// POST api/todolist
public void Post(TodoItem todo)
{
if (ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/scope").Value != "user_impersonation")
{
throw new HttpResponseException(new HttpResponseMessage { StatusCode = HttpStatusCode.Unauthorized, ReasonPhrase = "The Scope claim does not contain 'user_impersonation' or scope claim not found" });
}
if (null != todo && !string.IsNullOrWhiteSpace(todo.Title))
{
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ToDoList"].ConnectionString))
{
if (!conn.ConnectionString.ToUpper().Contains("USER ID"))
{
conn.AccessToken = Utils.AccessToken.GetAzureSqlAccessToken();
}
conn.Open();
using (SqlCommand cmd = new SqlCommand("INSERT INTO ToDoItems (Title, Owner) VALUES (@Title, @Owner)", conn))
{
cmd.CommandType = System.Data.CommandType.Text;
cmd.Parameters.AddWithValue("@Title", todo.Title);
cmd.Parameters.AddWithValue("@Owner", ClaimsPrincipal.Current.FindFirst(ClaimTypes.NameIdentifier).Value);
cmd.ExecuteNonQuery();
}
}
}
}
// POST api/todolist
public void Post(TodoItem todo)
{
if (ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/scope").Value != "user_impersonation")
{
throw new HttpResponseException(new HttpResponseMessage { StatusCode = HttpStatusCode.Unauthorized, ReasonPhrase = "The Scope claim does not contain 'user_impersonation' or scope claim not found" });
}
if (null != todo && !string.IsNullOrWhiteSpace(todo.Title))
{
todoBag.Add(new TodoItem { Title = todo.Title, Owner = ClaimsPrincipal.Current.FindFirst(ClaimTypes.NameIdentifier).Value });
}
}
// POST api/todolist
public async Task Post(TodoItem todo)
{
if (ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/scope").Value != "user_impersonation")
{
throw new HttpResponseException(new HttpResponseMessage { StatusCode = HttpStatusCode.Unauthorized, ReasonPhrase = "The Scope claim does not contain 'user_impersonation' or scope claim not found" });
}
//
// Call the Graph API On Behalf Of the user who called the To Do list web API.
//
string augmentedTitle = null;
UserProfile profile = new UserProfile();
profile = await CallGraphAPIOnBehalfOfUser();
if (profile != null)
{
augmentedTitle = String.Format("{0}, First Name: {1}, Last Name: {2}", todo.Title, profile.GivenName, profile.Surname);
}
else
{
augmentedTitle = todo.Title;
}
if (null != todo && !string.IsNullOrWhiteSpace(todo.Title))
{
todoBag.Add(new TodoItem { Title = augmentedTitle, Owner = ClaimsPrincipal.Current.FindFirst(ClaimTypes.NameIdentifier).Value });
}
}
// POST api/todolist
public void Post(TodoItem todo)
{
//
// If the caller is the trusted caller, then add the To Do item to owner's To Do list as specified in the posted item.
//
Claim currentCallerClientIdClaim = ClaimsPrincipal.Current.FindFirst("appid");
if (currentCallerClientIdClaim != null)
{
string currentCallerClientId = currentCallerClientIdClaim.Value;
if (currentCallerClientId == trustedCallerClientId)
{
todoBag.Add(new TodoItem { Title = todo.Title, Owner = todo.Owner });
return;
}
}
Claim scopeClaim = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/scope");
if (scopeClaim != null)
{
if (scopeClaim.Value != "user_impersonation")
{
throw new HttpResponseException(new HttpResponseMessage { StatusCode = HttpStatusCode.Unauthorized, ReasonPhrase = "The Scope claim does not contain 'user_impersonation' or scope claim not found" });
}
}
if (null != todo && !string.IsNullOrWhiteSpace(todo.Title))
{
todoBag.Add(new TodoItem { Title = todo.Title, Owner = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value });
}
}