centur/manageUsers.linq Secret

## manageUsers.linq
<Query Kind="Program">
  <Reference>&lt;RuntimeDirectory&gt;\SMDiagnostics.dll</Reference>
  <Reference>&lt;RuntimeDirectory&gt;\System.Configuration.dll</Reference>
  <Reference>&lt;RuntimeDirectory&gt;\System.Runtime.Serialization.dll</Reference>
  <Reference>&lt;RuntimeDirectory&gt;\System.Security.dll</Reference>
  <Reference>&lt;RuntimeDirectory&gt;\System.ServiceModel.Internals.dll</Reference>
  <Reference>&lt;RuntimeDirectory&gt;\System.Web.ApplicationServices.dll</Reference>
  <NuGetReference>Microsoft.Azure.ActiveDirectory.GraphClient</NuGetReference>
  <NuGetReference>Microsoft.IdentityModel.Clients.ActiveDirectory</NuGetReference>
  <Namespace>Microsoft.Azure.ActiveDirectory.GraphClient</Namespace>
  <Namespace>Microsoft.IdentityModel.Clients.ActiveDirectory</Namespace>
  <Namespace>System</Namespace>
  <Namespace>System.Threading.Tasks</Namespace>
</Query>

async void Main()
{
	var config = new AzureADConfiguration
	{
		AzureADAddress = "https://login.microsoftonline.com/testdbplans.onMicrosoft.com",
		TenantName = "testdbplans.onMicrosoft.com",
		TenantId = "58cc6e97-acd4-43ce-820f-50cfe5fd56e8",

		ManagerAppClientId = "It's a WebApp client ID with maximum possible permissions",
		ManagerAppClientSecret = "Please PUT yours here",

		ManagerAppResourceUrl = "https://graph.windows.net",
		ClientIdForUserAuth = "It's a native client Id",

		AuthAudience = "https://drawboard.identity.local",
		AuthClientId = "not used in this sample",
	};

	var helper = new AuthenticationHelper(config);
	var adClient = helper.GetActiveDirectoryClientAsApplication();

	var newUser = new User
	{
		GivenName = "Linq",
		Surname = "Lee",
		DisplayName = "LINQ Tests",
		City = "MyCity",
		State = "MyState",
		Country = "MyCountry",
		Department = "MyDepartment",
		JobTitle = "My Job Title",
		Mobile = "My Mobile",
		OtherMails = new[] { "myothermail1@harakirimail.com" },
		TelephoneNumber = "my telephone number",
		UserPrincipalName = "linq-random-2@testdbplans.onmicrosoft.com",
		MailNickname = "linq-random-1",
		AccountEnabled = true,
		PasswordProfile = new PasswordProfile
		{
			Password = "Str1ngPazz42",
			ForceChangePasswordNextLogin = false
		},
		UsageLocation = "AU",

	};

// NOTE: This step fails
	await adClient.Users.AddUserAsync(newUser);

	var _authContext = new AuthenticationContext(config.AzureADAddress, new TokenCache());

// try to authenticate with newly created user
	var result = await _authContext.AcquireTokenAsync(config.AuthAudience, config.AuthClientId, new UserCredential("linq-random-2@testdbplans.onmicrosoft.com", "Str1ngPazz42"));

	result.Dump();


	var linqUser = adClient.Users
		.Where(user => user.DisplayName.Equals("LINQ Tests"))
		.ExecuteAsync()
		.Result
		.CurrentPage
		.ToList();

	linqUser.Dump();


	// filter out some users
	List<IUser> retrievedUsers = null;
	try
	{
		retrievedUsers = adClient.Users
			.Where(user => user.DisplayName.Equals("Swagger Tests"))
			.ExecuteAsync().Result.CurrentPage.ToList();
	}
	catch (Exception e)
	{
		Console.WriteLine("\nError getting new user {0} {1}", e.Message,
			e.InnerException != null ? e.InnerException.Message : "");
	}
	//	retrievedUsers.Dump();

	var allExcept = retrievedUsers.Where(u => !u.GivenName.Equals("alexey+proxy7@drawboard.com")).ToList();
	foreach (var u in allExcept)
	{
//		u.DeleteAsync().Wait();
	}


