public async Task Post([FromBody] AssignRole value) { _logger.LogInformation("Check Token from logged user."); await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions); _logger.LogInformation("Try to add Admin role for me."); ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId); IAppRoleAssignment appRoleAssignment = new AppRoleAssignment() { CreationTimestamp = DateTime.Now, Id = Guid.Parse(value.RoleId), PrincipalDisplayName = value.PrincipalDisplayName, PrincipalId = Guid.Parse(value.PrincipalId), PrincipalType = value.PrincipalType, ResourceDisplayName = "GrathWebAPITest", ResourceId = Guid.Parse("bfa79360-7eac-4bc3-81f2-459ea1ff9f3f") }; if (value.PrincipalType == "Group") { await client.Groups.GetByObjectId(value.PrincipalId).AppRoleAssignments.AddAppRoleAssignmentAsync(appRoleAssignment); } else { await client.Users.GetByObjectId(value.PrincipalId).AppRoleAssignments.AddAppRoleAssignmentAsync(appRoleAssignment); } }
public async Task <IEnumerable <AssignRole> > Me() { _logger.LogInformation("Check Token from logged user."); await AuthenticationHelper.CheckToken(User.Identity as ClaimsIdentity, _azureAdOptions); _logger.LogInformation("Get Application Me."); ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient(_azureAdOptions.TenantId); var me = await client.Me.ExecuteAsync(); var obj = new AssignRole { PrincipalId = me.ObjectId, PrincipalDisplayName = me.DisplayName, PrincipalType = me.UserType }; return(new[] { obj }); }