public async Task<IdentityResult> RegisterCustomerAsync(UserModel userModel, AppRole appRole = AppRole.customer)
{
var addToRoleResult = new IdentityResult();
// Add generate username to the model
IdentityUser user = new IdentityUser
{
UserName = userModel.UserName,
Email = userModel.EmailAddress,
EmailConfirmed = true,
PhoneNumber = userModel.PhoneNumber,
PhoneNumberConfirmed = true,
};
var result = await _userManager.CreateAsync(user, userModel.Password);
//Role-user combination is managed as Contact-Role combination in ContactRole table
//Create Role Admin if it does not exist
var _role = await _roleManager.FindByNameAsync(appRole.ToString());
if (_role == null)
{
_role = new IdentityRole(appRole.ToString());
var roleresult = await _roleManager.CreateAsync(_role);
}
var rolesForUser = await _userManager.GetRolesAsync(user.Id);
if (!rolesForUser.Contains(_role.Name))
{
addToRoleResult = await _userManager.AddToRoleAsync(user.Id, _role.Name);
}
return addToRoleResult;
}
public static bool IsInRole(this IPrincipal user, AppRole appRole)
{
var roles = appRole.ToString().Split(',').Select(x => x.Trim());
foreach (var role in roles)
{
if (user.IsInRole(role))
return true;
}
return false;
}
public async Task <bool> AddAsync(AppRoleViewModel roleVm)
{
var role = new AppRole()
{
//Id = Guid.NewGuid(),
Name = roleVm.Name,
Description = roleVm.Description
};
var result = await _roleManager.CreateAsync(role);
return(result.Succeeded);
}
public ActionResult Edit(string id)
{
AppRole role = RoleManager.FindById(id);
string[] memberIDs = role.Users.Select(x => x.UserId).ToArray();
IEnumerable <AppUser> members = UserManager.Users.Where(x => memberIDs.Any(y => y == x.Id));
IEnumerable <AppUser> nonMembers = UserManager.Users.Except(members);
return(View(new RoleEditModel {
Role = role, Members = members, NonMembers = nonMembers
}));
}
public async Task <ActionResult> Edit(int id)
{
AppRole role = await roleManager.FindByIdAsync(id);
if (role != null)
{
return(View(new EditRoleModel {
Id = role.Id, Name = role.Name, User = role.User
}));
}
return(RedirectToAction("Index", "Role"));
}
public async Task <bool> AddAsync(AppRoleViewModel roleViewModel)
{
var role = new AppRole()
{
Name = roleViewModel.Name,
Description = roleViewModel.Description,
CreatedDate = DateTime.Now
};
var result = await this._roleManager.CreateAsync(role);
return(result.Succeeded);
}
private static IList <AppRole> GetAppRoles()
{
IList <AppRole> appRoles = new List <AppRole>();
AppRole appRole = new AppRole();
appRole.Id = Guid.Parse("1579eed6-fcb5-4448-b8ec-e62cb4d46f59");
appRole.Description = "Service Center Manager";
appRole.DisplayName = "ServiceCenterManager";
appRole.Value = "ServiceCenterManager";
appRoles.Add(appRole);
return(appRoles);
}
public static void Initialize(StepIdentityContext context,
UserManager <AppUser> usermgr,
RoleManager <AppRole> rolemgr) //UserContext is EF context
{
context.Database.EnsureCreated(); //if db is not exist ,it will create database .but ,do nothing .
if (context.Users.Any() || context.Roles.Any())
{
return; // DB has been seeded
}
if (!rolemgr.RoleExistsAsync("AppModerator").Result)
{
var role2 = new AppRole {
Name = "AppModerator"
};
IdentityResult roleResult = rolemgr.CreateAsync(role2).Result;
}
if (!rolemgr.RoleExistsAsync("AppUser").Result)
{
var role2 = new AppRole {
Name = "AppUser"
};
IdentityResult roleResult = rolemgr.CreateAsync(role2).Result;
}
if (usermgr.FindByNameAsync("*****@*****.**").Result == null)
{
var user1 = new AppUser
{
FirstName = "Masha",
LastName = "Shtoda",
UserName = "******",
Birthday = new DateTime(2000, 12, 31),
Email = "*****@*****.**",
EmailConfirmed = true,
PhoneNumber = "0123456789",
PhoneNumberConfirmed = true
};
IdentityResult result = usermgr.CreateAsync(user1, "Qwerty123_").Result;
if (result.Succeeded)
{
usermgr.AddToRoleAsync(user1,
"AppModerator").Wait();
}
}
}
public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList();
if (ModelState.IsValid)
{
var user = new AppUser {
UserName = Input.Email, Email = Input.Email, PhotoURL = "default.jpg", FullName = $"{Input.FirstName} {Input.LastName}",
BirthDate = Input.BirthDate, Gender = Input.Gender
};
var result = await _userManager.CreateAsync(user, Input.Password);
if (result.Succeeded)
{
_logger.LogInformation("User created a new account with password.");
{
await _signInManager.SignInAsync(user, isPersistent : false);
//assigne role member for all new users
bool x = await _roleManager.RoleExistsAsync("Member");
if (!x)
{
// first we create Member rool
var role = new AppRole();
role.Name = "Member";
await _roleManager.CreateAsync(role);
}
await _userManager.AddToRoleAsync(user, "Member");
return(RedirectToAction("Index", "Home", Input));
// return LocalRedirect(returnUrl);
}
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
// If we got this far, something failed, redisplay form
return(Page());
}
public async Task <CommandResult <AppRoleViewModel> > ExecuteAync(AppRoleViewModel roleVm)
{
var userId = _httpContextAccessor.HttpContext.User.Identity.Name;
var userName = _userManager.FindByIdAsync(userId).Result.UserName;
try
{
if (await _checkUserIsAdminQuery.ExecuteAsync(userId) ||
