private async Task <Microsoft.Graph.User> CreateGraphUser(Microsoft.Graph.User user)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
// Berechtigungen
// Benutzer erstellen (Anwendung) --> User.ReadWrite.All, Directory.ReadWrite.All
// https://docs.microsoft.com/de-de/graph/api/user-post-users?view=graph-rest-1.0&tabs=http
var authProvider = _graphFactory.CreateAuthProvider();
var client = new GraphServiceClient(authProvider);
return(await client.Users
.Request()
.AddAsync(user));
}
private async Task <Microsoft.Graph.User> UpdateGraphUser([NotNull] string upn, Microsoft.Graph.User user, UserAssertion withUserAssertion = null)
{
if (upn == null)
{
throw new ArgumentNullException(nameof(upn));
}
// Berechtigungen
// Benutzer abrufen (Anwendung) --> User.ReadWrite.All, User.ManageIdentities.All, Directory.ReadWrite.All
// https://docs.microsoft.com/de-de/graph/api/user-update?view=graph-rest-1.0&tabs=http
// Zum Updaten von PasswordProfile wird Mitgliedschaft in passender Rolle benötigt (z.B. Helpdeskadministrator)
var authProvider = withUserAssertion == null
? (IAuthenticationProvider)_graphFactory.CreateAuthProvider()
: _graphFactory.CreateOnBehalfOfProvider(new[] { "User.ReadWrite.All" });
var client = new GraphServiceClient(authProvider);
var request = client.Users[$"{upn}"].Request();
if (withUserAssertion != null)
{
request = request.WithUserAssertion(withUserAssertion);
}
return(await request.UpdateAsync(user));
}
