From abe8aef0e37c610d44fc45b20ec4eface809d019 Mon Sep 17 00:00:00 2001
From: JasSuri <jasuri@microsoft.com>
Date: Thu, 14 Sep 2023 14:19:04 +0100
Subject: [PATCH] register email otp properly for sspr

---
 .../readme.md                                 |  1 +
 .../source-code/ciamHelper.cs                 | 39 ++++++++++++++++++-
 2 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/policies/migrate-to-entra-external-id-for-customers/readme.md b/policies/migrate-to-entra-external-id-for-customers/readme.md
index 4426c186..768b8bfd 100644
--- a/policies/migrate-to-entra-external-id-for-customers/readme.md
+++ b/policies/migrate-to-entra-external-id-for-customers/readme.md
@@ -19,6 +19,7 @@ Users are sent to the AAD B2C authentiaction endpoint. An Azure function orchest
 ### Create application registrations
 1. Create an Application registration in the Entra External Id tenant, named **RopcFromB2C**. Choose Native App. Copy the AppId/ClientId
 1. In the Authentication menu, enable **Allow public client**
+1. In the manifest, set
 
 1. Create an Application registration in the Entra External Id tenant, named **GraphCallsFromB2CTenant**. Choose Web App. Copy the AppId/ClientId
 1. Under API permissions, add MS Graph API **Application** permissions: `User.ReadWrite.All` and `UserAuthenticationMethod.ReadWrite.All`
diff --git a/policies/migrate-to-entra-external-id-for-customers/source-code/ciamHelper.cs b/policies/migrate-to-entra-external-id-for-customers/source-code/ciamHelper.cs
index aeed7581..1266b49e 100644
--- a/policies/migrate-to-entra-external-id-for-customers/source-code/ciamHelper.cs
+++ b/policies/migrate-to-entra-external-id-for-customers/source-code/ciamHelper.cs
@@ -142,6 +142,18 @@ public static async Task<IActionResult> Run(
                     try
                     {
                         var result = await graphClient.Users.PostAsync(userRequestBody);
+                        string stringObjectId = result.Id;
+
+                            try 
+                            {
+                                await DoWithRetryAsync(TimeSpan.FromSeconds(1), tryCount: 10, stringObjectId, email, graphClient);
+                           
+                            }
+                            catch (Exception enrolEx)
+                            {
+                                return new ConflictObjectResult(enrolEx);
+                            }
+                    
                         return new OkObjectResult(result);
                     }
                     catch (Exception ex)
@@ -182,10 +194,33 @@ public static async Task<IActionResult> Run(
 
             return new OkObjectResult(null);
         }
-
+        public static async Task EnrolEmail(GraphServiceClient graphClient, string email, string objectId){
+            var emailAuthMethodRequestBody = new EmailAuthenticationMethod
+            {
+                EmailAddress = email
+            };
+            var result = await graphClient.Users[objectId].Authentication.EmailMethods.PostAsync(emailAuthMethodRequestBody);
+            //return new OkObjectResult(enrolResult);
+        }
+    
+        public static async Task DoWithRetryAsync(TimeSpan sleepPeriod, int tryCount = 3, string objectId="test", string email="test", GraphServiceClient graphClient=null)
+        {
+            if (tryCount <= 0)
+                throw new ArgumentOutOfRangeException(nameof(tryCount));
+
+            while (true) {
+                try {
+                    await EnrolEmail(graphClient, email, objectId);
+                    return;
+                } catch {
+                    if (--tryCount == 0)
+                        throw;
+                    await Task.Delay(sleepPeriod);
+                }
+            }
+        }
     }
 
-
     public class B2CResponseModel
     {
         public string version { get; set; }