[BUG]? - Grant-PnPTenantServicePrincipalPermission timing out

brianpmccullough commented 3 years ago

Grant-PnPTenantServicePrincipalPermission is timing out consistently for me.

Reporting an Issue or Missing Feature

The cmdlet is timing out and not completing and indicates a timeout. I have resorted to the M365 CLI which is working for me: m365 spo serviceprincipal grant add

Expected behavior

Service Principal added and available in https://[tenant]-admin.sharepoint.com/_layouts/15/online/AdminHome.aspx#/webApiPermissionManagement

Actual behavior

` Grant-PnPTenantServicePrincipalPermission : The operation has timed out At line:1 char:1

Grant-PnPTenantServicePrincipalPermission -Scope "User.ReadBasic.All" ...


+ CategoryInfo          : WriteError: (:) [Grant-PnPTenant...cipalPermission], WebException
+ FullyQualifiedErrorId : EXCEPTION,PnP.PowerShell.Commands.Apps.GrantTenantServicePrincipalPermission
`

Steps to reproduce behavior

Please include complete code samples in-line or linked from gists

` $tenant = "[yourtenant]"

$username = [Environment]::UserName $searcher = [adsisearcher]"(samaccountname=$env:USERNAME)" $email = $searcher.FindOne().Properties.mail $email = $email.Replace("@myco.com", "@$tenant.onmicrosoft.com")

if ($cred -eq $null){ $cred = Get-Credential -UserName $email -Message "Please enter your credentials for SharePoint Online in the '$tenant' tennant." }

$tenantAdminUrl = "https://$tenant-admin.sharepoint.com/" Connect-PnPOnline $tenantAdminUrl -Credentials $cred Get-PnPWeb

Grant-PnPTenantServicePrincipalPermission -Scope "User.ReadBasic.All" -Resource "Microsoft Graph"

`

Which version of the PnP-PowerShell Cmdlets are you using?

[ ] PnP PowerShell for SharePoint 2013
[ ] PnP PowerShell for SharePoint 2016
[ ] PnP PowerShell for SharePoint 2019
[X ] PnP PowerShell for SharePoint Online

What is the version of the Cmdlet module you are running?

(you can retrieve this by executing Get-Module -Name sharepointpnppowershell* -ListAvailable) 3.26.2010.0

How did you install the PnP-PowerShell Cmdlets?

[ ] MSI Installed downloaded from GitHub
[X] Installed through the PowerShell Gallery with Install-Module
[ ] Other means

mpowney commented 3 years ago

I've been able to reproduce this behaviour with v3.28.2012.0. the command seems to stall indefinitely.

I've enabled Set-PnPTraceLog to level Debug, it seems to stop after the first step

Repro commands:

Connect-PnPOnline https://tenant-admin.sharepoint.com/ -UseWebLogin
$Scope = "Group.Read.All"; $Resource = "Microsoft Graph"
Set-PnPTraceLog -On -WriteToConsole -Level Debug
Grant-PnPTenantServicePrincipalPermission -Scope $Scope -Resource $Resource

The tenant is relatively new - a demo tenant provisioned via the Customer Digital Experience portal

mpowney commented 3 years ago

Running "Fiddler everywhere" with an open session, after executing Grant-PnPTenantServicePrincipalPermission command I'm observing a flood of repeated CSOM requests for the search query 'contentclass:STS_Site AND SiteTemplate:APPCATALOG' with a 'IndexDocId > x.xxxxxxxx' appended to the end of the search query.

pnp / PnP-PowerShell