await _getPermissionActionQuery.ExecuteAsync(userId, ConstantFunctions.ROLE, ActionSetting.CanCreate))
{
var role = new AppRole()
{
Name = roleVm.Name,
Description = roleVm.Description
};
var result = await _roleManager.CreateAsync(role);
await Logging <AddRoleAsyncCommand> .InformationAsync(ActionCommand.COMMAND_ADD, userName, JsonConvert.SerializeObject(role));
return(new CommandResult <AppRoleViewModel>
{
isValid = result.Succeeded,
myModel = new AppRoleViewModel
{
Description = role.Description,
Name = role.Name,
Id = role.Id
}
});
}
else
{
await Logging <AddRoleAsyncCommand> .WarningAsync(ActionCommand.COMMAND_ADD, userName, ErrorMessageConstant.ERROR_ADD_PERMISSION);
return(new CommandResult <AppRoleViewModel>
{
isValid = false,
errorMessage = ErrorMessageConstant.ERROR_ADD_PERMISSION
});
}
}
catch (System.Exception ex)
{
await Logging <AddRoleAsyncCommand> .ErrorAsync(ex, ActionCommand.COMMAND_ADD, userName, "Has error");
return(new CommandResult <AppRoleViewModel>
{
isValid = false,
errorMessage = ex.InnerException.ToString()
});
}
}
public async Task <IActionResult> CreateRole(string id)
{
if (id != null)
{
AppRole role = await _roleManager.FindByIdAsync(id);
return(View(new RoleViewModel
{
Name = role.Name
}));
}
return(View());
}
public async Task DeleteSecret_ThatExists_Success()
{
string roleName_A = _uniqueKeys.GetKey("RDel");
AppRole roleA = new AppRole(roleName_A);
Assert.True(await _appRoleAuthEngine.SaveRole(roleA), "A1: Saving the role failed.");
// Now create the a secret
AppRoleSecret secret_A = await _appRoleAuthEngine.GenerateSecretID(roleA.Name);
Assert.True(await _appRoleAuthEngine.DeleteSecretID(roleA.Name, secret_A.ID), "A2: Deleting the secret failed");
Assert.IsNull(await _appRoleAuthEngine.ReadSecretID(roleA.Name, secret_A.ID), "A3: Expected to not find the given secret. But instead was returned a secret. Delete did not work?");
}
public async Task <IActionResult> RoleUpdate(string RoleID)
{
AppRole role = await _roleManager.FindByIdAsync(RoleID);
if (role == null)
{
//SAYFAYI GÜNCELLE
return(RedirectToAction("Roles"));
}
//SUCCEED
return(View(role.Adapt <RoleModel>()));
}
private void CheckRoleData(AppUser user, AppRole role)
{
if (role.Name == RoleNames.Transporter && !user.ProjectId.HasValue)
{
throw new InvalidOperationException("TransporterId is required");
}
if (role.Name == RoleNames.Mechanic &&
(!user.ProjectId.HasValue || user.RouteIds == null || !user.RouteIds.Any()))
{
throw new InvalidOperationException("RouteIds is required");
}
}
public async Task <IActionResult> AddEditAppRole(Guid id)
{
AppRoleViewModel model = new AppRoleViewModel();
AppRole appRole = await roleManager.FindByIdAsync(id.ToString());
if (appRole != null)
{
model.Id = appRole.Id.ToString();
model.RoleName = appRole.Name;
model.Description = appRole.Description;
}
return(PartialView("_AddEditAppRole", model));
}
public static void DeleteRole()
{
try
{
AppRole appRole = new AppRole("Role2");
SecRoleManager.DeleteRole(appRole);
WriteLine($"{appRole.Name} was deleted.");
}
catch (Exception ex)
{
WriteLine(ex.Message);
}
}
public HttpResponseMessage Details(HttpRequestMessage request, string id)
{
if (string.IsNullOrEmpty(id))
{
return request.CreateErrorResponse(HttpStatusCode.BadRequest, nameof(id) + " không có giá trị.");
}
AppRole appRole = AppRoleManager.FindById(id);
if (appRole == null)
{
return request.CreateErrorResponse(HttpStatusCode.NoContent, "No group");
}
return request.CreateResponse(HttpStatusCode.OK, appRole);
}
public async Task <ActionResult> Edit([Bind(Include = "Id,Name,ClientId,AppId")] AppRole appRole)
{
if (ModelState.IsValid)
{
db.Entry(appRole).State = EntityState.Modified;
await db.SaveChangesAsync();
return(RedirectToAction("Index"));
}
ViewBag.AppId = new SelectList(db.Apps, "Id", "Database", appRole.AppId);
ViewBag.ClientId = new SelectList(db.Partners, "Id", "Name", appRole.ClientId);
return(View(appRole));
}
public async Task <ActionResult> Edit(string id)
{
AppRole role = await RoleManager.FindByIdAsync(id);
string[] memberIds = role.Users.Select(x => x.UserId).ToArray();
IEnumerable <AppUser> members = UserManager.Users.Where(x => memberIds.Any(m => x.Id == m));
IEnumerable <AppUser> nonMembers = UserManager.Users.Except(members);
return(View(new RoleEditModel {
Role = role, Members = members, NonMembers = nonMembers
}));
}
public async Task <AppRole> CreateAsync(AppRole role)
{
// находим пользователя
if (context.Roles.Any(x => x.Name == role.Name))
{
throw new Exception("Role '" + role.Name + "' is already taken");
}
context.Roles.Add(role);
await context.SaveChangesAsync();
return(role);
}
public async Task <ActionResult> Create(AppRole role)
{
var roleresult = await _roleManager.CreateAsync(role);
if (!roleresult.Succeeded)
{
foreach (var error in roleresult.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
return(RedirectToAction("Index"));
}
public async Task <IActionResult> OnPostCreateAsync(string rolename, string roledescription)
{
bool x = await _roleManager.RoleExistsAsync(rolename);
if (!x)
{
var role = new AppRole();
role.Name = rolename;
role.RoleDescription = roledescription;
await _roleManager.CreateAsync(role);
}
