private async Task ApiCall(string url)
{
try
{
IConfidentialClientApplication confidentialClientApplication =
ConfidentialClientApplicationBuilder
.Create(Configuration["AzureAd:ClientId"])
.WithTenantId(Configuration["AzureAd:TenantId"])
.WithClientSecret(Configuration["AzureAd:ClientSecret"])
.Build();
string[] scopes = new string[] { "https://graph.microsoft.com/.default" };
AuthenticationResult result = null;
result = await confidentialClientApplication.AcquireTokenForClient(scopes)
.ExecuteAsync();
var httpClient = new HttpClient();
var apiCaller = new ProtectedApiCallHelper(httpClient);
var res = await apiCaller
.CallWebApiAndProcessResultASync(
url,
result.AccessToken
);
ProcessGraphUsers(res);
if (res.Properties().FirstOrDefault(p => p.Name == "@odata.nextLink") != null)
{
await ApiCall(res.Properties().First(p => p.Name == "@odata.nextLink").Value.ToString());
}
}
catch (Exception ex)
{
Telemetry.TrackException(ex);
ToastService.ShowWarning("Fout bij het ophalen van de gebruikers.");
}
}
//Get events of specific user with Graph api
public static async void getEvents(HttpClient httpClient, string accessToken, Action <JObject> Display)
{
var apiCaller = new ProtectedApiCallHelper(httpClient);
await apiCaller.CallWebApiAndProcessResultASync($"https://graph.microsoft.com/v1.0/users/[email protected]/events", accessToken, Display);
httpClient.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("bearer", accessToken);
}
/// <summary>
/// Retrieves and populates permissions descriptions from a Service Principal.
/// </summary>
/// <param name="config">The application configuration settings.</param>
/// <param name="result">The JSON response of the permissions and their descriptions retrieved from the Service Prinicpal.</param>
/// <param name="version">The version of the API from which to fetch the scopes descriptions from the Service Principal.</param>
private static void PopulateScopesDescriptions(PermissionsAppConfig config,
AuthenticationResult result,
string version)
{
string webApiUrl = $"{config.ApiUrl}{version}/serviceprincipals?$filter=appId eq '{config.ServicePrincipalId}'";
var spJson = ProtectedApiCallHelper
.CallWebApiAsync(webApiUrl, result.AccessToken)
.GetAwaiter().GetResult();
if (string.IsNullOrEmpty(spJson))
{
throw new ArgumentNullException(nameof(spJson), $"The call to fetch the Service Principal returned empty data. URL: {webApiUrl} ");
}
var spJsonResponse = PermissionsFormatHelper.FormatServicePrincipalResponse(spJson, config);
// Retrieve the top level scope dictionary
var spValue = JsonConvert.DeserializeObject <JObject>(spJsonResponse).Value <JArray>(config.TopLevelDictionaryName);
if (spValue == null)
{
throw new ArgumentNullException(nameof(config.TopLevelDictionaryName), $"Attempt to retrieve the top-level dictionary returned empty data." +
$"Name: {config.TopLevelDictionaryName}");
}
/* Fetch permissions defined in the second level dictionary(ies),
* e.g. appRoles, oauth2PermissionScopes --> 2nd level dictionary keys
*/
foreach (string scopeName in config.ScopesNames)
{
// Retrieve all scopes descriptions for a given 2nd level dictionary retrieved from the Service Principal
var scopeDescriptions = spValue.First.Value <JArray>(scopeName)?.ToObject <List <Dictionary <string, object> > >();
if (scopeDescriptions == null)
{
continue;
}
// Add a key to the reference dictionary (if not present)
if (!_scopesDescriptions.ContainsKey(scopeName))
{
_scopesDescriptions.Add(scopeName, new List <Dictionary <string, object> >());
}
