-
-
Save centur/f303441538996d686810 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Query Kind="Program"> | |
<Reference><RuntimeDirectory>\SMDiagnostics.dll</Reference> | |
<Reference><RuntimeDirectory>\System.Configuration.dll</Reference> | |
<Reference><RuntimeDirectory>\System.Runtime.Serialization.dll</Reference> | |
<Reference><RuntimeDirectory>\System.Security.dll</Reference> | |
<Reference><RuntimeDirectory>\System.ServiceModel.Internals.dll</Reference> | |
<Reference><RuntimeDirectory>\System.Web.ApplicationServices.dll</Reference> | |
<NuGetReference>Microsoft.Azure.ActiveDirectory.GraphClient</NuGetReference> | |
<NuGetReference>Microsoft.IdentityModel.Clients.ActiveDirectory</NuGetReference> | |
<Namespace>Microsoft.Azure.ActiveDirectory.GraphClient</Namespace> | |
<Namespace>Microsoft.IdentityModel.Clients.ActiveDirectory</Namespace> | |
<Namespace>System</Namespace> | |
<Namespace>System.Threading.Tasks</Namespace> | |
</Query> | |
async void Main() | |
{ | |
var config = new AzureADConfiguration | |
{ | |
AzureADAddress = "https://login.microsoftonline.com/testdbplans.onMicrosoft.com", | |
TenantName = "testdbplans.onMicrosoft.com", | |
TenantId = "58cc6e97-acd4-43ce-820f-50cfe5fd56e8", | |
ManagerAppClientId = "It's a WebApp client ID with maximum possible permissions", | |
ManagerAppClientSecret = "Please PUT yours here", | |
ManagerAppResourceUrl = "https://graph.windows.net", | |
ClientIdForUserAuth = "It's a native client Id", | |
AuthAudience = "https://drawboard.identity.local", | |
AuthClientId = "not used in this sample", | |
}; | |
var helper = new AuthenticationHelper(config); | |
var adClient = helper.GetActiveDirectoryClientAsApplication(); | |
var newUser = new User | |
{ | |
GivenName = "Linq", | |
Surname = "Lee", | |
DisplayName = "LINQ Tests", | |
City = "MyCity", | |
State = "MyState", | |
Country = "MyCountry", | |
Department = "MyDepartment", | |
JobTitle = "My Job Title", | |
Mobile = "My Mobile", | |
OtherMails = new[] { "myothermail1@harakirimail.com" }, | |
TelephoneNumber = "my telephone number", | |
UserPrincipalName = "linq-random-2@testdbplans.onmicrosoft.com", | |
MailNickname = "linq-random-1", | |
AccountEnabled = true, | |
PasswordProfile = new PasswordProfile | |
{ | |
Password = "Str1ngPazz42", | |
ForceChangePasswordNextLogin = false | |
}, | |
UsageLocation = "AU", | |
}; | |
// NOTE: This step fails | |
await adClient.Users.AddUserAsync(newUser); | |
var _authContext = new AuthenticationContext(config.AzureADAddress, new TokenCache()); | |
// try to authenticate with newly created user | |
var result = await _authContext.AcquireTokenAsync(config.AuthAudience, config.AuthClientId, new UserCredential("linq-random-2@testdbplans.onmicrosoft.com", "Str1ngPazz42")); | |
result.Dump(); | |
var linqUser = adClient.Users | |
.Where(user => user.DisplayName.Equals("LINQ Tests")) | |
.ExecuteAsync() | |
.Result | |
.CurrentPage | |
.ToList(); | |
linqUser.Dump(); | |
// filter out some users | |
List<IUser> retrievedUsers = null; | |
try | |
{ | |
retrievedUsers = adClient.Users | |
.Where(user => user.DisplayName.Equals("Swagger Tests")) | |
.ExecuteAsync().Result.CurrentPage.ToList(); | |
} | |
catch (Exception e) | |
{ | |
Console.WriteLine("\nError getting new user {0} {1}", e.Message, | |
e.InnerException != null ? e.InnerException.Message : ""); | |
} | |
// retrievedUsers.Dump(); | |
var allExcept = retrievedUsers.Where(u => !u.GivenName.Equals("alexey+proxy7@drawboard.com")).ToList(); | |
foreach (var u in allExcept) | |
{ | |
// u.DeleteAsync().Wait(); | |
} | |
} | |
public class AzureADConfiguration | |
{ | |
public string TenantId { get; set; } | |
public string TenantName { get; set; } | |
