private static GroupMemberships ExpandVSTSGroup(GraphHttpClient graphClient, GraphGroup group)
{
groupCache.TryGetValue(group, out GroupMemberships groupMemberships);
if (groupMemberships != null)
{
return(groupMemberships);
}
groupMemberships = new GroupMemberships();
// Convert all memberships into GraphSubjectLookupKeys
List <GraphSubjectLookupKey> lookupKeys = new List <GraphSubjectLookupKey>();
List <GraphMembership> memberships = graphClient.ListMembershipsAsync(group.Descriptor, GraphTraversalDirection.Down).Result;
foreach (var membership in memberships)
{
lookupKeys.Add(new GraphSubjectLookupKey(membership.MemberDescriptor));
}
IReadOnlyDictionary <SubjectDescriptor, GraphSubject> subjectLookups = graphClient.LookupSubjectsAsync(new GraphSubjectLookup(lookupKeys)).Result;
foreach (GraphSubject subject in subjectLookups.Values)
{
if (subject.OriginId.Equals(group.OriginId))
{
break; //Father paradox
}
switch (subject.Descriptor.SubjectType)
{
//member is an AAD user
case "aad":
groupMemberships.AddUser((GraphUser)subject);
break;
//member is an MSA user
case "asd2":
groupMemberships.AddUser((GraphUser)subject);
break;
//member is a nested AAD group
case "aadgp":
groupMemberships.AddAADGroup((GraphGroup)subject);
break;
//member is a nested VSTS group
case "vssgp":
GroupMemberships subGroupMemberships = ExpandVSTSGroup(graphClient, (GraphGroup)subject);
groupMemberships.Add(subGroupMemberships);
break;
default:
throw new Exception("Unknown SubjectType: " + subject.Descriptor.SubjectType);
}
}
groupCache.Add(group, groupMemberships);
return(groupMemberships);
}
private static Tuple <List <GraphUser>, List <GraphGroup> > ExpandVstsGroup(GraphHttpClient graphClient, GraphGroup group)
{
//List of user principle names
List <GraphUser> users = new List <GraphUser>();
//List of Graph subjects for AAD groups
List <GraphGroup> aadGroups = new List <GraphGroup>();
List <GraphMembership> memberships = graphClient.GetMembershipsAsync(group.Descriptor, Microsoft.VisualStudio.Services.Graph.GraphTraversalDirection.Down).Result;
while (memberships.Count != 0)
{
List <GraphSubjectLookupKey> lookupKeys = new List <GraphSubjectLookupKey>();
foreach (var membership in memberships)
{
lookupKeys.Add(new GraphSubjectLookupKey(membership.MemberDescriptor));
}
memberships.Clear();
IReadOnlyDictionary <SubjectDescriptor, GraphSubject> memberDict = graphClient.LookupSubjectsAsync(new GraphSubjectLookup(lookupKeys)).Result;
foreach (GraphSubject member in memberDict.Values)
{
switch (member.Descriptor.SubjectType)
{
//member is an AAD user
case Constants.SubjectType.AadUser:
users.Add((GraphUser)member);
break;
//member is an MSA user
case Constants.SubjectType.MsaUser:
users.Add((GraphUser)member);
break;
//member is a nested AAD group
case Constants.SubjectType.AadGroup:
aadGroups.Add((GraphGroup)member);
break;
//member is a nested VSTS group
case Constants.SubjectType.VstsGroup:
memberships.AddRange(graphClient.GetMembershipsAsync(member.Descriptor, Microsoft.VisualStudio.Services.Graph.GraphTraversalDirection.Down).Result);
break;
default:
throw new Exception("shouldn't be here");
}
}
}
return(new Tuple <List <GraphUser>, List <GraphGroup> >(users, aadGroups));
}
public void LookupSubject()
{
// Get the client
VssConnection connection = Context.Connection;
GraphHttpClient graphClient = connection.GetClient <GraphHttpClient>();
//
// Part 1: add the AAD user
//
ClientSampleHttpLogger.SetOperationName(this.Context, "MaterializeAADUserByOIDWithStorageKey");
GraphUserCreationContext addAADUserContext = new GraphUserOriginIdCreationContext
{
OriginId = "e97b0e7f-0a61-41ad-860c-748ec5fcb20b",
StorageKey = Guid.NewGuid()
};
GraphUser newUser = graphClient.CreateUserAsync(addAADUserContext).Result;
string userDescriptor = newUser.Descriptor;
Context.Log("New user added! ID: {0}", userDescriptor);
//
// Part 2: add the AAD group
//
ClientSampleHttpLogger.SetOperationName(this.Context, "MaterializeAADGroupByOIDWithStorageKey");
GraphGroupCreationContext addAADGroupContext = new GraphGroupOriginIdCreationContext
{
OriginId = "f0d20172-7b96-42f6-9436-941433654b48",
StorageKey = Guid.NewGuid()
};
GraphGroup newGroup = graphClient.CreateGroupAsync(addAADGroupContext).Result;
string groupDescriptor = newGroup.Descriptor;
Context.Log("New group created! ID: {0}", groupDescriptor);
//
// Part 3: lookup subjects
//
GraphSubjectLookup subjectLookup = new GraphSubjectLookup(new[] {
new GraphSubjectLookupKey(newGroup.Descriptor),
new GraphSubjectLookupKey(newUser.Descriptor)
});
ClientSampleHttpLogger.SetOperationName(this.Context, "LookupSubjects");
IReadOnlyDictionary <SubjectDescriptor, GraphSubject> lookups = graphClient.LookupSubjectsAsync(subjectLookup).Result;
}
private static GroupMemberships ExpandVSTSGroup(GraphHttpClient graphClient, GraphGroup group)
{
GroupMemberships groupMemberships = new GroupMemberships();
// Convert all memberships into GraphSubjectLookupKeys
List <GraphSubjectLookupKey> lookupKeys = new List <GraphSubjectLookupKey>();
List <GraphMembership> memberships = graphClient.GetMembershipsAsync(group.Descriptor, Microsoft.VisualStudio.Services.Graph.GraphTraversalDirection.Down).Result;
foreach (var membership in memberships)
{
lookupKeys.Add(new GraphSubjectLookupKey(membership.MemberDescriptor));
}
IReadOnlyDictionary <SubjectDescriptor, GraphSubject> subjectLookups = graphClient.LookupSubjectsAsync(new GraphSubjectLookup(lookupKeys)).Result;
foreach (GraphSubject subject in subjectLookups.Values)
{
switch (subject.Descriptor.SubjectType)
{
//member is an AAD user
case Constants.SubjectType.AadUser:
groupMemberships.AddUser((GraphUser)subject);
break;
//member is an MSA user
case Constants.SubjectType.MsaUser:
groupMemberships.AddUser((GraphUser)subject);
break;
//member is a nested AAD group
case Constants.SubjectType.AadGroup:
groupMemberships.AddAADGroup((GraphGroup)subject);
break;
//member is a nested VSTS group
case Constants.SubjectType.VstsGroup:
GroupMemberships subGroupMemberships = ExpandVSTSGroup(graphClient, (GraphGroup)subject);
groupMemberships.Add(subGroupMemberships);
break;
default:
throw new Exception("Unknown SubjectType: " + subject.Descriptor.SubjectType);
}
}
return(groupMemberships);
}