return(RedirectToPage("./Roles"));
}
public async Task <UserResponse> GetUserByNameAsync(string name)
{
var user = await userManager.FindByNameAsync(name);
var userResult = mapper.Map <AppUser, UserResponse>(user);
var roles = await userManager.GetRolesAsync(user);
string roleName = roles.FirstOrDefault();
AppRole role = await roleManager.FindByNameAsync(roleName);
userResult.Role = role.Description;
return(userResult);
}
private async Task <IdentityResult> AddRole(string roleName)
{
if (!await AppRoleManager.RoleExistsAsync(roleName))
{
AppRole role = new AppRole();
role.Name = "Admin";
return(await AppRoleManager.CreateAsync(role));
}
else
{
return(null);
}
}
public async Task <IdentityResult> DeleteRole(string id)
{
AppRole role = await context.RoleManager.FindByIdAsync(id);
IdentityResult deleteResult = null;
if (role != null)
{
deleteResult = await context.RoleManager.DeleteAsync(role);
}
return(deleteResult);
}
public static void UpdateApplicationRole(this AppRole appRole, ApplicationRoleViewModel appRoleViewModel, string action = "add")
{
if (action == "update")
{
appRole.Id = appRoleViewModel.Id;
}
else
{
appRole.Id = Guid.NewGuid().ToString();
}
appRole.Name = appRoleViewModel.Name;
appRole.Description = appRoleViewModel.Description;
}
private bool AddRole(string roleName)
{
if (!_roleManager.RoleExistsAsync(roleName).Result) //rolun veritabında olup olmadığını kontrol ediyor
{
AppRole role = new AppRole() //veritabında yoksa yeni role oluşturcaz
{
Name = roleName
};
IdentityResult result = _roleManager.CreateAsync(role).Result; //rolemanager create methoyla eklicez
return(result.Succeeded);
}
return(true); //role varsa zaten true dönecek
}
public RoleEditModel CreateRoleEditModel(AppRole role)
{
var roleModel = new RoleEditModel();
var userList = IdentityManager.Users.ToList();
var membersId = role.Users.Select(x => x.UserId);
roleModel.Role = role;
roleModel.Members = userList.Where(x => membersId.Contains(x.Id));
roleModel.NonMembers = userList.Except(roleModel.Members);
return(roleModel);
}
public ActionResult Users()
{
if (HttpContext.User.IsInRole("Administrators"))
{
return(View(UserManager.Users));
}
else
{
AppRole customerRole = RoleManager.FindByName("Customers");
string[] customerIds = customerRole.Users.Select(x => x.UserId).ToArray();
return(View(UserManager.Users.Where(user => customerIds.Any(id => id == user.Id)).ToList()));
}
}
public ActionResult Details(string roleName)
{
AppRole role = RoleManager.FindByName(roleName);
if (role == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
else
{
return(View(role));
}
}
public IViewComponentResult Invoke(AppRole appRole, string modalId)
{
ViewBag.ModalId = modalId;
if (appRole == null)
{
return(View(new AppRole()));
}
else
{
return(View(appRole));
}
}
public async Task <IActionResult> Add([FromBody] AppRole role)
{
role.Id = Guid.NewGuid().ToString();
role.CreatedDate = DateTime.UtcNow;
IdentityResult result = await roleManager.CreateAsync(role);
if (!result.Succeeded)
{
return(BadRequest(result.Errors));
}
return(Ok(role));
}
public async Task<ActionResult> Create(RoleViewModel roleViewModel)
{
if (ModelState.IsValid)
{
var role = new AppRole() {
Name = roleViewModel.Name
};
var roleresult = await RoleManager.CreateAsync(role);
if (!roleresult.Succeeded)
{
ModelState.AddModelError("", roleresult.Errors.First());
return View();
}
return RedirectToAction("Index");
}
return View();
}
public CommModule(AppRole Role)
{
appRole = Role;
}
public async Task<IHttpActionResult> Post(RoleViewModel m)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
var role = new AppRole()
{
CreateBy = User.Identity.GetUserId(),
CreateTime = DateTimeOffset.Now,
Deleted = false,
Id = Guid.NewGuid().ToString(),
Name = m.Name
};
if (!roleManager.RoleExists(m.Name))
roleManager.Create(role);
else
{
ModelState.AddModelError("Failure", "该角色已存在。");
return BadRequest(ModelState);
}
return Created<RoleViewModel>(new RoleViewModel() { Id = role.Id, Name = role.Name });
}
private static void Main()
{
// record start DateTime of execution
string currentDateTime = DateTime.Now.ToUniversalTime().ToString();
#region Setup Active Directory Client
//*********************************************************************
// setup Active Directory Client
//*********************************************************************
ActiveDirectoryClient activeDirectoryClient;
try
{
activeDirectoryClient = AuthenticationHelper.GetActiveDirectoryClientAsApplication();
}
catch (AuthenticationException ex)
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("Acquiring a token failed with the following error: {0}", ex.Message);
if (ex.InnerException != null)
{
//You should implement retry and back-off logic per the guidance given here:http://msdn.microsoft.com/en-us/library/dn168916.aspx
//InnerException Message will contain the HTTP error status codes mentioned in the link above
Console.WriteLine("Error detail: {0}", ex.InnerException.Message);
}
Console.ResetColor();
Console.ReadKey();
return;
}
#endregion
#region TenantDetails
//*********************************************************************
// Get Tenant Details
// Note: update the string TenantId with your TenantId.
