private static GroupMemberships ExpandVSTSGroup(GraphHttpClient graphClient, GraphGroup group) { groupCache.TryGetValue(group, out GroupMemberships groupMemberships); if (groupMemberships != null) { return(groupMemberships); } groupMemberships = new GroupMemberships(); // Convert all memberships into GraphSubjectLookupKeys List <GraphSubjectLookupKey> lookupKeys = new List <GraphSubjectLookupKey>(); List <GraphMembership> memberships = graphClient.ListMembershipsAsync(group.Descriptor, GraphTraversalDirection.Down).Result; foreach (var membership in memberships) { lookupKeys.Add(new GraphSubjectLookupKey(membership.MemberDescriptor)); } IReadOnlyDictionary <SubjectDescriptor, GraphSubject> subjectLookups = graphClient.LookupSubjectsAsync(new GraphSubjectLookup(lookupKeys)).Result; foreach (GraphSubject subject in subjectLookups.Values) { if (subject.OriginId.Equals(group.OriginId)) { break; //Father paradox } switch (subject.Descriptor.SubjectType) { //member is an AAD user case "aad": groupMemberships.AddUser((GraphUser)subject); break; //member is an MSA user case "asd2": groupMemberships.AddUser((GraphUser)subject); break; //member is a nested AAD group case "aadgp": groupMemberships.AddAADGroup((GraphGroup)subject); break; //member is a nested VSTS group case "vssgp": GroupMemberships subGroupMemberships = ExpandVSTSGroup(graphClient, (GraphGroup)subject); groupMemberships.Add(subGroupMemberships); break; default: throw new Exception("Unknown SubjectType: " + subject.Descriptor.SubjectType); } } groupCache.Add(group, groupMemberships); return(groupMemberships); }
private static Tuple <List <GraphUser>, List <GraphGroup> > ExpandVstsGroup(GraphHttpClient graphClient, GraphGroup group) { //List of user principle names List <GraphUser> users = new List <GraphUser>(); //List of Graph subjects for AAD groups List <GraphGroup> aadGroups = new List <GraphGroup>(); List <GraphMembership> memberships = graphClient.GetMembershipsAsync(group.Descriptor, Microsoft.VisualStudio.Services.Graph.GraphTraversalDirection.Down).Result; while (memberships.Count != 0) { List <GraphSubjectLookupKey> lookupKeys = new List <GraphSubjectLookupKey>(); foreach (var membership in memberships) { lookupKeys.Add(new GraphSubjectLookupKey(membership.MemberDescriptor)); } memberships.Clear(); IReadOnlyDictionary <SubjectDescriptor, GraphSubject> memberDict = graphClient.LookupSubjectsAsync(new GraphSubjectLookup(lookupKeys)).Result; foreach (GraphSubject member in memberDict.Values) { switch (member.Descriptor.SubjectType) { //member is an AAD user case Constants.SubjectType.AadUser: users.Add((GraphUser)member); break; //member is an MSA user case Constants.SubjectType.MsaUser: users.Add((GraphUser)member); break; //member is a nested AAD group case Constants.SubjectType.AadGroup: aadGroups.Add((GraphGroup)member); break; //member is a nested VSTS group case Constants.SubjectType.VstsGroup: memberships.AddRange(graphClient.GetMembershipsAsync(member.Descriptor, Microsoft.VisualStudio.Services.Graph.GraphTraversalDirection.Down).Result); break; default: throw new Exception("shouldn't be here"); } } } return(new Tuple <List <GraphUser>, List <GraphGroup> >(users, aadGroups)); }
public void LookupSubject() { // Get the client VssConnection connection = Context.Connection; GraphHttpClient graphClient = connection.GetClient <GraphHttpClient>(); // // Part 1: add the AAD user // ClientSampleHttpLogger.SetOperationName(this.Context, "MaterializeAADUserByOIDWithStorageKey"); GraphUserCreationContext addAADUserContext = new GraphUserOriginIdCreationContext { OriginId = "e97b0e7f-0a61-41ad-860c-748ec5fcb20b", StorageKey = Guid.NewGuid() }; GraphUser newUser = graphClient.CreateUserAsync(addAADUserContext).Result; string userDescriptor = newUser.Descriptor; Context.Log("New user added! ID: {0}", userDescriptor); // // Part 2: add the AAD group // ClientSampleHttpLogger.SetOperationName(this.Context, "MaterializeAADGroupByOIDWithStorageKey"); GraphGroupCreationContext addAADGroupContext = new GraphGroupOriginIdCreationContext { OriginId = "f0d20172-7b96-42f6-9436-941433654b48", StorageKey = Guid.NewGuid() }; GraphGroup newGroup = graphClient.CreateGroupAsync(addAADGroupContext).Result; string groupDescriptor = newGroup.Descriptor; Context.Log("New group created! ID: {0}", groupDescriptor); // // Part 3: lookup subjects // GraphSubjectLookup subjectLookup = new GraphSubjectLookup(new[] { new GraphSubjectLookupKey(newGroup.Descriptor), new GraphSubjectLookupKey(newUser.Descriptor) }); ClientSampleHttpLogger.SetOperationName(this.Context, "LookupSubjects"); IReadOnlyDictionary <SubjectDescriptor, GraphSubject> lookups = graphClient.LookupSubjectsAsync(subjectLookup).Result; }
private static GroupMemberships ExpandVSTSGroup(GraphHttpClient graphClient, GraphGroup group) { GroupMemberships groupMemberships = new GroupMemberships(); // Convert all memberships into GraphSubjectLookupKeys List <GraphSubjectLookupKey> lookupKeys = new List <GraphSubjectLookupKey>(); List <GraphMembership> memberships = graphClient.GetMembershipsAsync(group.Descriptor, Microsoft.VisualStudio.Services.Graph.GraphTraversalDirection.Down).Result; foreach (var membership in memberships) { lookupKeys.Add(new GraphSubjectLookupKey(membership.MemberDescriptor)); } IReadOnlyDictionary <SubjectDescriptor, GraphSubject> subjectLookups = graphClient.LookupSubjectsAsync(new GraphSubjectLookup(lookupKeys)).Result; foreach (GraphSubject subject in subjectLookups.Values) { switch (subject.Descriptor.SubjectType) { //member is an AAD user case Constants.SubjectType.AadUser: groupMemberships.AddUser((GraphUser)subject); break; //member is an MSA user case Constants.SubjectType.MsaUser: groupMemberships.AddUser((GraphUser)subject); break; //member is a nested AAD group case Constants.SubjectType.AadGroup: groupMemberships.AddAADGroup((GraphGroup)subject); break; //member is a nested VSTS group case Constants.SubjectType.VstsGroup: GroupMemberships subGroupMemberships = ExpandVSTSGroup(graphClient, (GraphGroup)subject); groupMemberships.Add(subGroupMemberships); break; default: throw new Exception("Unknown SubjectType: " + subject.Descriptor.SubjectType); } } return(groupMemberships); }