asp.net Webapi登录azureAD并调用azure graph api
来源:互联网 发布:java实现发短信功能 编辑:程序博客网 时间:2024/04/30 07:44
1. 需要安装的包:
Microsoft.Azure.ActiveDirectory.GraphClient
Microsoft.IdentityModel.Clients.ActiveDirectory
1. 使用用户名密码登录获取accesstoken和idtoken
2. 使用idtoken获取idtoken和accesstoken
3. 调用graphapi获得更多信息
完整示例:
https://github.com/iorilan/WebApiAzureADSample
Microsoft.Azure.ActiveDirectory.GraphClient
Microsoft.IdentityModel.Clients.ActiveDirectory
1. 使用用户名密码登录获取accesstoken和idtoken
2. 使用idtoken获取idtoken和accesstoken
3. 调用graphapi获得更多信息
internal class AzureADGlobalConstants { public const string AuthString = "https://login.microsoftonline.com/"; public const string ResourceUrl = "https://graph.windows.net"; public const string GraphServiceObjectId = "00000002-0000-0000-c000-000000000000"; } public class CertisAdLoginController : ApiController { public class LoginResult { public bool IsSuccess { get; set; } public string ErrorMessage { get; set; } public object Data { get; set; } public IUser UserDetail { get; set; } } internal class AzureADAppConstants { /// <summary> /// The application id ,you can login to azure portal -> /// Azure Active Directory -> /// Registered Apps -> click the app /// </summary> public const string ClientId = "your_app_id"; /// <summary> /// Login to your azure portal -> /// Azure Active Directory -> /// Registered Apps -> click the app /// keys -> add new /// </summary> public const string ClientSecret = "your_app_key"; /// <summary> /// this is used to construct the login user name: /// e.g. someone@xxx.onmicrosoft.com /// </summary> public const string TenantName = "yourdomain@onmicrosoft.com"; /// <summary> /// you can get this value form below steps : /// Login to your azure portal -> /// Azure Active Directory -> /// Properties -> DirectoryId /// </summary> public const string TenantId = "your_tenant_id"; } /// <summary> /// Login with idToken /// </summary> /// <param name="idToken"></param> /// <returns></returns> [HttpPost] public IHttpActionResult Login(string idToken) { try { string directoryName = AzureADAppConstants.TenantName; string clientId = AzureADAppConstants.ClientId; var credentials = new UserAssertion(idToken); var authenticationContext = new AuthenticationContext(AzureADGlobalConstants.AuthString + directoryName); var result = authenticationContext.AcquireTokenAsync(AzureADGlobalConstants.ResourceUrl, clientId, credentials).Result; var tokenGetter = Task.Run(() => { return result.AccessToken; }); // get more details var userDetail = GetUserDetailById(tokenGetter, result.UserInfo.UniqueId); return Ok(new LoginResult() { IsSuccess = true, Data = result, ErrorMessage = "", UserDetail = userDetail }); } catch (Exception ex) { return Ok(new LoginResult() { IsSuccess = false, ErrorMessage = ex.Message }); } } /// <summary> /// Login with username/password /// </summary> /// <param name="username"></param> /// <param name="password"></param> /// <returns></returns> [HttpPost] public IHttpActionResult Login(string username, string password) { try { string directoryName = AzureADAppConstants.TenantName; string clientId = AzureADAppConstants.ClientId; var credentials = new UserPasswordCredential(string.Format("{0}@{1}", username, directoryName), password); var authenticationContext = new AuthenticationContext(AzureADGlobalConstants.AuthString + directoryName); var result = authenticationContext.AcquireTokenAsync(AzureADGlobalConstants.ResourceUrl, clientId, credentials).Result; var tokenGetter = Task.Run(() => { return result.AccessToken; }); // get more details var userDetail = GetUserDetailById(tokenGetter, result.UserInfo.UniqueId); return Ok(new LoginResult() { IsSuccess = true, Data = result, ErrorMessage = "", UserDetail = userDetail }); } catch (Exception ex) { return Ok(new LoginResult() { IsSuccess = false, ErrorMessage = ex.Message }); } } private IUser GetUserDetailById(Task<string> accessToken, string userid) { Uri servicePointUri = new Uri(AzureADGlobalConstants.ResourceUrl); Uri serviceRoot = new Uri(servicePointUri, CertisAdLoginController.AzureADAppConstants.TenantId); ActiveDirectoryClient client = new ActiveDirectoryClient(serviceRoot, () => { return accessToken; }); IUser firstMatch = null; try { IUserCollection userCollection = client.Users; firstMatch = userCollection.Where(user => user.ObjectId == userid) .Take(10).ExecuteAsync(). Result.CurrentPage.First(); return firstMatch; } catch (Exception e) { return null; } } }
完整示例:
https://github.com/iorilan/WebApiAzureADSample
阅读全文
1 0
- asp.net Webapi登录azureAD并调用azure graph api
- python 3 登录azureAD并调用azure graph api
- 《Asp.Net Web API》-----webApi的简单使用
- ASP.NET WEBApi
- Asp.net WebAPI Ioc
- Asp.net WebAPI 单元测试
- ASP.NET for WebApi
- asp.net创建webapi
- ANDROID调用VS2013 ASP.NET WEBAPI 返回DATATABLE 注意
- 通过扩展让ASP.NET Web API支持JSONP ----- .NET 4.0 asp.net WebApi(不是WebApi 2)
- Asp.net WebAPI 教程整理
- Asp.net WebApi版本控制
- ASP.NET WebAPI - Routing 1
- ASP.NET MVC WebAPI请求
- 创建ASP.NET WebApi 项目
- ASP.NET WebAPI 连接数据库
- ASP.NET WebApi 路由配置
- ASP.NET WebApi 路由配置
- 对一致性Hash算法,Java代码实现的深入研究
- 继承与非继承元素
- Shader学习——CPU与GPU之间的通信
- 知乎者也
- cookie 和session 的区别
- asp.net Webapi登录azureAD并调用azure graph api
- 吉比特笔试之走格子游戏
- 【YOLO学习】召回率(Recall),精确率(Precision),平均正确率(Average_precision(AP) ),交除并(Intersection-over-Union(IoU))
- C++文件操作——查找文件夹及文件是否存在的方法
- js文件中数据的定义注意事项
- WKWebView使用时的[removeDataOfTypes:modifiedSince:completionHandler:]崩溃
- @RequestBody和@ResponseBody
- tensorflow之seq2seq阅读笔记
- 算法之冒泡排序