使用Azure Active Directory Graph Client,我可以使用ff成功查询AD的用户角色。代码:
var activeDirectoryClient = new ActiveDirectoryClient(); // Instantiate the Graph Client here.
var adRoles = await activeDirectoryClient.DirectoryRoles.ExecuteAsync();
是否有可能获得:
在这种情况下,我对管理员的定义是公司管理员角色下的用户,或者能够授权应用程序的用户(通过格式为{{3}的身份验证请求URL) }的提示= admin_consent )
答案 0 :(得分:3)
有几种方法可以做到这一点,让我们以REST API为出发点。
您可以使用GET请求获取 USER 的群组和角色列表:https://graph.windows.net/myorganization/users/{user_id}/$links/memberOf?api-version
成功时,返回指向该用户所属的Group&DirectoryRole的链接集合
参考:Get a user's group and directory role memberships
要获取群组的成员资格,您需要向https://graph.windows.net/myorganization/groups/{object_id}/$links/members?api-version
发出GET请求参考:Get a group's direct members
但是根据文档:
不能在目录角色上调用任何函数或操作
这必须从USER对象完成。 SDK将反映这一点。
public static class AnimatedTableCell<T> extends TableCell<T,Double>{
private static final PseudoClass PS_Cell_Flash = PseudoClass.getPseudoClass("flash-cell-positive");
private final Function<T,BooleanExpression> flashExtractor;
private final ChangeListener<Boolean> flashListener = (fObs, fOld, fNew) -> flasherChanged(fNew);
private final Timeline flashTimeline;
// constructor
public AnimatedTableCell(Function<T, BooleanExpression> fFlashExtractor){
flashExtractor = fFlashExtractor;
flashTimeline = new Timeline(
new KeyFrame(Duration.seconds(0.5), e -> pseudoClassStateChanged(PS_Cell_Flash, true)),
new KeyFrame(Duration.seconds(1.0), e -> pseudoClassStateChanged(PS_Cell_Flash, false)));
flashTimeline.setCycleCount(Animation.INDEFINITE);
}
private void flasherChanged(boolean fNew) {
if (fNew) {
flashTimeline.play();
} else {
flashTimeline.stop();
pseudoClassStateChanged(PS_Cell_Flash, false);
}
}
//@SuppressWarnings("unchecked")
@Override
protected void updateItem(Double item, boolean empty) {
System.out.println("getItem(): " + (T) getTableRow().getItem());
if (getItem() != null) {
// Problem IN THIS LINE
final BooleanExpression be = flashExtractor.apply((T) getTableRow().getItem());
if (be != null) {
be.removeListener(flashListener);
}
}
super.updateItem(item, empty);
if (getItem() != null) {
final BooleanExpression be = flashExtractor.apply((T) getTableRow().getItem());
if (be != null) {
be.addListener(flashListener);
flasherChanged(be.get());
}
}
}
}
GraphAPI控制台应用有一些很好的示例,可以向您展示如何完成这些操作:Program.cs