Bump msgraph-sdk from 1.1.0 to 1.16.0 (#2254)

dependabot[bot] · pamelafox · web-flow · commit 9d272033cb03 · 2025-01-06T12:38:13.000-08:00
* Bump msgraph-sdk from 1.1.0 to 1.16.0 Bumps [msgraph-sdk](https://github.com/microsoftgraph/msgraph-sdk-python) from 1.1.0 to 1.16.0. - [Release notes](https://github.com/microsoftgraph/msgraph-sdk-python/releases) - [Changelog](https://github.com/microsoftgraph/msgraph-sdk-python/blob/main/CHANGELOG.md) - [Commits](microsoftgraph/msgraph-sdk-python@v1.1.0...v1.16.0) --- updated-dependencies: - dependency-name: msgraph-sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updates for latest MS Graph SDK --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Pamela Fox <pamela.fox@gmail.com>
diff --git a/app/backend/requirements.txt b/app/backend/requirements.txt
@@ -193,7 +193,7 @@ msal-extensions==1.2.0
     # via azure-identity
 msgraph-core==1.1.2
     # via msgraph-sdk
-msgraph-sdk==1.1.0
+msgraph-sdk==1.16.0
     # via -r requirements.in
 msrest==0.7.1
     # via azure-monitor-opentelemetry-exporter
diff --git a/scripts/auth_common.py b/scripts/auth_common.py
@@ -8,6 +8,8 @@
 async def get_application(graph_client: GraphServiceClient, client_id: str) -> Optional[str]:
     try:
         app = await graph_client.applications_with_app_id(client_id).get()
+        if app is None:
+            return None
         return app.id
     except APIError:
         return None
diff --git a/scripts/auth_init.py b/scripts/auth_init.py
@@ -3,6 +3,7 @@
 import os
 import random
 import subprocess
+import uuid
 from typing import Tuple
 
 from azure.identity.aio import AzureDeveloperCliCredential
@@ -27,8 +28,12 @@
 
 async def create_application(graph_client: GraphServiceClient, request_app: Application) -> Tuple[str, str]:
     app = await graph_client.applications.post(request_app)
+    if app is None:
+        raise ValueError("Failed to create application")
     object_id = app.id
     client_id = app.app_id
+    if object_id is None or client_id is None:
+        raise ValueError("Created application has no ID or client ID")
 
     # Create a service principal
     request_principal = ServicePrincipal(app_id=client_id, display_name=app.display_name)
@@ -40,8 +45,12 @@ async def add_client_secret(graph_client: GraphServiceClient, app_id: str) -> st
     request_password = AddPasswordPostRequestBody(
         password_credential=PasswordCredential(display_name="WebAppSecret"),
     )
-    result = await graph_client.applications.by_application_id(app_id).add_password.post(request_password)
-    return result.secret_text
+    password_credential = await graph_client.applications.by_application_id(app_id).add_password.post(request_password)
+    if password_credential is None:
+        raise ValueError("Failed to create client secret")
+    if password_credential.secret_text is None:
+        raise ValueError("Created client secret has no secret text")
+    return password_credential.secret_text
 
 
 async def create_or_update_application_with_secret(
@@ -94,7 +103,7 @@ def server_app_permission_setup(server_app_id: str) -> Application:
             known_client_applications=[],
             oauth2_permission_scopes=[
                 PermissionScope(
-                    id="7b207263-0c4a-4127-a6fe-38ea8c8cd1a7",
+                    id=uuid.UUID("{7b207263-0c4a-4127-a6fe-38ea8c8cd1a7}"),
                     admin_consent_display_name="Access Azure Search OpenAI Chat API",
                     admin_consent_description="Allows the app to access Azure Search OpenAI Chat API as the signed-in user.",
                     user_consent_display_name="Access Azure Search OpenAI Chat API",
@@ -111,15 +120,15 @@ def server_app_permission_setup(server_app_id: str) -> Application:
                 resource_app_id="00000003-0000-0000-c000-000000000000",
                 resource_access=[
                     # Graph User.Read
-                    ResourceAccess(id="e1fe6dd8-ba31-4d61-89e7-88639da4683d", type="Scope"),
+                    ResourceAccess(id=uuid.UUID("{e1fe6dd8-ba31-4d61-89e7-88639da4683d}"), type="Scope"),
                     # Graph email
-                    ResourceAccess(id="64a6cdd6-aab1-4aaf-94b8-3cc8405e90d0", type="Scope"),
+                    ResourceAccess(id=uuid.UUID("{64a6cdd6-aab1-4aaf-94b8-3cc8405e90d0}"), type="Scope"),
                     # Graph offline_access
-                    ResourceAccess(id="7427e0e9-2fba-42fe-b0c0-848c9e6a8182", type="Scope"),
+                    ResourceAccess(id=uuid.UUID("{7427e0e9-2fba-42fe-b0c0-848c9e6a8182}"), type="Scope"),
                     # Graph openid
-                    ResourceAccess(id="37f7f235-527c-4136-accd-4a02d197296e", type="Scope"),
+                    ResourceAccess(id=uuid.UUID("{37f7f235-527c-4136-accd-4a02d197296e}"), type="Scope"),
                     # Graph profile
-                    ResourceAccess(id="14dad69e-099b-42c9-810b-d002981feec1", type="Scope"),
+                    ResourceAccess(id=uuid.UUID("{14dad69e-099b-42c9-810b-d002981feec1}"), type="Scope"),
                 ],
             )
         ],
@@ -128,6 +137,10 @@ def server_app_permission_setup(server_app_id: str) -> Application:
 
 
 def client_app(server_app_id: str, server_app: Application, identifier: int) -> Application:
+    if server_app.api is None:
+        raise ValueError("Server app does not have an API")
+    if server_app.api.oauth2_permission_scopes is None or len(server_app.api.oauth2_permission_scopes) == 0:
+        raise ValueError("Server app does not have any permission scopes")
     return Application(
         display_name=f"Azure Search OpenAI Chat Client App {identifier}",
         sign_in_audience="AzureADMyOrg",
@@ -150,7 +163,7 @@ def client_app(server_app_id: str, server_app: Application, identifier: int) ->
             RequiredResourceAccess(
                 resource_app_id="00000003-0000-0000-c000-000000000000",
                 resource_access=[
-                    ResourceAccess(id="e1fe6dd8-ba31-4d61-89e7-88639da4683d", type="Scope"),
+                    ResourceAccess(id=uuid.UUID("e1fe6dd8-ba31-4d61-89e7-88639da4683d"), type="Scope"),
                 ],
             ),
         ],
@@ -160,7 +173,7 @@ def client_app(server_app_id: str, server_app: Application, identifier: int) ->
 def server_app_known_client_application(client_app_id: str) -> Application:
     return Application(
         api=ApiApplication(
-            known_client_applications=[client_app_id],
+            known_client_applications=[uuid.UUID(f"{client_app_id}")],
         )
     )
 