}


public class AzureADConfiguration
{
	public string TenantId { get; set; }
	public string TenantName { get; set; }
	public string TenantDefaultDomain { get; set; }
	public string ManagerAppClientId { get; set; }
	public string ManagerAppClientSecret { get; set; }
	public string ClientIdForUserAuth { get; set; }
	public string AzureADAddress { get; set; }
	public string ManagerAppResourceUrl { get; set; }
	public string AuthAudience { get; set; }
	public string AuthClientId { get; set; }
}


public class AuthenticationHelper
{
	private readonly AzureADConfiguration AzureADDetails;
	public string TokenForUser;

	public AuthenticationHelper(AzureADConfiguration configuration)
	{
		AzureADDetails = configuration;
	}

	/// <summary>
	/// Async task to acquire token for Application.
	/// </summary>
	/// <returns>Async Token for application.</returns>
	public async Task<string> AcquireTokenAsyncForApplication()
	{

		return await Task.FromResult(GetTokenForApplication());
	}

	/// <summary>
	/// Get Token for Application.
	/// </summary>
	/// <returns>Token for application.</returns>
	public string GetTokenForApplication()
	{
		var authenticationContext = new AuthenticationContext(AzureADDetails.AzureADAddress, false);
		// Config for OAuth client credentials
		ClientCredential clientCred = new ClientCredential(AzureADDetails.ManagerAppClientId, AzureADDetails.ManagerAppClientSecret);
		AuthenticationResult authenticationResult = authenticationContext.AcquireToken(AzureADDetails.ManagerAppResourceUrl,clientCred);
		string token = authenticationResult.AccessToken;
		return token;
	}

	/// <summary>
	/// Get Active Directory Client for Application.
	/// </summary>
	/// <returns>ActiveDirectoryClient for Application.</returns>
	public ActiveDirectoryClient GetActiveDirectoryClientAsApplication()
	{
		var servicePointUri = new Uri(AzureADDetails.ManagerAppResourceUrl);
		var serviceRoot = new Uri(servicePointUri, AzureADDetails.TenantId);
		var activeDirectoryClient = new ActiveDirectoryClient(serviceRoot,
			async () => await AcquireTokenAsyncForApplication());
		return activeDirectoryClient;
	}

	/// <summary>
	/// Async task to acquire token for User.
	/// </summary>
	/// <returns>Token for user.</returns>
	public async Task<String> AcquireTokenAsyncForUser()
	{

		return await Task.FromResult(GetTokenForUser());
	}

	/// <summary>
	/// Get Token for User.
	/// </summary>
	/// <returns>Token for user.</returns>
	public string GetTokenForUser()
	{
		if (TokenForUser == null)
		{
			var redirectUri = new Uri("https://localhost");
			AuthenticationContext authenticationContext = new AuthenticationContext(AzureADDetails.AzureADAddress, false);
			AuthenticationResult userAuthnResult = authenticationContext.AcquireToken(AzureADDetails.ManagerAppResourceUrl,
				AzureADDetails.ClientIdForUserAuth, redirectUri, PromptBehavior.Always);
			TokenForUser = userAuthnResult.AccessToken;
			Console.WriteLine("\n Welcome " + userAuthnResult.UserInfo.GivenName + " " +
							  userAuthnResult.UserInfo.FamilyName);
		}
		return TokenForUser;
	}