/* Add each of the scope description from SP to the current key in the
* reference dictionary
*/
foreach (var scopeDesc in scopeDescriptions)
{
/* Add only unique scopes (there might be duplicated scopes in both v1.0 and beta)
* Uniqueness identified by id of the scope description
*/
bool newScope = _uniqueScopes.Add(scopeDesc["id"].ToString());
if (newScope)
{
_scopesDescriptions[scopeName].Add(scopeDesc);
}
}
}
}
public async Task <ActionResult <JObject> > Get(string groupid)
{
if (string.IsNullOrEmpty(groupid))
{
return(new JObject {
"You must include a group id"
});
}
AuthenticationConfig config = AuthenticationConfig.ReadFromJsonFile("appsettings.json");
IConfidentialClientApplication app;
app = ConfidentialClientApplicationBuilder.Create(config.ClientId)
.WithClientSecret(config.ClientSecret)
.WithAuthority(new Uri(config.Authority))
.Build();
// With client credentials flows the scopes is ALWAYS of the shape "resource/.default", as the
// application permissions need to be set statically (in the portal or by PowerShell), and then granted by
// a tenant administrator
string[] scopes = new string[] { "https://graph.microsoft.com/.default" };
JObject returnValue = new JObject();
AuthenticationResult result = null;
try
{
result = await app.AcquireTokenForClient(scopes)
.ExecuteAsync();
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("Token acquired");
Console.ResetColor();
}
catch (MsalServiceException ex) when(ex.Message.Contains("AADSTS70011"))
{
// Invalid scope. The scope has to be of the form "https://resourceurl/.default"
// Mitigation: change the scope to be as expected
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("Scope provided is not supported");
Console.ResetColor();
}
if (result != null)
{
var httpClient = new HttpClient();
var apiCaller = new ProtectedApiCallHelper(httpClient);
// await apiCaller.CallWebApiAndProcessResultASync($"https://graph.microsoft.com/v1.0/groups/{groupid}", result.AccessToken, Display);
returnValue = await apiCaller.CallWebApiASync($"https://graph.microsoft.com/v1.0/groups/{groupid}", result.AccessToken);
}
return(returnValue);
}
/// <summary>
/// 获得上传url
/// </summary>
/// <param name="path"></param>
/// <param name="siteName"></param>
/// <returns></returns>
public async Task <string> GetUploadUrl(string path, string siteName = "onedrive")
{
var drive = siteName != "onedrive" ? _graph.Sites[GetSiteId(siteName)].Drive : _graph.Me.Drive;
var requestUrl = drive.Root.ItemWithPath(path).CreateUploadSession().Request().RequestUrl;
var apiCallHelper = new ProtectedApiCallHelper(new HttpClient());
var uploadUrl = "";
await apiCallHelper.CallWebApiAndProcessResultASync(requestUrl, _accountService.GetToken(), o =>
{
uploadUrl = o["uploadUrl"].ToString();
}, ProtectedApiCallHelper.Method.Post);
return(uploadUrl);
}
public async Task <ActionResult> TodoList()
{
ViewBag.Message = "Todo List";
string certificateFile = Server.MapPath($"~/{ConfigurationManager.AppSettings["CertificateFileName"]}");
var cert = new X509Certificate2(certificateFile, ConfigurationManager.AppSettings["CertificatePassword"]);
var handler = new HttpClientHandler();
handler.ClientCertificates.Add(cert);
var httpClient = new HttpClient(handler);
//httpClient.BaseAddress = new Uri(ConfigurationManager.AppSettings["TodoListBaseAddress"].ToString());
var apiCaller = new ProtectedApiCallHelper(httpClient);
// ApiResponse result = await apiCaller.CallWebApiAndProcessResultASync("/api/todolist");
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
| SecurityProtocolType.Tls11
| SecurityProtocolType.Tls12
