public async Task Post([FromBody] AssignRole value) { _logger.LogInformation("Check Token from logged user."); await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions); _logger.LogInformation("Try to add Admin role for me."); ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId); IAppRoleAssignment appRoleAssignment = new AppRoleAssignment() { CreationTimestamp = DateTime.Now, Id = Guid.Parse(value.RoleId), PrincipalDisplayName = value.PrincipalDisplayName, PrincipalId = Guid.Parse(value.PrincipalId), PrincipalType = value.PrincipalType, ResourceDisplayName = "GrathWebAPITest", ResourceId = Guid.Parse("bfa79360-7eac-4bc3-81f2-459ea1ff9f3f") }; if (value.PrincipalType == "Group") { await client.Groups.GetByObjectId(value.PrincipalId).AppRoleAssignments.AddAppRoleAssignmentAsync(appRoleAssignment); } else { await client.Users.GetByObjectId(value.PrincipalId).AppRoleAssignments.AddAppRoleAssignmentAsync(appRoleAssignment); } }
public async Task <IEnumerable <AppRole> > Roles() { _logger.LogInformation("Check Token from logged user."); await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions); _logger.LogInformation("Get Application Roles."); ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId); var apps = await client.Applications.ExecuteAsync(); return(apps.CurrentPage.SelectMany(app => app.AppRoles)); }
public async Task <IEnumerable <AssignRole> > Groups() { _logger.LogInformation("Check Token from logged user."); await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions); _logger.LogInformation("Get Application Groups."); ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId); var groups = await client.Groups.ExecuteAsync(); return(groups.CurrentPage.Select(group => new AssignRole { PrincipalId = group.ObjectId, PrincipalDisplayName = group.DisplayName, PrincipalType = group.ObjectType })); }
public async Task <IEnumerable <AssignRole> > Me() { _logger.LogInformation("Check Token from logged user."); await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions); _logger.LogInformation("Get Application Me."); ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId); var me = await client.Me.ExecuteAsync(); var obj = new AssignRole { PrincipalId = me.ObjectId, PrincipalDisplayName = me.DisplayName, PrincipalType = me.UserType }; return(new[] { obj }); }
public async Task <IEnumerable <IAppRoleAssignment> > Get() { _logger.LogInformation("Check Token from logged user."); await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions); _logger.LogInformation("Get Assigned roles to me."); try { ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId); var roles = await client.Me.AppRoleAssignments.ExecuteAsync(); return(roles.CurrentPage); } catch (WebException ex) { _logger.LogError($"WebException:{ex}"); throw ex; } }