using System;

using System.Collections;

using System.Collections.Generic;

using System.Linq;

using System.Text;

using System.Runtime.Serialization.Formatters;

using System.IO;

using System.Data;

using System.ComponentModel.DataAnnotations;

using System.Globalization;

using System.Reflection;

​

using Newtonsoft.Json;

using Newtonsoft.Json.Linq;

using Newtonsoft.Json.Converters;

using Newtonsoft.Json.Serialization;    

​

using DevLab.JmesPath;

​

using NUnit.Framework; // Throws NUnit.Framework.AssertionException

​

//https://stackoverflow.com/questions/56566651/c-sharp-parsing-azure-policy-rule-json-to-make-a-tree#56566651

​

    public interface IJTokenWorker

    {

        bool ProcessToken<TConvertible>(JContainer parent, TConvertible index, JToken current, int depth) where TConvertible : IConvertible;

    }

​

    public static partial class JsonExtensions

    {

        public static void WalkTokens(this JToken root, IJTokenWorker worker, bool includeSelf = false)

        {

            if (worker == null)

                throw new ArgumentNullException();

            DoWalkTokens<int>(null, -1, root, worker, 0, includeSelf);

        }

​

        static void DoWalkTokens<TConvertible>(JContainer parent, TConvertible index, JToken current, IJTokenWorker worker, int depth, bool includeSelf) where TConvertible : IConvertible

        {

            if (current == null)

                return;

            if (includeSelf)

            {

                if (!worker.ProcessToken(parent, index, current, depth))

                    return;

            }

            var currentAsContainer = current as JContainer;

            if (currentAsContainer != null)

            {

                IList<JToken> currentAsList = currentAsContainer; // JContainer implements IList<JToken> explicitly

                for (int i = 0; i < currentAsList.Count; i++)

                {

                    var child = currentAsList[i];

                    if (child is JProperty)

                    {

                        DoWalkTokens(currentAsContainer, ((JProperty)child).Name, ((JProperty)child).Value, worker, depth+1, true);

                    }

                    else

                    {

                        DoWalkTokens(currentAsContainer, i, child, worker, depth+1, true);

                    }

                }

            }

        }

    }

​

    class TestClass

    {

        static JmesPath jmes = new JmesPath();

        public static void Test()

        {

            Convert("1");

​

            string policyStr = GetJson();

            Test(policyStr);

            Test(GetComplexTestJson());

        }

        static void Test(string policyStr)

        {

            string str = jmes.Transform(policyStr, "properties.policyRule.if");

            Console.WriteLine("Input JSON:");

            Console.WriteLine(JToken.Parse(str));

            Console.WriteLine("\nJSON dump:");

            Convert(str);

        }   

        static string GetComplexTestJson()

        {

            var json = @"{

  ""properties"": {

    ""displayName"": ""Audit if Key Vault has no virtual network rules"",

    ""policyType"": ""Custom"",

    ""mode"": ""Indexed"",

    ""description"": ""Audits Key Vault vaults if they do not have virtual network service endpoints set up. More information on virtual network service endpoints in Key Vault is available here: _https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overview-vnet-service-endpoints"",

    ""metadata"": {

      ""category"": ""Key Vault"",

      ""createdBy"": """",

    },

    ""parameters"": {},

    ""policyRule"": {

      ""if"": {

        ""array"": [1, 2, ""3"", 4, { ""aa"" : [""bb""]}, ""z""],

        ""JConstructor example"": new Something(1, 2, 3),

        ""null"": null,

        ""allOf"": [

          {

            ""field"": ""type"",

            ""equals"": ""Microsoft.KeyVault/vaults""

          },

          {

            ""anyOf"": [

              {

                ""field"": ""Microsoft.KeyVault/vaults/networkAcls.virtualNetworkRules[*].id"",

                ""exists"": ""false""

              },

              {

                ""field"": ""Microsoft.KeyVault/vaults/networkAcls.virtualNetworkRules[*].id"",

                ""notLike"": ""*""

              },

              {

                ""field"": ""Microsoft.KeyVault/vaults/networkAcls.defaultAction"",

                ""equals"": ""Allow""

              }

            ]

          }

        ]

      },

      ""then"": {

        ""effect"": ""audit""

      }

    }

  },

  ""id"": ""/subscriptions/xxxxxx/providers/Microsoft.Authorization/policyDefinitions/wkpolicydef"",

  ""type"": ""Microsoft.Authorization/policyDefinitions"",

  ""name"": ""xyz""

}";

            return json;

        }

        static string GetJson()

        {

            var json = @"{

  ""properties"": {

    ""displayName"": ""Audit if Key Vault has no virtual network rules"",

    ""policyType"": ""Custom"",

    ""mode"": ""Indexed"",

    ""description"": ""Audits Key Vault vaults if they do not have virtual network service endpoints set up. More information on virtual network service endpoints in Key Vault is available here: _https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overview-vnet-service-endpoints"",

    ""metadata"": {

      ""category"": ""Key Vault"",

      ""createdBy"": """",

      ""createdOn"": """",

      ""updatedBy"": """",

      ""updatedOn"": """"

    },

    ""parameters"": {},

    ""policyRule"": {

      ""if"": {

        ""allOf"": [

          {

            ""field"": ""type"",

            ""equals"": ""Microsoft.KeyVault/vaults""

          },

          {

            ""anyOf"": [

              {

                ""field"": ""Microsoft.KeyVault/vaults/networkAcls.virtualNetworkRules[*].id"",

                ""exists"": ""false""

              },

              {

                ""field"": ""Microsoft.KeyVault/vaults/networkAcls.virtualNetworkRules[*].id"",

                ""notLike"": ""*""

              },

              {

                ""field"": ""Microsoft.KeyVault/vaults/networkAcls.defaultAction"",

                ""equals"": ""Allow""

              }

            ]

          }

        ]

      },

      ""then"": {

        ""effect"": ""audit""

      }

    }

  },

  ""id"": ""/subscriptions/xxxxxx/providers/Microsoft.Authorization/policyDefinitions/wkpolicydef"",

  ""type"": ""Microsoft.Authorization/policyDefinitions"",

  ""name"": ""xyz""

}";

            return json;

        }

        class JTokenPrinter : IJTokenWorker

        {

            public bool ProcessToken<TConvertible>(JContainer parent, TConvertible index, JToken current, int depth) where TConvertible : IConvertible

            {

                var spacer = new String('\t', depth);

                string name;

                string val;

                if (parent != null && index is int)

                    name = string.Format("[{0}]", index);

                else if (parent != null && index != null)

                    name = index.ToString();

                else 

                    name = "";

                if (current is JValue)

                    val = ((JValue)current).ToString();

                else if (current is JConstructor)

                    val = "new " + ((JConstructor)current).Name;

                else

                    val = "-";

                Console.WriteLine(string.Format("{0}{1}   -> {2}", spacer, name, val));

                return true;

            }

        }

        public static void Convert(string json)

        {

            var root = JsonConvert.DeserializeObject<JToken>(json);

            root.WalkTokens(new JTokenPrinter());

        }

    }

​

    public class Program

    {

        public static void Main()

        {

            Console.WriteLine("Environment version: " + Environment.Version);

            Console.WriteLine("Json.NET version: " + typeof(JsonSerializer).Assembly.FullName);

            Console.WriteLine();

​

            try

            {

                TestClass.Test();

            }

            catch (Exception ex)

            {

                Console.WriteLine("Failed with unhandled exception: ");

                Console.WriteLine(ex);

                throw;

            }

        }

    }

​