| SecurityProtocolType.Ssl3;
ServicePointManager.ServerCertificateValidationCallback = delegate { return(true); };
var request = new HttpRequestMessage()
{
RequestUri = new Uri($"{ConfigurationManager.AppSettings["TodoListBaseAddress"].ToString()}/api/todolist"),
Method = HttpMethod.Get,
};
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
request.Headers.Add("Ocp-Apim-Trace", "true");
request.Headers.Add("Ocp-Apim-Subscription-Key", "25e68b24928848cab405d251dfd176e2");
List <Todo> data = null;
APIResponse result = await apiCaller.CallWebApiAndProcessResultASync(request);
if (result.Result as List <JObject> != null)
{
data = new List <Todo>();
foreach (var item in result.Result as List <JObject> )
{
Todo todoItem = item.ToObject <Todo>();
data.Add(todoItem);
}
}
if (!string.IsNullOrEmpty(result.ErrorMessage))
{
ViewBag.ErrorMessage = $"Error Code: {result.ErrorCode}, ErrorMessage:{result.ErrorMessage}";
}
return(View(data));
}
public async Task <ActionResult> ValidateCert()
{
string certificateFile = Server.MapPath($"~/{ConfigurationManager.AppSettings["KCCCertificateFileName"]}");
var cert = new X509Certificate2(certificateFile, ConfigurationManager.AppSettings["KCCCertificatePassword"]);
var handler = new HttpClientHandler();
handler.ClientCertificates.Add(cert);
var httpClient = new HttpClient(handler);
//httpClient.BaseAddress = new Uri(ConfigurationManager.AppSettings["TodoListBaseAddress"].ToString());
var apiCaller = new ProtectedApiCallHelper(httpClient);
// ApiResponse result = await apiCaller.CallWebApiAndProcessResultASync("/api/todolist");
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
| SecurityProtocolType.Tls11
| SecurityProtocolType.Tls12
| SecurityProtocolType.Ssl3;
ServicePointManager.ServerCertificateValidationCallback = delegate { return(true); };
var request = new HttpRequestMessage()
{
RequestUri = new Uri($"{ConfigurationManager.AppSettings["ApiGatewayBaseAddress"]}/ShippingRates/ByName/LTLWeightCutoff"),
Method = HttpMethod.Get,
};
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
request.Headers.Add("Ocp-Apim-Trace", "true");
request.Headers.Add("Ocp-Apim-Subscription-Key", ConfigurationManager.AppSettings["ApiGatewaySubsKey"]);
APIResponse result = await apiCaller.CallWebApiAndProcessResultASync(request);
ShippingRate rate = null;
if (result.Result != null)
{
ViewBag.Result = result.Result.ToString();
rate = result.Result as ShippingRate;
}
if (!string.IsNullOrEmpty(result.ErrorMessage))
{
ViewBag.ErrorMessage = $"Error Code: {result.ErrorCode}, ErrorMessage:{result.ErrorMessage}";
}
return(View(rate));
}
/// <summary>
/// 添加 SharePoint Site-ID 到数据库
/// </summary>
/// <param name="siteName"></param>
/// <param name="dominName"></param>
/// <returns></returns>
public async Task AddSiteId(string siteName, string nickName)
{
Site site = new Site();
//使用 Onedrive
if (siteName == "onedrive")
{
site.Name = siteName;
site.NickName = nickName;
}
else
{
using (HttpClient httpClient = new HttpClient())
{
httpClient.Timeout = TimeSpan.FromSeconds(20);
var apiCaller = new ProtectedApiCallHelper(httpClient);
await apiCaller.CallWebApiAndProcessResultASync($"{Configuration.GraphApi}/v1.0/sites/{Configuration.DominName}:/sites/{siteName}", GetToken(), (result) =>
{
site.SiteId = result.Properties().Single((prop) => prop.Name == "id").Value.ToString();
site.Name = result.Properties().Single((prop) => prop.Name == "name").Value.ToString();
site.NickName = nickName;
});
}
}
if (!SiteContext.Sites.Any(s => s.SiteId == site.SiteId))
{
//若是首次添加则设置为默认的驱动器
