public ViewResult RemoveAppRoleFromUser()
{
AddAppRoleToUserModel model = new AddAppRoleToUserModel();
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
var apps = azureClient.Applications.ExecuteAsync().Result;
var enumeratedApps = AzureADExtensions.EnumerateAllAsync(apps).Result;
foreach (var app in enumeratedApps)
{
model.TenantApplications.Add(new SelectListItem()
{
Text = app.DisplayName, Value = app.DisplayName
});
}
model.isOk = true;
}
catch (Exception ex)
{
model.message = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
return(View("RemoveAppRoleFromUser", model));
}
public async Task <ActionResult> RemoveAppRoleFromUser(AddAppRoleToUserModel model)
{
List <ResultsItem> items = new List <ResultsItem>();
if (ModelState.IsValid)
{
try
{
var azureClient = GraphAuthService.GetActiveDirectoryClient(ConfigHelper.UseApplicationPermissions);
string token = await GraphAuthService.GetTokenForApplication(ConfigHelper.UseApplicationPermissions);
Tuple <bool, string, string, string, string> tup = await usersService.RemoveApplicationRoleFromUser(azureClient, token,
ConfigHelper.AzureADGraphUrl, ConfigHelper.Tenant, model.AppName, model.UserEmailAddress, model.AppRoleName);
// Get group members.
var appRoleAssignmentsPaged = await azureClient.ServicePrincipals
.GetByObjectId(tup.Item5)
.AppRoleAssignedTo
.ExecuteAsync();
var appRoleAssignments = await AzureADExtensions.EnumerateAllAsync(appRoleAssignmentsPaged);
Guid approleid = Guid.Parse(tup.Item4);
var users = appRoleAssignments
.Where(a => a.Id == approleid && a.PrincipalType == "User")
.Select(a => new { Id = a.PrincipalId.ToString(), Name = a.PrincipalDisplayName })
.ToList();
if (users != null)
{
foreach (var s in users)
{
items.Add(new ResultsItem()
{
Id = s.Id, Display = s.Name
});
}
}
return(View("ListRoleMembers", new Tuple <bool, string, string, List <ResultsItem> >(tup.Item1, tup.Item2, model.AppRoleName, items)));
}
catch (Exception ex)
{
model.isOk = false;
model.message = ex.Message + (ex.InnerException != null ? Environment.NewLine + ex.InnerException.Message : "");
}
}
return(View("RemoveAppRoleFromUser", model));
}
