从Azure Active Directory获取个人资料图片

时间:2015-04-27 12:05:17

标签: c# .net azure azure-active-directory

我们已在应用程序中将Azure AD设置为身份提供程序。我们想要在应用程序中显示应该来自Azuare AD的个人资料图片。我们如何从Azure AD获取个人资料图片?

为了测试,我在Azure AD中添加了一个Windows Live Id帐户(其中包含个人资料图片)。我们然后使用Graph Explorer尝试了它,但没有运气。

如果有人可以提供一些帮助/示例代码,请提前致谢。

亚太区首席技术官Matt

3 个答案:

答案 0 :(得分:4)

您可以使用Azure Active Directory图形客户端获取用户缩略图照片

var servicePoint = new Uri("https://graph.windows.net");
var serviceRoot = new Uri(servicePoint, "<your tenant>"); //e.g. xxx.onmicrosoft.com
const string clientId = "<clientId>";
const string secretKey = "<secretKey>";// ClientID and SecretKey are defined when you register application with Azure AD
var authContext = new AuthenticationContext("https://login.windows.net/<tenant>/oauth2/token");
var credential = new ClientCredential(clientId, secretKey);
ActiveDirectoryClient directoryClient = new ActiveDirectoryClient(serviceRoot, async () =>
{
    var result = await authContext.AcquireTokenAsync("https://graph.windows.net/", credential);
    return result.AccessToken;
});

var user = await directoryClient.Users.Where(x => x.UserPrincipalName == "<username>").ExecuteSingleAsync();
DataServiceStreamResponse photo = await user.ThumbnailPhoto.DownloadAsync();
using (MemoryStream s = new MemoryStream())
{
    photo.Stream.CopyTo(s);
    var encodedImage = Convert.ToBase64String(s.ToArray());
}

Azure AD以二进制格式返回用户的照片,您需要转换为Base64字符串

答案 1 :(得分:3)

不支持通过Graph Explorer获取照片。假设“signedInUser”已包含已登录的用户实体,那么使用客户端库的此代码段应该适合您...

        #region get signed in user's photo
        if (signedInUser.ObjectId != null)
        {
            IUser sUser = (IUser)signedInUser;
            IStreamFetcher photo = (IStreamFetcher)sUser.ThumbnailPhoto;
            try
            {
                DataServiceStreamResponse response =
                photo.DownloadAsync().Result;
                Console.WriteLine("\nUser {0} GOT thumbnailphoto", signedInUser.DisplayName);
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting the user's photo - may not exist {0} {1}", e.Message,
                    e.InnerException != null ? e.InnerException.Message : "");
            }
        }
        #endregion

或者您可以通过REST执行此操作,它应如下所示: GET https://graph.windows.net/myorganization/users/ / thumbnailPhoto?api-version = 1.5 希望这会有所帮助,

答案 2 :(得分:0)

根据Azure AD Graph API Docs,Microsoft建议转换为Microsoft Graph,因为Azure AD Graph API正在逐步淘汰。

但是,要通过Azure AD轻松抓取照片,暂时使用此网址模板:

https://graph.windows.net/myorganization/users/{user_id}/thumbnailPhoto?api-version={version}

例如(这是一个虚假的用户ID):

https://graph.windows.net/myorganization/users/abc1d234-01ab-1a23-12ab-abc0d123e456/thumbnailPhoto?api-version=1.6

以下代码假设您已经拥有经过身份验证的用户,并带有令牌。这是一个简单的例子;您需要更改返回值以满足您的需求,添加错误检查等。

const string ThumbUrl = "https://graph.windows.net/myorganization/users/{0}/thumbnailPhoto?api-version=1.6";

// Attempts to retrieve the thumbnail image for the specified user, with fallback.
// Returns: Fully formatted string for supplying as the src attribute value of an img tag.
private string GetUserThumbnail(string userId)
{
    string thumbnail = "some base64 encoded fallback image";
    string mediaType = "image/jpg"; // whatever your fallback image type is
    string requestUrl = string.Format(ThumbUrl, userId);

    HttpClient client = new HttpClient();
    client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", GetToken());
    HttpResponseMessage response = client.GetAsync(requestUrl).Result;

    if (response.IsSuccessStatusCode)
    {
        // Read the response as a byte array
        var responseBody = response.Content.ReadAsByteArrayAsync().GetAwaiter().GetResult();

        // The headers will contain information on the image type returned
        mediaType = response.Content.Headers.ContentType.MediaType;

        // Encode the image string
        thumbnail = Convert.ToBase64String(responseBody);
    }

    return $"data&colon;{mediaType};base64,{thumbnail}";
}

// Factored out for use with other calls which may need the token
private string GetToken()
{
    return HttpContext.Current.Session["Token"] == null ? string.Empty : HttpContext.Current.Session["Token"].ToString();
}