	/// <summary>
	/// Get Active Directory Client for User.
	/// </summary>
	/// <returns>ActiveDirectoryClient for User.</returns>
	public ActiveDirectoryClient GetActiveDirectoryClientAsUser()
	{
		Uri servicePointUri = new Uri(AzureADDetails.ManagerAppResourceUrl);
		Uri serviceRoot = new Uri(servicePointUri, AzureADDetails.TenantId);
		ActiveDirectoryClient activeDirectoryClient = new ActiveDirectoryClient(serviceRoot,
			async () => await AcquireTokenAsyncForUser());
		return activeDirectoryClient;
	}
}
	<Query Kind="Program">
	<Reference><RuntimeDirectory>\SMDiagnostics.dll</Reference>
	<Reference><RuntimeDirectory>\System.Configuration.dll</Reference>
	<Reference><RuntimeDirectory>\System.Runtime.Serialization.dll</Reference>
	<Reference><RuntimeDirectory>\System.Security.dll</Reference>
	<Reference><RuntimeDirectory>\System.ServiceModel.Internals.dll</Reference>
	<Reference><RuntimeDirectory>\System.Web.ApplicationServices.dll</Reference>
	<NuGetReference>Microsoft.Azure.ActiveDirectory.GraphClient</NuGetReference>
	<NuGetReference>Microsoft.IdentityModel.Clients.ActiveDirectory</NuGetReference>
	<Namespace>Microsoft.Azure.ActiveDirectory.GraphClient</Namespace>
	<Namespace>Microsoft.IdentityModel.Clients.ActiveDirectory</Namespace>
	<Namespace>System</Namespace>
	<Namespace>System.Threading.Tasks</Namespace>
	</Query>

	async void Main()
	{
	var config = new AzureADConfiguration
	{
	AzureADAddress = "https://login.microsoftonline.com/testdbplans.onMicrosoft.com",
	TenantName = "testdbplans.onMicrosoft.com",
	TenantId = "58cc6e97-acd4-43ce-820f-50cfe5fd56e8",

	ManagerAppClientId = "It's a WebApp client ID with maximum possible permissions",
	ManagerAppClientSecret = "Please PUT yours here",

	ManagerAppResourceUrl = "https://graph.windows.net",
	ClientIdForUserAuth = "It's a native client Id",

	AuthAudience = "https://drawboard.identity.local",
	AuthClientId = "not used in this sample",
	};

	var helper = new AuthenticationHelper(config);
	var adClient = helper.GetActiveDirectoryClientAsApplication();

	var newUser = new User
	{
	GivenName = "Linq",
	Surname = "Lee",
	DisplayName = "LINQ Tests",
	City = "MyCity",
	State = "MyState",
	Country = "MyCountry",
	Department = "MyDepartment",
	JobTitle = "My Job Title",
	Mobile = "My Mobile",
	OtherMails = new[] { "myothermail1@harakirimail.com" },
	TelephoneNumber = "my telephone number",
	UserPrincipalName = "linq-random-2@testdbplans.onmicrosoft.com",
	MailNickname = "linq-random-1",
	AccountEnabled = true,
	PasswordProfile = new PasswordProfile
	{
	Password = "Str1ngPazz42",
	ForceChangePasswordNextLogin = false
	},
	UsageLocation = "AU",

	};

	// NOTE: This step fails
	await adClient.Users.AddUserAsync(newUser);

	var _authContext = new AuthenticationContext(config.AzureADAddress, new TokenCache());

	// try to authenticate with newly created user
	var result = await _authContext.AcquireTokenAsync(config.AuthAudience, config.AuthClientId, new UserCredential("linq-random-2@testdbplans.onmicrosoft.com", "Str1ngPazz42"));

	result.Dump();


	var linqUser = adClient.Users
	.Where(user => user.DisplayName.Equals("LINQ Tests"))
	.ExecuteAsync()
	.Result
	.CurrentPage
	.ToList();

	linqUser.Dump();



	// filter out some users
	List<IUser> retrievedUsers = null;
	try
	{
	retrievedUsers = adClient.Users
	.Where(user => user.DisplayName.Equals("Swagger Tests"))
	.ExecuteAsync().Result.CurrentPage.ToList();
	}
	catch (Exception e)
	{
	Console.WriteLine("\nError getting new user {0} {1}", e.Message,
	e.InnerException != null ? e.InnerException.Message : "");
	}
	// retrievedUsers.Dump();

	var allExcept = retrievedUsers.Where(u => !u.GivenName.Equals("alexey+proxy7@drawboard.com")).ToList();
	foreach (var u in allExcept)
	{
	// u.DeleteAsync().Wait();
	}



