我们已在应用程序中将Azure AD设置为身份提供程序。我们想要在应用程序中显示应该来自Azuare AD的个人资料图片。我们如何从Azure AD获取个人资料图片?
为了测试,我在Azure AD中添加了一个Windows Live Id帐户(其中包含个人资料图片)。我们然后使用Graph Explorer尝试了它,但没有运气。
如果有人可以提供一些帮助/示例代码,请提前致谢。
亚太区首席技术官Matt
答案 0 :(得分:4)
您可以使用Azure Active Directory图形客户端获取用户缩略图照片
var servicePoint = new Uri("https://graph.windows.net");
var serviceRoot = new Uri(servicePoint, "<your tenant>"); //e.g. xxx.onmicrosoft.com
const string clientId = "<clientId>";
const string secretKey = "<secretKey>";// ClientID and SecretKey are defined when you register application with Azure AD
var authContext = new AuthenticationContext("https://login.windows.net/<tenant>/oauth2/token");
var credential = new ClientCredential(clientId, secretKey);
ActiveDirectoryClient directoryClient = new ActiveDirectoryClient(serviceRoot, async () =>
{
var result = await authContext.AcquireTokenAsync("https://graph.windows.net/", credential);
return result.AccessToken;
});
var user = await directoryClient.Users.Where(x => x.UserPrincipalName == "<username>").ExecuteSingleAsync();
DataServiceStreamResponse photo = await user.ThumbnailPhoto.DownloadAsync();
using (MemoryStream s = new MemoryStream())
{
photo.Stream.CopyTo(s);
var encodedImage = Convert.ToBase64String(s.ToArray());
}
Azure AD以二进制格式返回用户的照片,您需要转换为Base64字符串
答案 1 :(得分:3)
不支持通过Graph Explorer获取照片。假设“signedInUser”已包含已登录的用户实体,那么使用客户端库的此代码段应该适合您...
#region get signed in user's photo
if (signedInUser.ObjectId != null)
{
IUser sUser = (IUser)signedInUser;
IStreamFetcher photo = (IStreamFetcher)sUser.ThumbnailPhoto;
try
{
DataServiceStreamResponse response =
photo.DownloadAsync().Result;
Console.WriteLine("\nUser {0} GOT thumbnailphoto", signedInUser.DisplayName);
}
catch (Exception e)
{
Console.WriteLine("\nError getting the user's photo - may not exist {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
或者您可以通过REST执行此操作,它应如下所示: GET https://graph.windows.net/myorganization/users/ / thumbnailPhoto?api-version = 1.5 希望这会有所帮助,
答案 2 :(得分:0)
根据Azure AD Graph API Docs,Microsoft建议转换为Microsoft Graph,因为Azure AD Graph API正在逐步淘汰。
但是,要通过Azure AD轻松抓取照片,暂时使用此网址模板:
https://graph.windows.net/myorganization/users/{user_id}/thumbnailPhoto?api-version={version}
例如(这是一个虚假的用户ID):
https://graph.windows.net/myorganization/users/abc1d234-01ab-1a23-12ab-abc0d123e456/thumbnailPhoto?api-version=1.6
以下代码假设您已经拥有经过身份验证的用户,并带有令牌。这是一个简单的例子;您需要更改返回值以满足您的需求,添加错误检查等。
const string ThumbUrl = "https://graph.windows.net/myorganization/users/{0}/thumbnailPhoto?api-version=1.6";
// Attempts to retrieve the thumbnail image for the specified user, with fallback.
// Returns: Fully formatted string for supplying as the src attribute value of an img tag.
private string GetUserThumbnail(string userId)
{
string thumbnail = "some base64 encoded fallback image";
string mediaType = "image/jpg"; // whatever your fallback image type is
string requestUrl = string.Format(ThumbUrl, userId);
HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", GetToken());
HttpResponseMessage response = client.GetAsync(requestUrl).Result;
if (response.IsSuccessStatusCode)
{
// Read the response as a byte array
var responseBody = response.Content.ReadAsByteArrayAsync().GetAwaiter().GetResult();
// The headers will contain information on the image type returned
mediaType = response.Content.Headers.ContentType.MediaType;
// Encode the image string
thumbnail = Convert.ToBase64String(responseBody);
}
return $"data:{mediaType};base64,{thumbnail}";
}
// Factored out for use with other calls which may need the token
private string GetToken()
{
return HttpContext.Current.Session["Token"] == null ? string.Empty : HttpContext.Current.Session["Token"].ToString();
}