Feature: added cmdlet to retrieve sign in logs

CHANGELOG.md

@@ -36,6 +36,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 - Added `Remove-PnPTeamsTag` cmdlet to delete a Team tag. [#2419](https://github.com/pnp/powershell/pull/2419)
 - Added `Disable-PnPPowerShellTelemetry` cmdlet to disable telemetry collection. [#2432](https://github.com/pnp/powershell/pull/2432)
 - Added `Enable-PnPPowerShellTelemetry` cmdlet to enable telemetry collection. [#2432](https://github.com/pnp/powershell/pull/2432)
+- Added `Get-PnPAzureADActivityReportSignIn` cmdlet to enable retrieving of Azure AD sign ins.
 
 ### Changed
 

documentation/Get-PnPAzureADActivityReportSignIn.md

@@ -0,0 +1,107 @@
+---
+external help file: PnP.PowerShell.dll-Help.xml
+Module Name: PnP.PowerShell
+online version: https://pnp.github.io/powershell/cmdlets/Get-PnPAzureADActivityReportSignIn.html
+schema: 2.0.0
+applicable: SharePoint Online
+title: Get-PnPAzureADActivityReportSignIn
+---
+
+# Get-PnPAzureADActivityReportSignIn
+
+## SYNOPSIS
+
+**Required Permissions**
+
+* Microsoft Graph API: AuditLog.Read.All and Directory.Read.All
+
+Returns the sign in logs generated by Azure AD.
+
+## SYNTAX
+
+```powershell
+Get-PnPAzureADActivityReportSignIn [-Identity <string>] [-Filter <string>] [-Connection <PnPConnection>]
+```
+
+## DESCRIPTION
+
+This cmdlet gets the list of sign in logs generated by Azure AD. 
+
+## EXAMPLES
+
+### Example 1
+
+```powershell
+Get-PnPAzureADActivityReportSignIn
+```
+
+Returns all sign logs generated by Azure AD.
+
+### Example 2
+
+```powershell
+Get-PnPAzureADSignIn -Identity "da364266-533d-3186-a8b2-44ee1c21af11"
+```
+
+Returns the sign in log with specific ID.
+
+### Example 3
+
+```powershell
+Get-PnPAzureADSignIn -Filter "startsWith(appDisplayName,'Graph')"
+```
+
+Returns the sign in logs based on filter condition.
+
+## PARAMETERS
+
+### -Identity
+
+Specify the ID of the sign in log.
+
+```yaml
+Type: string
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -Filter
+
+Specify the Filter condition for the sign in log report.
+
+```yaml
+Type: string
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -Connection
+
+Optional connection to be used by the cmdlet. Retrieve the value for this parameter by either specifying -ReturnConnection on Connect-PnPOnline or by executing Get-PnPConnection.
+
+```yaml
+Type: PnPConnection
+Parameter Sets: (All)
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+## RELATED LINKS
+
+[Microsoft 365 Patterns and Practices](https://aka.ms/m365pnp)

src/Commands/AzureAD/GetAzureADActivityReportSignIn.cs

@@ -0,0 +1,47 @@
+using PnP.PowerShell.Commands.Attributes;
+using PnP.PowerShell.Commands.Base;
+using PnP.PowerShell.Commands.Utilities.REST;
+using System;
+using System.Collections.Generic;
+using System.Management.Automation;
+using System.Text;
+
+namespace PnP.PowerShell.Commands.AzureAD
+{
+    [Cmdlet(VerbsCommon.Get, "PnPAzureADActivityReportSignIn")]
+    [RequiredMinimalApiPermissions("AuditLog.Read.All")]
+    public class GetAzureADActivityReportSignIn : PnPGraphCmdlet
+    {
+        [Parameter(Mandatory = false)]
+        public string Identity;
+
+        [Parameter(Mandatory = false)]
+        public string Filter;
+
+        protected override void ExecuteCmdlet()
+        {
+            var signInUrl = "/v1.0/auditLogs/signIns";
+
+            if (!string.IsNullOrEmpty(Identity))
+            {
+                signInUrl += $"/{Identity}";
+            }
+
+            if (!string.IsNullOrEmpty(Filter))
+            {
+                signInUrl += $"?$filter={Filter}";
+            }
+
+            if (ParameterSpecified(nameof(Identity)))
+            {
+                var auditResults = GraphHelper.GetAsync<Model.AzureAD.AzureADSignIn>(Connection, signInUrl, AccessToken).GetAwaiter().GetResult();
+                WriteObject(auditResults, false);
+            }
+            else
+            {
+                var auditResults = GraphHelper.GetResultCollectionAsync<Model.AzureAD.AzureADSignIn>(Connection, signInUrl, AccessToken).GetAwaiter().GetResult();
+                WriteObject(auditResults, true);
+            }
+        }
+    }
+}