// This can be retrieved from the login Federation Metadata end point:
// https://login.windows.net/GraphDir1.onmicrosoft.com/FederationMetadata/2007-06/FederationMetadata.xml
// Replace "GraphDir1.onMicrosoft.com" with any domain owned by your organization
// The returned value from the first xml node "EntityDescriptor", will have a STS URL
// containing your TenantId e.g. "https://sts.windows.net/4fd2b2f2-ea27-4fe5-a8f3-7b1a7c975f34/" is returned for GraphDir1.onMicrosoft.com
//*********************************************************************
VerifiedDomain initialDomain = new VerifiedDomain();
VerifiedDomain defaultDomain = new VerifiedDomain();
ITenantDetail tenant = null;
Console.WriteLine("\n Retrieving Tenant Details");
try
{
List<ITenantDetail> tenantsList = activeDirectoryClient.TenantDetails
.Where(tenantDetail => tenantDetail.ObjectId.Equals(Constants.TenantId))
.ExecuteAsync().Result.CurrentPage.ToList();
if (tenantsList.Count > 0)
{
tenant = tenantsList.First();
}
}
catch (Exception e)
{
Console.WriteLine("\nError getting TenantDetails {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
if (tenant == null)
{
Console.WriteLine("Tenant not found");
}
else
{
TenantDetail tenantDetail = (TenantDetail)tenant;
Console.WriteLine("Tenant Display Name: " + tenantDetail.DisplayName);
// Get the Tenant's Verified Domains
initialDomain = tenantDetail.VerifiedDomains.First(x => x.Initial.HasValue && x.Initial.Value);
Console.WriteLine("Initial Domain Name: " + initialDomain.Name);
defaultDomain = tenantDetail.VerifiedDomains.First(x => [email protected] && [email protected]);
Console.WriteLine("Default Domain Name: " + defaultDomain.Name);
// Get Tenant's Tech Contacts
foreach (string techContact in tenantDetail.TechnicalNotificationMails)
{
Console.WriteLine("Tenant Tech Contact: " + techContact);
}
}
#endregion
#region Create a new User
IUser newUser = new User();
if (defaultDomain.Name != null)
{
newUser.DisplayName = "Sample App Demo User (Manager)";
newUser.UserPrincipalName = Helper.GetRandomString(10) + "@" + defaultDomain.Name;
newUser.AccountEnabled = true;
newUser.MailNickname = "SampleAppDemoUserManager";
newUser.PasswordProfile = new PasswordProfile
{
Password = "******",
ForceChangePasswordNextLogin = true
};
newUser.UsageLocation = "US";
try
{
activeDirectoryClient.Users.AddUserAsync(newUser).Wait();
Console.WriteLine("\nNew User {0} was created", newUser.DisplayName);
}
catch (Exception e)
{
Console.WriteLine("\nError creating new user {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region List of max 4 Users by UPN
//*********************************************************************
// Demonstrate Getting a list of Users with paging (get 4 users), sorted by displayName
//*********************************************************************
int maxUsers = 4;
try
{
Console.WriteLine("\n Retrieving Users");
List<IUser> users = activeDirectoryClient.Users.OrderBy(user =>
user.UserPrincipalName).Take(maxUsers).ExecuteAsync().Result.CurrentPage.ToList();
foreach (IUser user in users)
{
Console.WriteLine("UserObjectId: {0} UPN: {1}", user.ObjectId, user.UserPrincipalName);
}
}
catch (Exception e)
{
Console.WriteLine("\nError getting Users. {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
#region Create a User with a temp Password
//*********************************************************************************************
// Create a new User with a temp Password
//*********************************************************************************************
IUser userToBeAdded = new User();
userToBeAdded.DisplayName = "Sample App Demo User";
userToBeAdded.UserPrincipalName = Helper.GetRandomString(10) + "@" + defaultDomain.Name;
userToBeAdded.AccountEnabled = true;
userToBeAdded.MailNickname = "SampleAppDemoUser";
userToBeAdded.PasswordProfile = new PasswordProfile
{
Password = "******",
ForceChangePasswordNextLogin = true
};
userToBeAdded.UsageLocation = "US";
try
{
activeDirectoryClient.Users.AddUserAsync(userToBeAdded).Wait();
Console.WriteLine("\nNew User {0} was created", userToBeAdded.DisplayName);
}
catch (Exception e)
{
Console.WriteLine("\nError creating new user. {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
#region Update newly created User
//*******************************************************************************************
// update the newly created user's Password, PasswordPolicies and City
//*********************************************************************************************
if (userToBeAdded.ObjectId != null)
{
// update User's city and reset their User's Password
userToBeAdded.City = "Seattle";
userToBeAdded.Country = "UK";
PasswordProfile PasswordProfile = new PasswordProfile
{
Password = "******",
ForceChangePasswordNextLogin = false
};
userToBeAdded.PasswordProfile = PasswordProfile;
userToBeAdded.PasswordPolicies = "DisablePasswordExpiration, DisableStrongPassword";
try
{
userToBeAdded.UpdateAsync().Wait();
Console.WriteLine("\nUser {0} was updated", userToBeAdded.DisplayName);
}
catch (Exception e)
{
Console.WriteLine("\nError Updating the user {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Search User by UPN
// search for a single user by UPN
string searchString = "admin@" + initialDomain.Name;
Console.WriteLine("\n Retrieving user with UPN {0}", searchString);
User retrievedUser = new User();
List<IUser> retrievedUsers = null;
try
{
retrievedUsers = activeDirectoryClient.Users
.Where(user => user.UserPrincipalName.Equals(searchString))
.ExecuteAsync().Result.CurrentPage.ToList();
}
catch (Exception e)
{
Console.WriteLine("\nError getting new user {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
// should only find one user with the specified UPN
if (retrievedUsers != null && retrievedUsers.Count == 1)
{
retrievedUser = (User)retrievedUsers.First();
}
else
{
Console.WriteLine("User not found {0}", searchString);
}
#endregion
#region User Operations
if (retrievedUser.UserPrincipalName != null)
{
Console.WriteLine("\n Found User: "******" UPN: " +
retrievedUser.UserPrincipalName);
#region Assign User a Manager
//Assigning User a new manager.
if (newUser.ObjectId != null)
{
Console.WriteLine("\n Assign User {0}, {1} as Manager.", retrievedUser.DisplayName,
newUser.DisplayName);
retrievedUser.Manager = newUser as DirectoryObject;
try
{
newUser.UpdateAsync().Wait();
Console.Write("User {0} is successfully assigned {1} as Manager.", retrievedUser.DisplayName,
newUser.DisplayName);
}
catch (Exception e)
{
Console.WriteLine("\nError assigning manager to user. {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Get User's Manager
//Get the retrieved user's manager.
