     "# Create a JSON Web Token with a payload and sign it with the symmetric key from above.\n",
-    "encoded_jwt_token_hr_admin = AuthFactory.create_symmetric_jwt_token_for_user(UserHelper.get_user_by_role(Role.HR_ADMINISTRATOR), jwt_key_value)\n",
+    "encoded_jwt_token_hr_admin = AuthFactory.create_symmetric_jwt_token_for_user(UserHelper.get_user_by_role(Role.HR_ADMINISTRATOR), nb_helper.jwt_key_value)\n",
     "print(f'\\nJWT token for HR Admin:\\n{encoded_jwt_token_hr_admin}')  # this value is used to call the APIs via APIM\n",
     "\n",
     "# Set up an APIM requests object with the JWT token\n",
@@ -164,7 +149,7 @@
     "\n",
     "# 2) HR Associate\n",
     "# Create a JSON Web Token with a payload and sign it with the symmetric key from above.\n",
-    "encoded_jwt_token_hr_associate = AuthFactory.create_symmetric_jwt_token_for_user(UserHelper.get_user_by_role(Role.HR_ASSOCIATE), jwt_key_value)\n",
+    "encoded_jwt_token_hr_associate = AuthFactory.create_symmetric_jwt_token_for_user(UserHelper.get_user_by_role(Role.HR_ASSOCIATE), nb_helper.jwt_key_value)\n",
     "print(f'\\nJWT token for HR Associate:\\n{encoded_jwt_token_hr_associate}')  # this value is used to call the APIs via APIM\n",
     "\n",
     "# Set up an APIM requests object with the JWT token\n",