src/Commands/Model/AzureAD/AzureADSignIn.cs

@@ -0,0 +1,79 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Text.Json.Serialization;
+
+namespace PnP.PowerShell.Commands.Model.AzureAD
+{
+    public class AzureADSignIn
+    {
+        [JsonPropertyName("id")]
+        public string Id { get; set; }
+
+        [JsonPropertyName("createdDateTime")]
+        public DateTime CreatedDateTime { get; set; }
+
+        [JsonPropertyName("userDisplayName")]
+        public string UserDisplayName { get; set; }
+
+        [JsonPropertyName("userPrincipalName")]
+        public string UserPrincipalName { get; set; }
+
+        [JsonPropertyName("userId")]
+        public string UserId { get; set; }
+
+        [JsonPropertyName("appId")]
+        public string AppId { get; set; }
+
+        [JsonPropertyName("appDisplayName")]
+        public string AppDisplayName { get; set; }
+
+        [JsonPropertyName("ipAddress")]
+        public string IpAddress { get; set; }
+
+        [JsonPropertyName("clientAppUsed")]
+        public string ClientAppUsed { get; set; }
+
+        [JsonPropertyName("correlationId")]
+        public string CorrelationId { get; set; }
+
+        [JsonPropertyName("conditionalAccessStatus")]
+        public string ConditionalAccessStatus { get; set; }
+
+        [JsonPropertyName("isInteractive")]
+        public bool IsInteractive { get; set; }
+
+        [JsonPropertyName("riskDetail")]
+        public string RiskDetail { get; set; }
+
+        [JsonPropertyName("riskLevelAggregated")]
+        public string RiskLevelAggregated { get; set; }
+
+        [JsonPropertyName("riskLevelDuringSignIn")]
+        public string RiskLevelDuringSignIn { get; set; }
+
+        [JsonPropertyName("riskState")]
+        public string RiskState { get; set; }
+
+        [JsonPropertyName("riskEventTypes")]
+        public List<object> RiskEventTypes { get; set; }
+
+        [JsonPropertyName("resourceDisplayName")]
+        public string ResourceDisplayName { get; set; }
+
+        [JsonPropertyName("resourceId")]
+        public string ResourceId { get; set; }
+
+        [JsonPropertyName("status")]
+        public AzureADSignInStatus Status { get; set; }
+
+        [JsonPropertyName("deviceDetail")]
+        public AzureADSignInDeviceDetail DeviceDetail { get; set; }
+
+        [JsonPropertyName("location")]
+        public AzureADSignInLocation Location { get; set; }
+
+        [JsonPropertyName("appliedConditionalAccessPolicies")]
+        public List<AzureADSignInAppliedConditionalAccessPolicy> AppliedConditionalAccessPolicies { get; set; }
+    }
+}

src/Commands/Model/AzureAD/AzureADSignInAppliedConditionalAccessPolicy.cs

@@ -0,0 +1,25 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Text.Json.Serialization;
+
+namespace PnP.PowerShell.Commands.Model.AzureAD
+{
+    public class AzureADSignInAppliedConditionalAccessPolicy
+    {
+        [JsonPropertyName("id")]
+        public string Id { get; set; }
+
+        [JsonPropertyName("displayName")]
+        public string DisplayName { get; set; }
+
+        [JsonPropertyName("enforcedGrantControls")]
+        public List<object> EnforcedGrantControls { get; set; }
+
+        [JsonPropertyName("enforcedSessionControls")]
+        public List<object> EnforcedSessionControls { get; set; }
+
+        [JsonPropertyName("result")]
+        public string Result { get; set; }
+    }
+}

src/Commands/Model/AzureAD/AzureADSignInDeviceDetail.cs

@@ -0,0 +1,31 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Text.Json.Serialization;
+
+namespace PnP.PowerShell.Commands.Model.AzureAD
+{
+    public class AzureADSignInDeviceDetail
+    {
+        [JsonPropertyName("deviceId")]
+        public string DeviceId { get; set; }
+
+        [JsonPropertyName("displayName")]
+        public string DisplayName { get; set; }
+
+        [JsonPropertyName("operatingSystem")]
+        public string OperatingSystem { get; set; }
+
+        [JsonPropertyName("browser")]
+        public string Browser { get; set; }
+
+        [JsonPropertyName("isCompliant")]
+        public bool IsCompliant { get; set; }
+
+        [JsonPropertyName("isManaged")]
+        public bool IsManaged { get; set; }
+
+        [JsonPropertyName("trustType")]
+        public object TrustType { get; set; }
+    }
+}

src/Commands/Model/AzureAD/AzureADSignInGeoCoordinates.cs

@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Text.Json.Serialization;
+
+namespace PnP.PowerShell.Commands.Model.AzureAD
+{
+    public class AzureADSignInGeoCoordinates
+    {
+        [JsonPropertyName("altitude")]
+        public object Altitude { get; set; }
+
+        [JsonPropertyName("latitude")]
+        public double Latitude { get; set; }
+
+        [JsonPropertyName("longitude")]
+        public double Longitude { get; set; }
+    }
+}

src/Commands/Model/AzureAD/AzureADSignInLocation.cs

@@ -0,0 +1,22 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Text.Json.Serialization;
+
+namespace PnP.PowerShell.Commands.Model.AzureAD
+{
+    public class AzureADSignInLocation
+    {
+        [JsonPropertyName("city")]
+        public string City { get; set; }
+
+        [JsonPropertyName("state")]
+        public string State { get; set; }
+
+        [JsonPropertyName("countryOrRegion")]
+        public string CountryOrRegion { get; set; }
+
+        [JsonPropertyName("geoCoordinates")]
+        public AzureADSignInGeoCoordinates GeoCoordinates { get; set; }
+    }
+}

src/Commands/Model/AzureAD/AzureADSignInStatus.cs

@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Text.Json.Serialization;
+
+namespace PnP.PowerShell.Commands.Model.AzureAD
+{
+    public class AzureADSignInStatus
+    {
+        [JsonPropertyName("errorCode")]
+        public int ErrorCode { get; set; }
+
+        [JsonPropertyName("failureReason")]
+        public string FailureReason { get; set; }
+
+        [JsonPropertyName("additionalDetails")]
+        public object AdditionalDetails { get; set; }
+    }
+}