Console.WriteLine("\n Retrieving User {0}'s Manager.", retrievedUser.DisplayName);
DirectoryObject usersManager = retrievedUser.Manager;
if (usersManager != null)
{
User manager = usersManager as User;
if (manager != null)
{
Console.WriteLine("User {0} Manager details: \nManager: {1} UPN: {2}",
retrievedUser.DisplayName, manager.DisplayName, manager.UserPrincipalName);
}
}
else
{
Console.WriteLine("Manager not found.");
}
#endregion
#region Get User's Direct Reports
//*********************************************************************
// get the user's Direct Reports
//*********************************************************************
if (newUser.ObjectId != null)
{
Console.WriteLine("\n Getting User{0}'s Direct Reports.", newUser.DisplayName);
IUserFetcher newUserFetcher = (IUserFetcher)newUser;
try
{
IPagedCollection<IDirectoryObject> directReports =
newUserFetcher.DirectReports.ExecuteAsync().Result;
do
{
List<IDirectoryObject> directoryObjects = directReports.CurrentPage.ToList();
foreach (IDirectoryObject directoryObject in directoryObjects)
{
if (directoryObject is User)
{
User directReport = directoryObject as User;
Console.WriteLine("User {0} Direct Report is {1}", newUser.UserPrincipalName,
directReport.UserPrincipalName);
}
}
directReports = directReports.GetNextPageAsync().Result;
} while (directReports != null);
}
catch (Exception e)
{
Console.WriteLine("\nError getting direct reports of user. {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Get list of Group IDS, user is member of
//*********************************************************************
// get a list of Group IDs that the user is a member of
//*********************************************************************
//const bool securityEnabledOnly = false;
//IEnumerable<string> memberGroups = retrievedUser.GetMemberGroupsAsync(securityEnabledOnly).Result;
//Console.WriteLine("\n {0} is a member of the following Groups (IDs)", retrievedUser.DisplayName);
//foreach (String memberGroup in memberGroups)
//{
// Console.WriteLine("Member of Group ID: " + memberGroup);
//}
#endregion
#region Get User's Group And Role Membership, Getting the complete set of objects
//*********************************************************************
// get the User's Group and Role membership, getting the complete set of objects
//*********************************************************************
Console.WriteLine("\n {0} is a member of the following Group and Roles (IDs)", retrievedUser.DisplayName);
IUserFetcher retrievedUserFetcher = retrievedUser;
try
{
IPagedCollection<IDirectoryObject> pagedCollection = retrievedUserFetcher.MemberOf.ExecuteAsync().Result;
do
{
List<IDirectoryObject> directoryObjects = pagedCollection.CurrentPage.ToList();
foreach (IDirectoryObject directoryObject in directoryObjects)
{
if (directoryObject is Group)
{
Group group = directoryObject as Group;
Console.WriteLine(" Group: {0} Description: {1}", group.DisplayName, group.Description);
}
if (directoryObject is DirectoryRole)
{
DirectoryRole role = directoryObject as DirectoryRole;
Console.WriteLine(" Role: {0} Description: {1}", role.DisplayName, role.Description);
}
}
pagedCollection = pagedCollection.GetNextPageAsync().Result;
} while (pagedCollection != null);
}
catch (Exception e)
{
Console.WriteLine("\nError getting user's groups and roles memberships. {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
}
#endregion
#region Search for User (People Picker)
//*********************************************************************
// People picker
// Search for a user using text string "Us" match against userPrincipalName, displayName, giveName, surname
//*********************************************************************
searchString = "Us";
Console.WriteLine("\nSearching for any user with string {0} in UPN,DisplayName,First or Last Name",
searchString);
List<IUser> usersList = null;
IPagedCollection<IUser> searchResults = null;
try
{
IUserCollection userCollection = activeDirectoryClient.Users;
searchResults = userCollection.Where(user =>
user.UserPrincipalName.StartsWith(searchString) ||
user.DisplayName.StartsWith(searchString) ||
user.GivenName.StartsWith(searchString) ||
user.Surname.StartsWith(searchString)).ExecuteAsync().Result;
usersList = searchResults.CurrentPage.ToList();
}
catch (Exception e)
{
Console.WriteLine("\nError getting User {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
if (usersList != null && usersList.Count > 0)
{
do
{
usersList = searchResults.CurrentPage.ToList();
foreach (IUser user in usersList)
{
Console.WriteLine("User DisplayName: {0} UPN: {1}",
user.DisplayName, user.UserPrincipalName);
}
searchResults = searchResults.GetNextPageAsync().Result;
} while (searchResults != null);
}
else
{
Console.WriteLine("User not found");
}
#endregion
#region Search for Group using StartWith filter
//*********************************************************************
// Search for a group using a startsWith filter (displayName property)
//*********************************************************************
Group retrievedGroup = new Group();
searchString = "My";
List<IGroup> foundGroups = null;
try
{
foundGroups = activeDirectoryClient.Groups
.Where(group => group.DisplayName.StartsWith(searchString))
.ExecuteAsync().Result.CurrentPage.ToList();
}
catch (Exception e)
{
Console.WriteLine("\nError getting Group {0} {1}",
e.Message, e.InnerException != null ? e.InnerException.Message : "");
}
if (foundGroups != null && foundGroups.Count > 0)
{
retrievedGroup = foundGroups.First() as Group;
}
else
{
Console.WriteLine("Group Not Found");
}
#endregion
#region Assign Member to Group
if (retrievedGroup.ObjectId != null)
{
try
{
retrievedGroup.Members.Add(newUser as DirectoryObject);
retrievedGroup.UpdateAsync().Wait();
}
catch (Exception e)
{
Console.WriteLine("\nError assigning member to group. {0} {1}",
e.Message, e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Get Group members
if (retrievedGroup.ObjectId != null)
{
Console.WriteLine("\n Found Group: " + retrievedGroup.DisplayName + " " + retrievedGroup.Description);
