public async Task <ActionResult> Index(UserProfileModel userProfile)
{
string id_token = GenerateJWTClientToken(userProfile);
string redirect_uri = this.Request.Query["redirect_uri"];
string state = this.Request.Query["state"];
string rid = this.Request.Query["rid"];
IdentityEntity identityEntity = await GetIdentityEntity(rid);
// Check the request
if (!isValidRequest(identityEntity, redirect_uri))
{
return(View("Error"));
}
// Update the account
AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret);
// Create the user using Graph API
await azureADGraphClient.UpdateAccount(identityEntity.userId, userProfile.City);
// Wait until user is updated
//await Task.Delay(2500);
// Delete the entity
await DeleteIdentityEntity(identityEntity);
string redirectUri = $"{redirect_uri}?id_token={id_token}&state={state}";
return(Redirect(redirectUri));
}
protected Resource(Tenant tenant)
{
_graph = new AzureADGraphClient(
tenant.Id,
tenant.ClientId.ToString(),
tenant.ClientSecret,
tenant.GraphApiVersion);
}
public AuditLog(AppSettingsModel appSettings)
{
AppSettings = appSettings;
this.AzureADGraphClient = new AzureADGraphClient(
appSettings.Tenant,
appSettings.ClientId,
appSettings.ClientSecret,
appSettings.GraphApiBetaVersion);
}
public GetUsers(AppSettingsModel appSettings)
{
AppSettings = appSettings;
this.AzureADGraphClient = new AzureADGraphClient(
appSettings.Tenant,
appSettings.ClientId,
appSettings.ClientSecret,
appSettings.GraphApiVersion);
}
public async Task <ActionResult> SignUp()
{
string input = null;
// If not data came in, then return
if (this.Request.Body == null)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict)));
}
// Read the input claims from the request body
using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
{
input = await reader.ReadToEndAsync();
}
// Check input content value
if (string.IsNullOrEmpty(input))
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict)));
}
// Convert the input string into InputClaimsModel object
InputClaimsModel inputClaims = InputClaimsModel.Parse(input);
if (inputClaims == null)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict)));
}
if (string.IsNullOrEmpty(inputClaims.signInName))
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("User 'signInName' is null or empty", HttpStatusCode.Conflict)));
}
if (string.IsNullOrEmpty(inputClaims.password))
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Password is null or empty", HttpStatusCode.Conflict)));
}
try
{
AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret);
GraphAccountModel account = await azureADGraphClient.SearcUserBySignInNames(inputClaims.signInName);
// Return an error if user already exists
if (account != null)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel($"A user with the specified ID already exists. Please choose a different one. (REST API)", HttpStatusCode.Conflict)));
}
// If user is not exist, return the password back to B2C
OutputClaimsModel outputClaims = new OutputClaimsModel()
{
password = inputClaims.password
};
return(Ok(outputClaims));
}
catch (Exception ex)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel($"General error (REST API): {ex.Message}", HttpStatusCode.Conflict)));
}
}
public async Task <ActionResult> IsMemberOf()
{
string input = null;
// If not data came in, then return
if (this.Request.Body == null)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict)));
}
// Read the input claims from the request body
using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
{
input = await reader.ReadToEndAsync();
}
// Check input content value
if (string.IsNullOrEmpty(input))
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict)));
}
// Convert the input string into InputClaimsModel object
InputClaimsModel inputClaims = InputClaimsModel.Parse(input);
if (inputClaims == null)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict)));
}
if (string.IsNullOrEmpty(inputClaims.objectId))
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("User 'objectId' is null or empty", HttpStatusCode.Conflict)));
}
try
{
AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret);
// Demo: Get user's groups
GraphGroupsModel groups = await azureADGraphClient.GetUserGroup(inputClaims.objectId);
// Demo: Add the groups to string collections
List <string> groupsList = new List <string>();
foreach (var item in groups.value)
{
groupsList.Add(item.displayName);
}
// Demo: Set the output claims
OutputClaimsModel output = new OutputClaimsModel()
{
groups = groupsList
};
// Demo: Check if user needs to be a member of a security group
if (!string.IsNullOrEmpty(inputClaims.onlyMembersOf))
{
List <string> onlyMembersOf = inputClaims.onlyMembersOf.ToLower().Split(',').ToList <string>();
bool isMemberOf = false;
foreach (var item in output.groups)
{
if (onlyMembersOf.Contains(item.ToLower()))
{
isMemberOf = true;
break;
}
}
// Demo: Throw error if user is not member of one of the security groups
if (isMemberOf == false)
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("You are not authorized to sign-in to this application.", HttpStatusCode.Conflict)));
}
}
// Demo: Return the groups collection
return(Ok(output));
}
catch (Exception ex)
{
if (ex.Message.Contains("Request_ResourceNotFound"))
{
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not read user groups, user not found", HttpStatusCode.Conflict)));
}
return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not read user groups", HttpStatusCode.Conflict)));
}
}