	}


	public class AzureADConfiguration
	{
	public string TenantId { get; set; }
	public string TenantName { get; set; }
	public string TenantDefaultDomain { get; set; }
	public string ManagerAppClientId { get; set; }
	public string ManagerAppClientSecret { get; set; }
	public string ClientIdForUserAuth { get; set; }
	public string AzureADAddress { get; set; }
	public string ManagerAppResourceUrl { get; set; }
	public string AuthAudience { get; set; }
	public string AuthClientId { get; set; }
	}


	public class AuthenticationHelper
	{
	private readonly AzureADConfiguration AzureADDetails;
	public string TokenForUser;

	public AuthenticationHelper(AzureADConfiguration configuration)
	{
	AzureADDetails = configuration;
	}

	/// <summary>
	/// Async task to acquire token for Application.
	/// </summary>
	/// <returns>Async Token for application.</returns>
	public async Task<string> AcquireTokenAsyncForApplication()
	{

	return await Task.FromResult(GetTokenForApplication());
	}

	/// <summary>
	/// Get Token for Application.
	/// </summary>
	/// <returns>Token for application.</returns>
	public string GetTokenForApplication()
	{
	var authenticationContext = new AuthenticationContext(AzureADDetails.AzureADAddress, false);
	// Config for OAuth client credentials
	ClientCredential clientCred = new ClientCredential(AzureADDetails.ManagerAppClientId, AzureADDetails.ManagerAppClientSecret);
	AuthenticationResult authenticationResult = authenticationContext.AcquireToken(AzureADDetails.ManagerAppResourceUrl,clientCred);
	string token = authenticationResult.AccessToken;
	return token;
	}

	/// <summary>
	/// Get Active Directory Client for Application.
	/// </summary>
	/// <returns>ActiveDirectoryClient for Application.</returns>
	public ActiveDirectoryClient GetActiveDirectoryClientAsApplication()
	{
	var servicePointUri = new Uri(AzureADDetails.ManagerAppResourceUrl);
	var serviceRoot = new Uri(servicePointUri, AzureADDetails.TenantId);
	var activeDirectoryClient = new ActiveDirectoryClient(serviceRoot,
	async () => await AcquireTokenAsyncForApplication());
	return activeDirectoryClient;
	}

	/// <summary>
	/// Async task to acquire token for User.
	/// </summary>
	/// <returns>Token for user.</returns>
	public async Task<String> AcquireTokenAsyncForUser()
	{

	return await Task.FromResult(GetTokenForUser());
	}

	/// <summary>
	/// Get Token for User.
	/// </summary>
	/// <returns>Token for user.</returns>
	public string GetTokenForUser()
	{
	if (TokenForUser == null)
	{
	var redirectUri = new Uri("https://localhost");
	AuthenticationContext authenticationContext = new AuthenticationContext(AzureADDetails.AzureADAddress, false);
	AuthenticationResult userAuthnResult = authenticationContext.AcquireToken(AzureADDetails.ManagerAppResourceUrl,
	AzureADDetails.ClientIdForUserAuth, redirectUri, PromptBehavior.Always);
	TokenForUser = userAuthnResult.AccessToken;
	Console.WriteLine("\n Welcome " + userAuthnResult.UserInfo.GivenName + " " +
	userAuthnResult.UserInfo.FamilyName);
	}
	return TokenForUser;
	}

	/// <summary>
	/// Get Active Directory Client for User.
	/// </summary>
	/// <returns>ActiveDirectoryClient for User.</returns>
	public ActiveDirectoryClient GetActiveDirectoryClientAsUser()
	{
	Uri servicePointUri = new Uri(AzureADDetails.ManagerAppResourceUrl);
	Uri serviceRoot = new Uri(servicePointUri, AzureADDetails.TenantId);
	ActiveDirectoryClient activeDirectoryClient = new ActiveDirectoryClient(serviceRoot,
	async () => await AcquireTokenAsyncForUser());
	return activeDirectoryClient;
	}
	}