//*********************************************************************
// get the groups' membership -
// Note this method retrieves ALL links in one request - please use this method with care - this
// may return a very large number of objects
//*********************************************************************
IGroupFetcher retrievedGroupFetcher = retrievedGroup;
try
{
IPagedCollection<IDirectoryObject> members = retrievedGroupFetcher.Members.ExecuteAsync().Result;
Console.WriteLine(" Members:");
do
{
List<IDirectoryObject> directoryObjects = members.CurrentPage.ToList();
foreach (IDirectoryObject member in directoryObjects)
{
if (member is User)
{
User user = member as User;
Console.WriteLine("User DisplayName: {0} UPN: {1}",
user.DisplayName,
user.UserPrincipalName);
}
if (member is Group)
{
Group group = member as Group;
Console.WriteLine("Group DisplayName: {0}", group.DisplayName);
}
if (member is Contact)
{
Contact contact = member as Contact;
Console.WriteLine("Contact DisplayName: {0}", contact.DisplayName);
}
}
members = members.GetNextPageAsync().Result;
} while (members != null);
}
catch (Exception e)
{
Console.WriteLine("\nError getting groups' membership. {0} {1}",
e.Message, e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Add User to Group
//*********************************************************************************************
// Add User to the "WA" Group
//*********************************************************************************************
if (retrievedGroup.ObjectId != null)
{
try
{
retrievedGroup.Members.Add(userToBeAdded as DirectoryObject);
retrievedGroup.UpdateAsync().Wait();
}
catch (Exception e)
{
Console.WriteLine("\nAdding user to group failed {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Create a new Group
//*********************************************************************************************
// Create a new Group
//*********************************************************************************************
Group californiaEmployees = new Group
{
DisplayName = "California Employees" + Helper.GetRandomString(8),
Description = "Employees in the state of California",
MailNickname = "CalEmployees",
MailEnabled = false,
SecurityEnabled = true
};
try
{
activeDirectoryClient.Groups.AddGroupAsync(californiaEmployees).Wait();
Console.WriteLine("\nNew Group {0} was created", californiaEmployees.DisplayName);
}
catch (Exception e)
{
Console.WriteLine("\nError creating new Group {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
#region Delete User
//*********************************************************************************************
// Delete the user that we just created
//*********************************************************************************************
if (userToBeAdded.ObjectId != null)
{
try
{
userToBeAdded.DeleteAsync().Wait();
Console.WriteLine("\nUser {0} was deleted", userToBeAdded.DisplayName);
}
catch (Exception e)
{
Console.WriteLine("Deleting User failed {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
if (newUser.ObjectId != null)
{
try
{
newUser.DeleteAsync().Wait();
Console.WriteLine("\nUser {0} was deleted", newUser.DisplayName);
}
catch (Exception e)
{
Console.WriteLine("Deleting User failed {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Delete Group
//*********************************************************************************************
// Delete the Group that we just created
//*********************************************************************************************
if (californiaEmployees.ObjectId != null)
{
try
{
californiaEmployees.DeleteAsync().Wait();
Console.WriteLine("\nGroup {0} was deleted", californiaEmployees.DisplayName);
}
catch (Exception e)
{
Console.WriteLine("Deleting Group failed {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Get All Roles
//*********************************************************************
// Get All Roles
//*********************************************************************
List<IDirectoryRole> foundRoles = null;
try
{
foundRoles = activeDirectoryClient.DirectoryRoles.ExecuteAsync().Result.CurrentPage.ToList();
}
catch (Exception e)
{
Console.WriteLine("\nError getting Roles {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
if (foundRoles != null && foundRoles.Count > 0)
{
foreach (IDirectoryRole role in foundRoles)
{
Console.WriteLine("\n Found Role: {0} {1} {2} ",
role.DisplayName, role.Description, role.ObjectId);
}
}
else
{
Console.WriteLine("Role Not Found {0}", searchString);
}
#endregion
#region Get Service Principals
//*********************************************************************
// get the Service Principals
//*********************************************************************
IPagedCollection<IServicePrincipal> servicePrincipals = null;
try
{
servicePrincipals = activeDirectoryClient.ServicePrincipals.ExecuteAsync().Result;
}
catch (Exception e)
{
Console.WriteLine("\nError getting Service Principal {0} {1}",
e.Message, e.InnerException != null ? e.InnerException.Message : "");
}
if (servicePrincipals != null)
{
do
{
List<IServicePrincipal> servicePrincipalsList = servicePrincipals.CurrentPage.ToList();
foreach (IServicePrincipal servicePrincipal in servicePrincipalsList)
{
Console.WriteLine("Service Principal AppId: {0} Name: {1}", servicePrincipal.AppId,
servicePrincipal.DisplayName);
}
servicePrincipals = servicePrincipals.GetNextPageAsync().Result;
} while (servicePrincipals != null);
}
#endregion
#region Get Applications
//*********************************************************************
// get the Application objects
//*********************************************************************
IPagedCollection<IApplication> applications = null;
try
{
applications = activeDirectoryClient.Applications.Take(999).ExecuteAsync().Result;
}
catch (Exception e)
{
Console.WriteLine("\nError getting Applications {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
if (applications != null)
{
do
{
List<IApplication> appsList = applications.CurrentPage.ToList();
foreach (IApplication app in appsList)
