我在Azure上有一个C#.NET MVC Web App,我已经为Azure AD帐户启用了Easy Auth。我希望能够在它旁边使用Microsoft Graph SDK。
在上面链接的cgillum撰写的Easy Auth文章中,他说:
我还要指出,我使用的是HTTP原语,而不是使用官方的Graph API Client SDK。这主要是为了强调可以使用任何语言编写对Azure AD Graph API的访问,并且不需要任何SDK(如果您愿意,您当然可以使用SDK)。
据我所知,这是一年前编写的,考虑到AAD Graph,但他说可以使用AAD Graph SDK,因此MS Graph可能也是如此。 (老实说,我很高兴看到两种方式,但似乎有很大的推动使用MS Graph而非AAD Graph)
目前,我可以在我的控制器中对Microsoft Graph端点(https://graph.microsoft.com)进行网址调用,如下所示:
public JObject GetMe()
{
string accessToken = this.Request.Headers["X-MS-TOKEN-AAD-ACCESS-TOKEN"];
var url = "https://graph.microsoft.com/v1.0/me"; // MS Graph
using (var httpClient = new HttpClient())
{
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
var response = httpClient.GetStringAsync(url).Result;
var json = JObject.Parse(response);
return json;
}
}
返回:
{
"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#users/$entity",
"id":"a4cxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"businessPhones":[
"(xxx) xxx-xxxx"
],
"displayName":"Ryan Taite",
"givenName":"Ryan",
"jobTitle":"xxxxxxxxxxxx",
"mail":"xxxxxxx@xxxxxxx.xxxxx",
"mobilePhone":"(xxx) xxx-xxxx",
"officeLocation":"xxxxxxx",
"preferredLanguage":"xxxxxxx",
"surname":"Taite",
"userPrincipalName":"xxxxxxx@xxxxxxx.xxxxx"
}
我是否仅限于构建网址?
是否可以使用Microsoft.Graph SDK和Easy Auth,以便我可以拨打下面的电话,其中new AzureAuthenticationProvider()会以某种方式使用Easy Auth accessToken?:
public async Task<User> GetMeViaMsGraph()
{
Microsoft.Graph.GraphServiceClient graphServiceClient = new Microsoft.Graph.GraphServiceClient(authenticationProvider:new AzureAuthenticationProvider());
Microsoft.Graph.User user = await graphServiceClient.Me.Request().GetAsync();
return user;
}
我在msgraph-sdk-dotnet GitHub概述部分找到了AuthenticationProvider,但我仍然不确定我提出的问题是否可行。
<小时/> 的更新
按照下面南豫的例子,我得到了理想的结果,但我只想在这里充实,以防其他人想要看到。
在我的控制器中,我有以下功能:
// Get myself as a Microsoft.Graph User Object
public User GetMeViaMsGraph()
{
string accessToken = this.Request.Headers["X-MS-TOKEN-AAD-ACCESS-TOKEN"];
GraphServiceClient graphClient = new GraphServiceClient(new AzureAuthenticationProviderTest(accessToken)); // implementation not shown here, but it's the exact same as Nan Yu's
User me = graphClient.Me.Request().GetAsync().Result;
return me;
}
// Send the User object to my Index page
public ActionResult Index()
{
return View(GetMeViaMsGraph());
}
我删除了async Task<User>和await,因为我遇到了问题,需要继续前进。
在我的Index.cshtml页面上,我可以快速显示我可以访问User对象及其数据:
@using Microsoft.Graph;
@model User
<div>
@Model.DisplayName
@Model.GivenName
@Model.SurName
@Model.JobTitle
</div>
答案 0 :(得分:1)
SDK并不支持所有API的功能,这是我们通常使用HTTP原语的另一个原因。但是,如果您仍然希望将Easy Auth与Microsoft.Graph SDK一起使用,则可以添加如下类:
public class AzureAuthenticationProviderTest : IAuthenticationProvider
{
string accessToken = string.Empty;
public AzureAuthenticationProviderTest(string accessToken) {
this.accessToken = accessToken;
}
public async Task AuthenticateRequestAsync(HttpRequestMessage request)
{
try
{
// Append the access token to the request.
request.Headers.Authorization = new AuthenticationHeaderValue("bearer", accessToken);
}
catch (Exception ex)
{
}
}
}
传递您的访问令牌并使用sdk,如:
string accessToken = "YourAccessToken";
GraphServiceClient graphClient = new GraphServiceClient(new AzureAuthenticationProviderTest(accessToken));
var groupIDs = await graphClient.Users["UserUPN"].GetMemberGroups(false).Request().PostAsync();