ahelland/FunctionClientCredentials.cs

## FunctionClientCredentials.cs
#r "Newtonsoft.Json"
#r "System.Configuration"
#r "Microsoft.IdentityModel.Clients.ActiveDirectory.dll"

using System.Net;
using System.Configuration;
using System.Security.Claims;
using System.Net.Http.Headers;
using Newtonsoft.Json;
using Microsoft.IdentityModel.Clients.ActiveDirectory;

/// A "reduced" user object containing only a few attributes
public class AADUser
{
    public string displayName { get; set; }
    public string userPrincipalName { get; set; }
    public string mobilePhone { get; set; }
}

public static async Task<HttpResponseMessage> Run(HttpRequestMessage req, TraceWriter log)
{
    log.Verbose($"C# HTTP trigger function processed a request. RequestUri={req.RequestUri}");

    // parse query parameter
    string name = req.GetQueryNameValuePairs()
        .FirstOrDefault(q => string.Compare(q.Key, "name", true) == 0)
        .Value;

    // Get request body
    dynamic data = await req.Content.ReadAsAsync<object>();

    // Set name to query string or body data
    name = name ?? data?.name;

    string resourceId = "https://graph.microsoft.com";
    string tenantId = String.Empty;
    string authString = String.Empty;
    string upn = String.Empty;
    string clientId = String.Empty;
    string clientSecret = ConfigurationManager.AppSettings["clientSecret"];

    foreach (Claim claim in ClaimsPrincipal.Current.Claims)
    {
        if (claim.Type == "aud")
        {
            clientId = claim.Value;
            log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
        }
        if (claim.Type == "http://schemas.microsoft.com/identity/claims/tenantid")
        {
            tenantId = claim.Value;
            authString = "https://login.microsoftonline.com/" + tenantId;
            log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
        }
        if (claim.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn")
        {
            if (claim.Value != name)
            {
                log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
                return req.CreateResponse(HttpStatusCode.BadRequest, "Name not matching claims.");
            }
            else
            {
                log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
                upn = claim.Value;
            }
        }
        //Uncomment to print all claims to log output for debugging
        //log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
    }

    var authenticationContext = new AuthenticationContext(authString, false);

    // Config for OAuth client credentials
    ClientCredential clientCred = new ClientCredential(clientId, clientSecret);
    AuthenticationResult authenticationResult = await authenticationContext.AcquireTokenAsync(resourceId,clientCred);
    string token = authenticationResult.AccessToken;
    log.Verbose(token);

    var outputName = String.Empty;
    var responseString = String.Empty;
    var phone = String.Empty;

    using (var client = new HttpClient())
    {
        string requestUrl = $"https://graph.microsoft.com/v1.0/users/{upn}";

        HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUrl);
        request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
        log.Verbose(request.ToString());

        HttpResponseMessage response = client.SendAsync(request).Result;
        responseString = response.Content.ReadAsStringAsync().Result;
        var user = JsonConvert.DeserializeObject<AADUser>(responseString);
        phone = user.mobilePhone;
        outputName = user.displayName;

        log.Verbose(responseString);
    }

    return name == null
        ? req.CreateResponse(HttpStatusCode.BadRequest, "Please pass a name on the query string or in the request body")
        : req.CreateResponse(HttpStatusCode.OK, "Hello " + outputName + ", your phone number is: " + phone);
}
	#r "Newtonsoft.Json"
	#r "System.Configuration"
	#r "Microsoft.IdentityModel.Clients.ActiveDirectory.dll"

	using System.Net;
	using System.Configuration;
	using System.Security.Claims;
	using System.Net.Http.Headers;
	using Newtonsoft.Json;
	using Microsoft.IdentityModel.Clients.ActiveDirectory;

	/// A "reduced" user object containing only a few attributes
	public class AADUser
	{
	public string displayName { get; set; }
	public string userPrincipalName { get; set; }
	public string mobilePhone { get; set; }
	}

	public static async Task<HttpResponseMessage> Run(HttpRequestMessage req, TraceWriter log)
	{
	log.Verbose($"C# HTTP trigger function processed a request. RequestUri={req.RequestUri}");

	// parse query parameter
	string name = req.GetQueryNameValuePairs()
	.FirstOrDefault(q => string.Compare(q.Key, "name", true) == 0)
	.Value;

	// Get request body
	dynamic data = await req.Content.ReadAsAsync<object>();

	// Set name to query string or body data
	name = name ?? data?.name;

	string resourceId = "https://graph.microsoft.com";
	string tenantId = String.Empty;
	string authString = String.Empty;
	string upn = String.Empty;
	string clientId = String.Empty;
	string clientSecret = ConfigurationManager.AppSettings["clientSecret"];

	foreach (Claim claim in ClaimsPrincipal.Current.Claims)
	{
	if (claim.Type == "aud")
	{
	clientId = claim.Value;
	log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
	}
	if (claim.Type == "http://schemas.microsoft.com/identity/claims/tenantid")
	{
	tenantId = claim.Value;
	authString = "https://login.microsoftonline.com/" + tenantId;
	log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
	}
	if (claim.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn")
	{
	if (claim.Value != name)
	{
	log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
	return req.CreateResponse(HttpStatusCode.BadRequest, "Name not matching claims.");
	}
	else
	{
	log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
	upn = claim.Value;
	}
	}
	//Uncomment to print all claims to log output for debugging
	//log.Verbose("Claim: " + claim.Type + " Value: " + claim.Value);
	}

	var authenticationContext = new AuthenticationContext(authString, false);

	// Config for OAuth client credentials
	ClientCredential clientCred = new ClientCredential(clientId, clientSecret);
	AuthenticationResult authenticationResult = await authenticationContext.AcquireTokenAsync(resourceId,clientCred);
	string token = authenticationResult.AccessToken;
	log.Verbose(token);

	var outputName = String.Empty;
	var responseString = String.Empty;
	var phone = String.Empty;

	using (var client = new HttpClient())
	{
	string requestUrl = $"https://graph.microsoft.com/v1.0/users/{upn}";

	HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUrl);
	request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
	log.Verbose(request.ToString());

	HttpResponseMessage response = client.SendAsync(request).Result;
	responseString = response.Content.ReadAsStringAsync().Result;
	var user = JsonConvert.DeserializeObject<AADUser>(responseString);
	phone = user.mobilePhone;
	outputName = user.displayName;

	log.Verbose(responseString);
	}

	return name == null
	? req.CreateResponse(HttpStatusCode.BadRequest, "Please pass a name on the query string or in the request body")
	: req.CreateResponse(HttpStatusCode.OK, "Hello " + outputName + ", your phone number is: " + phone);
	}