-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMsGraphService.cs
More file actions
172 lines (151 loc) · 7.5 KB
/
MsGraphService.cs
File metadata and controls
172 lines (151 loc) · 7.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
// <copyright file="MsGraphService.cs" company="Moonrise Software, LLC">
// Copyright (c) Moonrise Software, LLC. All rights reserved.
// Licensed under the GNU Public License, Version 3.0 (https://www.gnu.org/licenses/gpl-3.0.html)
// See https://github.com/MoonriseSoftwareCalifornia/CosmosCMS
// for more information concerning the license and the contributors participating to this project.
// </copyright>
namespace Cosmos.MicrosoftGraph
{
using Azure.Identity;
using Microsoft.Extensions.Configuration;
using Microsoft.Graph.Beta;
using Microsoft.Graph.Beta.Models;
/// <summary>
/// This class is used to interact with the Microsoft Graph API. It is used to get the user's profile, the user's app roles, the user's member groups, and the user's groups.
/// </summary>
// SEE: https://damienbod.com/2021/09/06/using-azure-security-groups-in-asp-net-core-with-an-azure-b2c-identity-provider/
public class MsGraphService : IMsGraphService
{
private static readonly string[] Scopes = { "https://graph.microsoft.com/.default" };
private readonly GraphServiceClient graphServiceClient;
/// <summary>
/// Initializes a new instance of the <see cref="MsGraphService"/> class.
/// </summary>
/// <param name="graphServiceClient">Graph service client.</param>
public MsGraphService(GraphServiceClient graphServiceClient)
{
this.graphServiceClient = graphServiceClient;
}
/// <summary>
/// Initializes a new instance of the <see cref="MsGraphService"/> class.
/// </summary>
/// <param name="configuration">App configuration.</param>
public MsGraphService(IConfiguration configuration)
{
var entraIdOAuth = configuration.GetSection("MicrosoftOAuth").Get<OAuth>();
var tenantId = entraIdOAuth?.TenantId ?? configuration.GetValue<string>("AzureAd:TenantId");
var clientId = entraIdOAuth?.ClientId ?? configuration.GetValue<string>("AzureAd:ClientId");
var clientSecret = entraIdOAuth?.ClientSecret ?? configuration.GetValue<string>("AzureAd:ClientSecret");
var options = new TokenCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
};
// https://docs.microsoft.com/dotnet/api/azure.identity.clientsecretcredential
var clientSecretCredential = new ClientSecretCredential(
tenantId, clientId, clientSecret, options);
this.graphServiceClient = new GraphServiceClient(clientSecretCredential, Scopes);
}
/// <summary>
/// Initializes a new instance of the <see cref="MsGraphService"/> class.
/// </summary>
/// <param name="clientId">Client ID.</param>
/// <param name="clientSecret">Client Secret.</param>
/// <param name="tenantId">Tenant ID.</param>
public MsGraphService(string clientId, string clientSecret, string tenantId)
{
var options = new TokenCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
};
// https://docs.microsoft.com/dotnet/api/azure.identity.clientsecretcredential
var clientSecretCredential = new ClientSecretCredential(
tenantId, clientId, clientSecret, options);
this.graphServiceClient = new GraphServiceClient(clientSecretCredential, Scopes);
}
/// <summary>
/// Getst the user's object from the Microsoft Graph API.
/// </summary>
/// <param name="userId">User ID.</param>
/// <returns>A <see cref="Task{TResult}"/> representing the result of the asynchronous operation.</returns>
public async Task<User?> GetGraphApiUser(string userId)
{
return await this.graphServiceClient.Users[userId]
.GetAsync(c => c.QueryParameters.Select = new[] { "Identities", "displayName" });
}
/// <summary>
/// Gets the user's object from the Microsoft Graph API by email address.
/// </summary>
/// <param name="emailAddress">Email address to search.</param>
/// <returns>List<User>.</returns>
public async Task<List<User>?> GetGraphUserByEmailAddress(string emailAddress)
{
var response = await this.graphServiceClient.Users
.GetAsync(a => a.QueryParameters.Filter = $"mail eq '{emailAddress}'");
return response?.Value;
}
/// <summary>
/// Gets the users from the Microsoft Graph API.
/// </summary>
/// <returns>A <see cref="Task{TResult}"/> representing the result of the asynchronous operation.</returns>
public async Task<List<User>> GetUsersAsync()
{
var users = new List<User>();
var userCollectionResponse = await this.graphServiceClient.Users.GetAsync(c => c.QueryParameters.Select = new[] { "Identities", "displayName" });
if (userCollectionResponse != null && userCollectionResponse.Value != null)
{
users.AddRange(userCollectionResponse.Value);
}
return users;
}
/// <summary>
/// Gets the user's app roles from the Microsoft Graph API.
/// </summary>
/// <param name="userId">User ID.</param>
/// <returns>User role assignments.</returns>
public async Task<AppRoleAssignmentCollectionResponse?> GetGraphApiUserAppRoles(string userId)
{
return await this.graphServiceClient.Users[userId]
.AppRoleAssignments
.GetAsync();
}
/// <summary>
/// Gets the user's member groups from the Microsoft Graph API.
/// </summary>
/// <param name="userId">User ID.</param>
/// <returns>A <see cref="Task{TResult}"/> representing the result of the asynchronous operation.</returns>
public async Task<List<Group>?> GetGraphApiUserMemberGroups(string userId)
{
var groups = await this.graphServiceClient.Users[userId].MemberOf.GraphGroup.GetAsync();
return groups?.Value;
}
/// <summary>
/// Gets the user's groups from the Microsoft Graph API.
/// </summary>
/// <returns>A <see cref="Task{TResult}"/> representing the result of the asynchronous operation.</returns>
public async Task<List<Group>?> GetGroupsAsync()
{
var groups = await this.graphServiceClient.Groups.GetAsync();
return groups?.Value;
}
/// <summary>
/// Gets the user's profile from the Microsoft Graph API.
/// </summary>
/// <param name="userId">User ID.</param>
/// <returns>A <see cref="Task{TResult}"/> representing the result of the asynchronous operation.</returns>
public async Task<Profile?> GetUserProfile(string userId)
{
var result = await this.graphServiceClient.Users[userId].Profile.GetAsync();
return result;
}
/// <summary>
/// Gets the group name from the Microsoft Graph API.
/// </summary>
/// <param name="groupId">Group ID.</param>
/// <returns>A <see cref="Task{TResult}"/> representing the result of the asynchronous operation.</returns>
public async Task<string?> GetGroupNameAsync(string groupId)
{
var group = await this.graphServiceClient.Groups[groupId].GetAsync();
return group?.DisplayName;
}
}
}