{
Console.WriteLine("Application AppId: {0} Name: {1}", app.AppId, app.DisplayName);
}
applications = applications.GetNextPageAsync().Result;
} while (applications != null);
}
#endregion
#region User License Assignment
//*********************************************************************************************
// User License Assignment - assign EnterprisePack license to new user, and disable SharePoint service
// first get a list of Tenant's subscriptions and find the "Enterprisepack" one
// Enterprise Pack includes service Plans for ExchangeOnline, SharePointOnline and LyncOnline
// validate that Subscription is Enabled and there are enough units left to assign to users
//*********************************************************************************************
IPagedCollection<ISubscribedSku> skus = null;
try
{
skus = activeDirectoryClient.SubscribedSkus.ExecuteAsync().Result;
}
catch (Exception e)
{
Console.WriteLine("\nError getting Applications {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
if (skus != null)
{
do
{
List<ISubscribedSku> subscribedSkus = skus.CurrentPage.ToList();
foreach (ISubscribedSku sku in subscribedSkus)
{
if (sku.SkuPartNumber == "ENTERPRISEPACK")
{
if ((sku.PrepaidUnits.Enabled.Value > sku.ConsumedUnits) &&
(sku.CapabilityStatus == "Enabled"))
{
// create addLicense object and assign the Enterprise Sku GUID to the skuId
//
AssignedLicense addLicense = new AssignedLicense { SkuId = sku.SkuId.Value };
// find plan id of SharePoint Service Plan
foreach (ServicePlanInfo servicePlan in sku.ServicePlans)
{
if (servicePlan.ServicePlanName.Contains("SHAREPOINT"))
{
addLicense.DisabledPlans.Add(servicePlan.ServicePlanId.Value);
break;
}
}
IList<AssignedLicense> licensesToAdd = new[] { addLicense };
IList<Guid> licensesToRemove = new Guid[] { };
// attempt to assign the license object to the new user
try
{
if (newUser.ObjectId != null)
{
newUser.AssignLicenseAsync(licensesToAdd, licensesToRemove).Wait();
Console.WriteLine("\n User {0} was assigned license {1}",
newUser.DisplayName,
addLicense.SkuId);
}
}
catch (Exception e)
{
Console.WriteLine("\nLicense assingment failed {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
}
}
skus = skus.GetNextPageAsync().Result;
} while (skus != null);
}
#endregion
#region Switch to OAuth Authorization Code Grant (Acting as a user)
activeDirectoryClient = AuthenticationHelper.GetActiveDirectoryClientAsUser();
#endregion
#region Create Application
//*********************************************************************************************
// Create a new Application object with App Role Assignment (Direct permission)
//*********************************************************************************************
Application appObject = new Application { DisplayName = "Test-Demo App" + Helper.GetRandomString(8) };
appObject.IdentifierUris.Add("https://localhost/demo/" + Guid.NewGuid());
appObject.ReplyUrls.Add("https://localhost/demo");
AppRole appRole = new AppRole();
appRole.Id = Guid.NewGuid();
appRole.IsEnabled = true;
appRole.AllowedMemberTypes.Add("User");
appRole.DisplayName = "Something";
appRole.Description = "Anything";
appRole.Value = "policy.write";
appObject.AppRoles.Add(appRole);
// created Keycredential object for the new App object
KeyCredential keyCredential = new KeyCredential
{
StartDate = DateTime.UtcNow,
EndDate = DateTime.UtcNow.AddYears(1),
Type = "Symmetric",
Value = Convert.FromBase64String("g/TMLuxgzurjQ0Sal9wFEzpaX/sI0vBP3IBUE/H/NS4="),
Usage = "Verify"
};
appObject.KeyCredentials.Add(keyCredential);
try
{
activeDirectoryClient.Applications.AddApplicationAsync(appObject).Wait();
Console.WriteLine("New Application created: " + appObject.ObjectId);
}
catch (Exception e)
{
Console.WriteLine("Application Creation execption: {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
#region Create Service Principal
//*********************************************************************************************
// create a new Service principal
//*********************************************************************************************
ServicePrincipal newServicePrincpal = new ServicePrincipal();
if (appObject != null)
{
newServicePrincpal.DisplayName = appObject.DisplayName;
newServicePrincpal.AccountEnabled = true;
newServicePrincpal.AppId = appObject.AppId;
try
{
activeDirectoryClient.ServicePrincipals.AddServicePrincipalAsync(newServicePrincpal).Wait();
Console.WriteLine("New Service Principal created: " + newServicePrincpal.ObjectId);
}
catch (Exception e)
{
Console.WriteLine("Service Principal Creation execption: {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Create an Extension Property
ExtensionProperty linkedInUserId = new ExtensionProperty
{
Name = "linkedInUserId",
DataType = "String",
TargetObjects = { "User" }
};
try
{
appObject.ExtensionProperties.Add(linkedInUserId);
appObject.UpdateAsync().Wait();
Console.WriteLine("\nUser object extended successfully.");
}
catch (Exception e)
{
Console.WriteLine("\nError extending the user object {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
#region Manipulate an Extension Property
try
{
if (retrievedUser != null && retrievedUser.ObjectId != null)
{
retrievedUser.SetExtendedProperty(linkedInUserId.Name, "ExtensionPropertyValue");
retrievedUser.UpdateAsync().Wait();
Console.WriteLine("\nUser {0}'s extended property set successully.", retrievedUser.DisplayName);
}
}
catch (Exception e)
{
Console.WriteLine("\nError Updating the user object {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
#region Get an Extension Property
try
{
if (retrievedUser != null && retrievedUser.ObjectId != null)
{
IReadOnlyDictionary<string, object> extendedProperties = retrievedUser.GetExtendedProperties();
object extendedProperty = extendedProperties[linkedInUserId.Name];
Console.WriteLine("\n Retrieved User {0}'s extended property value is: {1}.", retrievedUser.DisplayName,
extendedProperty);
}
}
catch (Exception e)
{
Console.WriteLine("\nError Updating the user object {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
#region Assign Direct Permission
