public async Task Post([FromBody] AssignRole value)
{
_logger.LogInformation("Check Token from logged user.");
await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions);
_logger.LogInformation("Try to add Admin role for me.");
ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId);
IAppRoleAssignment appRoleAssignment = new AppRoleAssignment()
{
CreationTimestamp = DateTime.Now,
Id = Guid.Parse(value.RoleId),
PrincipalDisplayName = value.PrincipalDisplayName,
PrincipalId = Guid.Parse(value.PrincipalId),
PrincipalType = value.PrincipalType,
ResourceDisplayName = "GrathWebAPITest",
ResourceId = Guid.Parse("bfa79360-7eac-4bc3-81f2-459ea1ff9f3f")
};
if (value.PrincipalType == "Group")
{
await client.Groups.GetByObjectId(value.PrincipalId).AppRoleAssignments.AddAppRoleAssignmentAsync(appRoleAssignment);
}
else
{
await client.Users.GetByObjectId(value.PrincipalId).AppRoleAssignments.AddAppRoleAssignmentAsync(appRoleAssignment);
}
}
public async Task <IEnumerable <AppRole> > Roles()
{
_logger.LogInformation("Check Token from logged user.");
await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions);
_logger.LogInformation("Get Application Roles.");
ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId);
var apps = await client.Applications.ExecuteAsync();
return(apps.CurrentPage.SelectMany(app => app.AppRoles));
}
public async Task <IEnumerable <AssignRole> > Groups()
{
_logger.LogInformation("Check Token from logged user.");
await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions);
_logger.LogInformation("Get Application Groups.");
ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId);
var groups = await client.Groups.ExecuteAsync();
return(groups.CurrentPage.Select(group => new AssignRole {
PrincipalId = group.ObjectId, PrincipalDisplayName = group.DisplayName, PrincipalType = group.ObjectType
}));
}
public async Task <IEnumerable <AssignRole> > Me()
{
_logger.LogInformation("Check Token from logged user.");
await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions);
_logger.LogInformation("Get Application Me.");
ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId);
var me = await client.Me.ExecuteAsync();
var obj = new AssignRole
{
PrincipalId = me.ObjectId,
PrincipalDisplayName = me.DisplayName,
PrincipalType = me.UserType
};
return(new[] { obj });
}
public async Task <IEnumerable <IAppRoleAssignment> > Get()
{
_logger.LogInformation("Check Token from logged user.");
await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions);
_logger.LogInformation("Get Assigned roles to me.");
try
{
ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId);
var roles = await client.Me.AppRoleAssignments.ExecuteAsync();
return(roles.CurrentPage);
}
catch (WebException ex)
{
_logger.LogError($"WebException:{ex}");
throw ex;
}
}