using (SettingService setting = new SettingService(new SettingContext()))
{
if (SiteContext.Sites.Count() == 0)
{
await setting.Set("DefaultDrive", site.Name);
}
}
await SiteContext.Sites.AddAsync(site);
await SiteContext.SaveChangesAsync();
}
else
{
throw new Exception("站点已被创建");
}
}
public async Task <AlertsResponse> GetAlerts()
{
var result = await AuthenticationService.AcquireAzureTokenForClient(_app, _appConfigService.Config.AlertsConfig.Scopes);
if (result != null)
{
var httpClient = new HttpClient();
var apiCaller = new ProtectedApiCallHelper(httpClient);
var url = _appConfigService.Config.AlertsConfig.GetFullUrl(_appConfigService.Config.AzureConfig.SubscriptionId);
var jsonResponse = await apiCaller.CallWebApiAndProcessResultASync(url, result.AccessToken);
if (jsonResponse != null)
{
var alerts = JsonConvert.DeserializeObject <AlertsResponse>(jsonResponse);
return(alerts);
}
}
return(null);
}
public async Task <IActionResult> Submit([FromBody] FieldData body)
{
AuthenticationConfig config = AuthenticationConfig.ReadFromJsonFile("appsettings.json");
// You can run this sample using ClientSecret or Certificate. The code will differ only when instantiating the IConfidentialClientApplication
bool isUsingClientSecret = AppUsesClientSecret(config);
// Even if this is a console application here, a daemon application is a confidential client application
IConfidentialClientApplication app;
if (isUsingClientSecret)
{
app = ConfidentialClientApplicationBuilder.Create(config.ClientId)
.WithClientSecret(config.ClientSecret)
.WithAuthority(new Uri(config.Authority))
.Build();
}
else
{
X509Certificate2 certificate = ReadCertificate(config.CertificateName);
app = ConfidentialClientApplicationBuilder.Create(config.ClientId)
.WithCertificate(certificate)
.WithAuthority(new Uri(config.Authority))
.Build();
}
// With client credentials flows the scopes is ALWAYS of the shape "resource/.default", as the
// application permissions need to be set statically (in the portal or by PowerShell), and then granted by
// a tenant administrator.
string[] scopes = new string[] { $"{config.ApiUrl}.default" };
AuthenticationResult result = null;
try
{
result = await app.AcquireTokenForClient(scopes)
.ExecuteAsync();
}
catch (MsalServiceException ex) when(ex.Message.Contains("AADSTS70011"))
{
// Invalid scope. The scope has to be of the form "https://resourceurl/.default"
// Mitigation: change the scope to be as expected
return(BadRequest("Scope not supported"));
}
if (result != null)
{
var SOBListLocation = $"{config.CpscSharepoint},c0cefe40-beeb-41a9-b4f5-9960bcfa010b,fbb78c64-1220-42fe-a319-94c493a9a105/lists/6f53c37b-d6ba-46c3-91a9-2e942a984af9/items";
var webapiUrl = $"{config.ApiUrl}v1.0/sites/{SOBListLocation}";
var httpRequestMessage = new HttpRequestMessage(HttpMethod.Post, webapiUrl);
httpRequestMessage.Content = new StringContent(JsonSerializer.Serialize(body), Encoding.UTF8, "application/json");
var httpClient = new HttpClient();
var apiCaller = new ProtectedApiCallHelper(httpClient);
var res = await apiCaller.CallWebApiAndProcessResultASync(httpRequestMessage, result.AccessToken);
return(Ok(res));
// await apiCaller.AddToSiteList("siteid", "listId", "payload", Display);//
}
else
{
return(Ok("result is null"));
}
}
public MyInformation(IPublicClientApplication app, HttpClient client, string microsoftGraphBaseEndpoint)
{
tokenAcquisitionHelper = new PublicAppUsingDeviceCodeFlow(app);
protectedApiCallHelper = new ProtectedApiCallHelper(client);
MicrosoftGraphBaseEndpoint = microsoftGraphBaseEndpoint;
}