try
{
User user =
(User)activeDirectoryClient.Users.ExecuteAsync().Result.CurrentPage.ToList().FirstOrDefault();
if (appObject.ObjectId != null && user != null && newServicePrincpal.ObjectId != null)
{
AppRoleAssignment appRoleAssignment = new AppRoleAssignment();
appRoleAssignment.Id = appRole.Id;
appRoleAssignment.ResourceId = Guid.Parse(newServicePrincpal.ObjectId);
appRoleAssignment.PrincipalType = "User";
appRoleAssignment.PrincipalId = Guid.Parse(user.ObjectId);
user.AppRoleAssignments.Add(appRoleAssignment);
user.UpdateAsync().Wait();
Console.WriteLine("User {0} is successfully assigned direct permission.", retrievedUser.DisplayName);
}
}
catch (Exception e)
{
Console.WriteLine("Direct Permission Assignment failed: {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
#region Get Devices
//*********************************************************************************************
// Get a list of Mobile Devices from tenant
//*********************************************************************************************
Console.WriteLine("\nGetting Devices");
IPagedCollection<IDevice> devices = null;
try
{
devices = activeDirectoryClient.Devices.ExecuteAsync().Result;
}
catch (Exception e)
{
Console.WriteLine("/nError getting devices {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
if (devices != null)
{
do
{
List<IDevice> devicesList = devices.CurrentPage.ToList();
foreach (IDevice device in devicesList)
{
if (device.ObjectId != null)
{
Console.WriteLine("Device ID: {0}, Type: {1}", device.DeviceId, device.DeviceOSType);
IPagedCollection<IDirectoryObject> registeredOwners = device.RegisteredOwners;
if (registeredOwners != null)
{
do
{
List<IDirectoryObject> registeredOwnersList = registeredOwners.CurrentPage.ToList();
foreach (IDirectoryObject owner in registeredOwnersList)
{
Console.WriteLine("Device Owner ID: " + owner.ObjectId);
}
registeredOwners = registeredOwners.GetNextPageAsync().Result;
} while (registeredOwners != null);
}
}
}
devices = devices.GetNextPageAsync().Result;
} while (devices != null);
}
#endregion
#region Create New Permission
//*********************************************************************************************
// Create new permission object
//*********************************************************************************************
OAuth2PermissionGrant permissionObject = new OAuth2PermissionGrant();
permissionObject.ConsentType = "AllPrincipals";
permissionObject.Scope = "user_impersonation";
permissionObject.StartTime = DateTime.Now;
permissionObject.ExpiryTime = (DateTime.Now).AddMonths(12);
// resourceId is objectId of the resource, in this case objectId of AzureAd (Graph API)
permissionObject.ResourceId = "52620afb-80de-4096-a826-95f4ad481686";
//ClientId = objectId of servicePrincipal
permissionObject.ClientId = newServicePrincpal.ObjectId;
try
{
activeDirectoryClient.Oauth2PermissionGrants.AddOAuth2PermissionGrantAsync(permissionObject).Wait();
Console.WriteLine("New Permission object created: " + permissionObject.ObjectId);
}
catch (Exception e)
{
Console.WriteLine("Permission Creation exception: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
#region Get All Permissions
//*********************************************************************************************
// get all Permission Objects
//*********************************************************************************************
Console.WriteLine("\n Getting Permissions");
IPagedCollection<IOAuth2PermissionGrant> permissions = null;
try
{
permissions = activeDirectoryClient.Oauth2PermissionGrants.ExecuteAsync().Result;
}
catch (Exception e)
{
Console.WriteLine("Error: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : "");
}
if (permissions != null)
{
do
{
List<IOAuth2PermissionGrant> perms = permissions.CurrentPage.ToList();
foreach (IOAuth2PermissionGrant perm in perms)
{
Console.WriteLine("Permission: {0} Name: {1}", perm.ClientId, perm.Scope);
}
permissions = permissions.GetNextPageAsync().Result;
} while (permissions != null);
}
#endregion
#region Delete Application
//*********************************************************************************************
// Delete Application Objects
//*********************************************************************************************
if (appObject.ObjectId != null)
{
try
{
appObject.DeleteAsync().Wait();
Console.WriteLine("Deleted Application object: " + appObject.ObjectId);
}
catch (Exception e)
{
Console.WriteLine("Application Deletion execption: {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
}
#endregion
#region Batch Operations
//*********************************************************************************************
// Show Batching with 3 operators. Note: up to 5 operations can be in a batch
//*********************************************************************************************
IReadOnlyQueryableSet<User> userQuery = activeDirectoryClient.DirectoryObjects.OfType<User>();
IReadOnlyQueryableSet<Group> groupsQuery = activeDirectoryClient.DirectoryObjects.OfType<Group>();
IReadOnlyQueryableSet<DirectoryRole> rolesQuery =
activeDirectoryClient.DirectoryObjects.OfType<DirectoryRole>();
try
{
IBatchElementResult[] batchResult =
activeDirectoryClient.Context.ExecuteBatchAsync(userQuery, groupsQuery, rolesQuery).Result;
int responseCount = 1;
foreach (IBatchElementResult result in batchResult)
{
if (result.FailureResult != null)
{
Console.WriteLine("Failed: {0} ",
result.FailureResult.InnerException);
}
if (result.SuccessResult != null)
{
Console.WriteLine("Batch Item Result {0} succeeded",
responseCount++);
}
}
}
catch (Exception e)
{
Console.WriteLine("Batch execution failed. : {0} {1}", e.Message,
e.InnerException != null ? e.InnerException.Message : "");
}
#endregion
//*********************************************************************************************
// End of Demo Console App
//*********************************************************************************************
Console.WriteLine("\nCompleted at {0} \n Press Any Key to Exit.", currentDateTime);
Console.ReadKey();
}
