public static IEnumerable <SecurityActionResponse> ToSecurityActionResponses(this IEnumerable <SecurityAction> securityActions) { List <SecurityActionResponse> responses = new List <SecurityActionResponse>(); foreach (var action in securityActions) { var alertId = action?.Parameters.Where(x => x.Name.Equals("AlertId"))?.FirstOrDefault()?.Value; var name = action?.Parameters.Where(x => x.Name.Equals("targetName"))?.FirstOrDefault()?.Value; var value = action?.Parameters.Where(x => x.Name.Equals("targetValue"))?.FirstOrDefault()?.Value; var response = new SecurityActionResponse() { Id = string.IsNullOrWhiteSpace(action.Id) ? string.Empty : action.Id, Name = action?.Name, SecurityVendorInformation = action?.VendorInformation ?? null, Status = action.Status, SubmittedDateTime = action?.CreatedDateTime, StatusUpdateDateTime = action?.LastActionDateTime, Reason = new Reason() { Comment = action?.ActionReason, AlertId = alertId, }, Target = new Target() { Name = name, Value = value, }, }; responses.Add(response); } return(responses); }
public async Task <SecurityActionResponse> AddSecurityActionsAsync(SecurityAction action) { try { var startDateTime = DateTime.Now; string endpoint = "https://graph.microsoft.com/beta/security/securityActions"; using (var client = new HttpClient()) { using (var request = new HttpRequestMessage(HttpMethod.Post, endpoint)) { request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", AccessToken); request.Content = new StringContent(JsonConvert.SerializeObject(action)); using (var response = await client.SendAsync(request)) { if (response.IsSuccessStatusCode) { string result = await response.Content.ReadAsStringAsync(); SecurityActionResponse securityActionResponse = JsonConvert.DeserializeObject <SecurityActionResponse>(result); // SecureScoreResult secureScoreResult = JsonConvert.DeserializeObject<SecureScoreResult>(result); Debug.WriteLine($"GraphService/GetSecurityActions execution time: {DateTime.Now - startDateTime}"); return(securityActionResponse); } else { return(null); } } } } } catch { return(null); } }