Created
February 19, 2014 21:14
-
-
Save pksorensen/9101729 to your computer and use it in GitHub Desktop.
blogpost to come
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using Microsoft.IdentityModel.Clients.ActiveDirectory; | |
using Microsoft.WindowsAzure; | |
using Microsoft.WindowsAzure.Management; | |
using Newtonsoft.Json; | |
using System; | |
using System.Configuration; | |
using System.Globalization; | |
using System.Net.Http; | |
using System.Security.Claims; | |
using System.Threading.Tasks; | |
using System.Web; | |
using System.Web.Mvc; | |
using WebApplication25.Models; | |
namespace WebApplication25.Controllers | |
{ | |
public class HomeController : Controller | |
{ | |
private const string TenantIdClaimType = "http://schemas.microsoft.com/identity/claims/tenantid"; | |
private const string LoginUrl = "https://login.windows.net/{0}"; | |
private const string GraphUrl = "https://graph.windows.net"; | |
private const string GraphUserUrl = "https://graph.windows.net/{0}/users/{1}?api-version=2013-04-05"; | |
private static readonly string AppPrincipalId = ConfigurationManager.AppSettings["ida:ClientID"]; | |
private static readonly string AppKey = ConfigurationManager.AppSettings["ida:Password"]; | |
public ActionResult Index() | |
{ | |
return View(); | |
} | |
[Authorize] | |
public ActionResult About() | |
{ | |
string authorizationUrl = string.Format( | |
"https://login.windows.net/{0}/oauth2/authorize?api-version=1.0&response_type=code&client_id={1}&resource={2}&redirect_uri={3}", | |
ClaimsPrincipal.Current.FindFirst(TenantIdClaimType).Value, | |
AppPrincipalId, | |
"https://management.core.windows.net/", | |
"https://localhost:44304/Home/CatchCode" | |
); | |
return new RedirectResult(authorizationUrl); | |
} | |
public async Task<ActionResult> CatchCode(string code) | |
{ | |
AuthenticationContext ac = | |
new AuthenticationContext(string.Format("https://login.windows.net/{0}", | |
ClaimsPrincipal.Current.FindFirst(TenantIdClaimType).Value)); | |
ClientCredential clcred = | |
new ClientCredential(AppPrincipalId, AppKey); | |
var ar = ac.AcquireTokenByAuthorizationCode(code, | |
new Uri("https://localhost:44304/Home/CatchCode"), clcred); | |
using (var azure = new ManagementClient(new TokenCloudCredentials(#MYSUBSCRIPTONFORTEST#, ar.AccessToken))) | |
{ | |
var subs = await azure.Locations.ListAsync(); | |
} | |
return View(); | |
} | |
public ActionResult Contact() | |
{ | |
ViewBag.Message = "Your contact page."; | |
return View(); | |
} | |
[Authorize] | |
public async Task<ActionResult> UserProfile() | |
{ | |
string tenantId = ClaimsPrincipal.Current.FindFirst(TenantIdClaimType).Value; | |
// Get a token for calling the Windows Azure Active Directory Graph | |
AuthenticationContext authContext = new AuthenticationContext(String.Format(CultureInfo.InvariantCulture, LoginUrl, tenantId)); | |
ClientCredential credential = new ClientCredential(AppPrincipalId, AppKey); | |
AuthenticationResult assertionCredential = authContext.AcquireToken(GraphUrl, credential); | |
string authHeader = assertionCredential.CreateAuthorizationHeader(); | |
string requestUrl = String.Format( | |
CultureInfo.InvariantCulture, | |
GraphUserUrl, | |
HttpUtility.UrlEncode(tenantId), | |
HttpUtility.UrlEncode(User.Identity.Name)); | |
HttpClient client = new HttpClient(); | |
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUrl); | |
request.Headers.TryAddWithoutValidation("Authorization", authHeader); | |
HttpResponseMessage response = await client.SendAsync(request); | |
string responseString = await response.Content.ReadAsStringAsync(); | |
UserProfile profile = JsonConvert.DeserializeObject<UserProfile>(responseString); | |
return View(profile); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment