public async Task <ActionResult> Index(UserProfileModel userProfile) { string id_token = GenerateJWTClientToken(userProfile); string redirect_uri = this.Request.Query["redirect_uri"]; string state = this.Request.Query["state"]; string rid = this.Request.Query["rid"]; IdentityEntity identityEntity = await GetIdentityEntity(rid); // Check the request if (!isValidRequest(identityEntity, redirect_uri)) { return(View("Error")); } // Update the account AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret); // Create the user using Graph API await azureADGraphClient.UpdateAccount(identityEntity.userId, userProfile.City); // Wait until user is updated //await Task.Delay(2500); // Delete the entity await DeleteIdentityEntity(identityEntity); string redirectUri = $"{redirect_uri}?id_token={id_token}&state={state}"; return(Redirect(redirectUri)); }
protected Resource(Tenant tenant) { _graph = new AzureADGraphClient( tenant.Id, tenant.ClientId.ToString(), tenant.ClientSecret, tenant.GraphApiVersion); }
public AuditLog(AppSettingsModel appSettings) { AppSettings = appSettings; this.AzureADGraphClient = new AzureADGraphClient( appSettings.Tenant, appSettings.ClientId, appSettings.ClientSecret, appSettings.GraphApiBetaVersion); }
public GetUsers(AppSettingsModel appSettings) { AppSettings = appSettings; this.AzureADGraphClient = new AzureADGraphClient( appSettings.Tenant, appSettings.ClientId, appSettings.ClientSecret, appSettings.GraphApiVersion); }
public async Task <ActionResult> SignUp() { string input = null; // If not data came in, then return if (this.Request.Body == null) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict))); } // Read the input claims from the request body using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8)) { input = await reader.ReadToEndAsync(); } // Check input content value if (string.IsNullOrEmpty(input)) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict))); } // Convert the input string into InputClaimsModel object InputClaimsModel inputClaims = InputClaimsModel.Parse(input); if (inputClaims == null) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict))); } if (string.IsNullOrEmpty(inputClaims.signInName)) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("User 'signInName' is null or empty", HttpStatusCode.Conflict))); } if (string.IsNullOrEmpty(inputClaims.password)) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Password is null or empty", HttpStatusCode.Conflict))); } try { AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret); GraphAccountModel account = await azureADGraphClient.SearcUserBySignInNames(inputClaims.signInName); // Return an error if user already exists if (account != null) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel($"A user with the specified ID already exists. Please choose a different one. (REST API)", HttpStatusCode.Conflict))); } // If user is not exist, return the password back to B2C OutputClaimsModel outputClaims = new OutputClaimsModel() { password = inputClaims.password }; return(Ok(outputClaims)); } catch (Exception ex) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel($"General error (REST API): {ex.Message}", HttpStatusCode.Conflict))); } }
public async Task <ActionResult> IsMemberOf() { string input = null; // If not data came in, then return if (this.Request.Body == null) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is null", HttpStatusCode.Conflict))); } // Read the input claims from the request body using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8)) { input = await reader.ReadToEndAsync(); } // Check input content value if (string.IsNullOrEmpty(input)) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Request content is empty", HttpStatusCode.Conflict))); } // Convert the input string into InputClaimsModel object InputClaimsModel inputClaims = InputClaimsModel.Parse(input); if (inputClaims == null) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not deserialize input claims", HttpStatusCode.Conflict))); } if (string.IsNullOrEmpty(inputClaims.objectId)) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("User 'objectId' is null or empty", HttpStatusCode.Conflict))); } try { AzureADGraphClient azureADGraphClient = new AzureADGraphClient(this.AppSettings.Tenant, this.AppSettings.ClientId, this.AppSettings.ClientSecret); // Demo: Get user's groups GraphGroupsModel groups = await azureADGraphClient.GetUserGroup(inputClaims.objectId); // Demo: Add the groups to string collections List <string> groupsList = new List <string>(); foreach (var item in groups.value) { groupsList.Add(item.displayName); } // Demo: Set the output claims OutputClaimsModel output = new OutputClaimsModel() { groups = groupsList }; // Demo: Check if user needs to be a member of a security group if (!string.IsNullOrEmpty(inputClaims.onlyMembersOf)) { List <string> onlyMembersOf = inputClaims.onlyMembersOf.ToLower().Split(',').ToList <string>(); bool isMemberOf = false; foreach (var item in output.groups) { if (onlyMembersOf.Contains(item.ToLower())) { isMemberOf = true; break; } } // Demo: Throw error if user is not member of one of the security groups if (isMemberOf == false) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("You are not authorized to sign-in to this application.", HttpStatusCode.Conflict))); } } // Demo: Return the groups collection return(Ok(output)); } catch (Exception ex) { if (ex.Message.Contains("Request_ResourceNotFound")) { return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not read user groups, user not found", HttpStatusCode.Conflict))); } return(StatusCode((int)HttpStatusCode.Conflict, new B2CResponseModel("Can not read user groups", HttpStatusCode.Conflict))); } }