public async Task Start()
{
ConfigureConnection();
fileCache = new FileCache();
await LoadCachedContexts().ConfigureAwait(false);
}
public async Task <bool> Initialize()
{
// todo re-add service principal path
var authString = "https://login.microsoftonline.com/" + _tenantId;
//var authenticationContext = new AuthenticationContext(authString, false);
//var clientCred = new ClientCredential(_clientId);
bool success = false;
try
{
var cache = new FileCache();
var cached = cache.ReadItems().ToList();
if (cached.Count() > 0)
{
foreach (var c in cached)
{
var ac = new AuthenticationContext("https://login.microsoftonline.com/" + c.TenantId, cache);
var ar = await ac.AcquireTokenAsync(_armBaseUrl, _powershellApplicationId, _powershellReturnUrl, new PlatformParameters(PromptBehavior.Auto));
}
}
//var authenticationResult = await authenticationContext.AcquireTokenAsync(_armBaseUrl, clientCred).ConfigureAwait(false);
_client = new HttpClient
{
BaseAddress = new Uri(_armBaseUrl)
};
{
// http://www.cloudidentity.com/blog/2014/08/26/the-common-endpoint-walks-like-a-tenant-talks-like-a-tenant-but-is-not-a-tenant/
// https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-devhowto-multi-tenant-overview
// https://dev.office.com/blogs/microsoft-graph-or-azure-ad-graph
var commonCtx = new AuthenticationContext("https://login.microsoftonline.com/common", cache);
var commonAuth = await commonCtx.AcquireTokenAsync(_armBaseUrl, _powershellApplicationId, _powershellReturnUrl, new PlatformParameters(PromptBehavior.Auto));
var ui = commonAuth.UserInfo;
commonCtx = new AuthenticationContext(commonAuth.Authority, cache);
var x = await commonCtx.AcquireTokenAsync(_armBaseUrl, _powershellApplicationId, _powershellReturnUrl, new PlatformParameters(PromptBehavior.Never));
_client.DefaultRequestHeaders.Clear();
_client.DefaultRequestHeaders.Add("Authorization", $"Bearer {x.AccessToken}");
var response = await _client.GetAsync("/tenants?api-version=2016-06-01").ConfigureAwait(false);
var body = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
var json = body.Substring(9);
json = json.Substring(0, json.Length - 1);
var data = JsonConvert.DeserializeObject <IEnumerable <TenantIdentifier> >(json);
foreach (var d in data)
{
var orgQuery = $"https://graph.microsoft.com/v1.0/{d.TenantId}/organization/";
var ac = new AuthenticationContext($"https://login.microsoftonline.com/{d.TenantId}", cache);
var ar = await ac.AcquireTokenAsync("https://graph.microsoft.com", _powershellApplicationId, _powershellReturnUrl, new PlatformParameters(PromptBehavior.Never));
var oclient = new HttpClient();
oclient.DefaultRequestHeaders.Clear();
oclient.DefaultRequestHeaders.Add("Authorization", $"Bearer {ar.AccessToken}");
var oresponse = await oclient.GetAsync(orgQuery).ConfigureAwait(false);
var obody = await oresponse.Content.ReadAsStringAsync().ConfigureAwait(false);
}
success = true;
}
}
catch (AdalServiceException exn)
when(exn.Message.Contains("AADSTS70002") || // Error validating credentials.
exn.Message.Contains("AADSTS50012") || // Invalid client secret is provided.
exn.Message.Contains("User canceled authentication")) // cancelled
{
}
return(success);
}