public string TenantDefaultDomain { get; set; } | |
public string ManagerAppClientId { get; set; } | |
public string ManagerAppClientSecret { get; set; } | |
public string ClientIdForUserAuth { get; set; } | |
public string AzureADAddress { get; set; } | |
public string ManagerAppResourceUrl { get; set; } | |
public string AuthAudience { get; set; } | |
public string AuthClientId { get; set; } | |
} | |
public class AuthenticationHelper | |
{ | |
private readonly AzureADConfiguration AzureADDetails; | |
public string TokenForUser; | |
public AuthenticationHelper(AzureADConfiguration configuration) | |
{ | |
AzureADDetails = configuration; | |
} | |
/// <summary> | |
/// Async task to acquire token for Application. | |
/// </summary> | |
/// <returns>Async Token for application.</returns> | |
public async Task<string> AcquireTokenAsyncForApplication() | |
{ | |
return await Task.FromResult(GetTokenForApplication()); | |
} | |
/// <summary> | |
/// Get Token for Application. | |
/// </summary> | |
/// <returns>Token for application.</returns> | |
public string GetTokenForApplication() | |
{ | |
var authenticationContext = new AuthenticationContext(AzureADDetails.AzureADAddress, false); | |
// Config for OAuth client credentials | |
ClientCredential clientCred = new ClientCredential(AzureADDetails.ManagerAppClientId, AzureADDetails.ManagerAppClientSecret); | |
AuthenticationResult authenticationResult = authenticationContext.AcquireToken(AzureADDetails.ManagerAppResourceUrl,clientCred); | |
string token = authenticationResult.AccessToken; | |
return token; | |
} | |
/// <summary> | |
/// Get Active Directory Client for Application. | |
/// </summary> | |
/// <returns>ActiveDirectoryClient for Application.</returns> | |
public ActiveDirectoryClient GetActiveDirectoryClientAsApplication() | |
{ | |
var servicePointUri = new Uri(AzureADDetails.ManagerAppResourceUrl); | |
var serviceRoot = new Uri(servicePointUri, AzureADDetails.TenantId); | |
var activeDirectoryClient = new ActiveDirectoryClient(serviceRoot, | |
async () => await AcquireTokenAsyncForApplication()); | |
return activeDirectoryClient; | |
} | |
/// <summary> | |
/// Async task to acquire token for User. | |
/// </summary> | |
/// <returns>Token for user.</returns> | |
public async Task<String> AcquireTokenAsyncForUser() | |
{ | |
return await Task.FromResult(GetTokenForUser()); | |
} | |
/// <summary> | |
/// Get Token for User. | |
/// </summary> | |
/// <returns>Token for user.</returns> | |
public string GetTokenForUser() | |
{ | |
if (TokenForUser == null) | |
{ | |
var redirectUri = new Uri("https://localhost"); | |
AuthenticationContext authenticationContext = new AuthenticationContext(AzureADDetails.AzureADAddress, false); | |
AuthenticationResult userAuthnResult = authenticationContext.AcquireToken(AzureADDetails.ManagerAppResourceUrl, | |
AzureADDetails.ClientIdForUserAuth, redirectUri, PromptBehavior.Always); | |
TokenForUser = userAuthnResult.AccessToken; | |
Console.WriteLine("\n Welcome " + userAuthnResult.UserInfo.GivenName + " " + | |
userAuthnResult.UserInfo.FamilyName); | |
} | |
return TokenForUser; | |
} | |
/// <summary> | |
/// Get Active Directory Client for User. | |
/// </summary> | |
/// <returns>ActiveDirectoryClient for User.</returns> | |
public ActiveDirectoryClient GetActiveDirectoryClientAsUser() | |
{ | |
Uri servicePointUri = new Uri(AzureADDetails.ManagerAppResourceUrl); | |
Uri serviceRoot = new Uri(servicePointUri, AzureADDetails.TenantId); | |
ActiveDirectoryClient activeDirectoryClient = new ActiveDirectoryClient(serviceRoot, | |
async () => await AcquireTokenAsyncForUser()); | |
return activeDirectoryClient; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment