asp.net Webapi登录azureAD并调用azure graph api
2017-08-27 21:51
603 查看
1. 需要安装的包:
Microsoft.Azure.ActiveDirectory.GraphClient
Microsoft.IdentityModel.Clients.ActiveDirectory
C# 实例包含:
1. 使用用户名密码登录获取accesstoken和idtoken
2. 使用idtoken获取idtoken和accesstoken
3. 调用graphapi获得更多信息
完整示例: https://github.com/iorilan/WebApiAzureADSample
Microsoft.Azure.ActiveDirectory.GraphClient
Microsoft.IdentityModel.Clients.ActiveDirectory
C# 实例包含:
1. 使用用户名密码登录获取accesstoken和idtoken
2. 使用idtoken获取idtoken和accesstoken
3. 调用graphapi获得更多信息
internal class AzureADGlobalConstants
{
public const string AuthString = "https://login.microsoftonline.com/";
public const string ResourceUrl = "https://graph.windows.net";
public const string GraphServiceObjectId = "00000002-0000-0000-c000-000000000000";
}
public class CertisAdLoginController : ApiController
{
public class LoginResult
{
public bool IsSuccess { get; set; }
public string ErrorMessage { get; set; }
public object Data { get; set; }
public IUser UserDetail { get; set; }
}
internal class AzureADAppConstants
{
/// <summary>
/// The application id ,you can login to azure portal ->
/// Azure Active Directory ->
/// Registered Apps -> click the app
/// </summary>
public const string ClientId = "your_app_id";
/// <summary>
/// Login to your azure portal ->
/// Azure Active Directory ->
/// Registered Apps -> click the app
/// keys -> add new
/// </summary>
public const string ClientSecret = "your_app_key";
/// <summary>
/// this is used to construct the login user name:
/// e.g. someone@xxx.onmicrosoft.com
/// </summary>
public const string TenantName = "yourdomain@onmicrosoft.com";
/// <summary>
/// you can get this value form below steps :
/// Login to your azure portal ->
/// Azure Active Directory ->
/// Properties -> DirectoryId
/// </summary>
public const string TenantId = "your_tenant_id";
}
/// <summary>
/// Login with idToken
/// </summary>
/// <param name="idToken"></param>
/// <returns></returns>
[HttpPost]
public IHttpActionResult Login(string idToken)
{
try
{
string directoryName = AzureADAppConstants.TenantName;
string clientId = AzureADAppConstants.ClientId;
var credentials = new UserAssertion(idToken);
var authenticationContext = new AuthenticationContext(AzureADGlobalConstants.AuthString + directoryName);
var result = authenticationContext.AcquireTokenAsync(AzureADGlobalConstants.ResourceUrl, clientId, credentials).Result;
var tokenGetter = Task.Run(() => { return result.AccessToken; });
// get more details
var userDetail = GetUserDetailById(tokenGetter, result.UserInfo.UniqueId);
return Ok(new LoginResult()
{
IsSuccess = true,
Data = result,
ErrorMessage = "",
UserDetail = userDetail
});
}
catch (Exception ex)
{
return Ok(new LoginResult()
{
IsSuccess = false,
ErrorMessage = ex.Message
});
}
}
/// <summary>
/// Login with username/password
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns></returns>
[HttpPost]
public IHttpActionResult Login(string username, string password)
{
try
{
string directoryName = AzureADAppConstants.TenantName;
string clientId = AzureADAppConstants.ClientId;
var credentials = new UserPasswordCredential(string.Format("{0}@{1}", username, directoryName), password);
var authenticationContext = new AuthenticationContext(AzureADGlobalConstants.AuthString + directoryName);
var result = authenticationContext.AcquireTokenAsync(AzureADGlobalConstants.ResourceUrl, clientId, credentials).Result;
var tokenGetter = Task.Run(() => { return result.AccessToken; });
// get more details
var userDetail = GetUserDetailById(tokenGetter, result.UserInfo.UniqueId);
return Ok(new LoginResult()
{
IsSuccess = true,
Data = result,
ErrorMessage = "",
UserDetail = userDetail
});
}
catch (Exception ex)
{
return Ok(new LoginResult()
{
IsSuccess = false,
ErrorMessage = ex.Message
});
}
}
private IUser GetUserDetailById(Task<string> accessToken, string userid)
{
Uri servicePointUri = new Uri(AzureADGlobalConstants.ResourceUrl);
Uri serviceRoot = new Uri(servicePointUri, CertisAdLoginController.AzureADAppConstants.TenantId);
ActiveDirectoryClient client = new ActiveDirectoryClient(serviceRoot, () =>
{
return accessToken;
});
IUser firstMatch = null;
try
{
IUserCollection userCollection = client.Users;
firstMatch = userCollection.Where(user =>
user.ObjectId == userid)
.Take(10).ExecuteAsync().
Result.CurrentPage.First();
return firstMatch;
}
catch (Exception e)
{
return null;
}
}
}完整示例: https://github.com/iorilan/WebApiAzureADSample
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- python 3 登录azureAD并调用azure graph api
- ASP.NET 5中使用AzureAD实现单点登录
- ASP.NET 5中使用AzureAD实现单点登录
- ASP.NET 5探险(5):利用AzureAD实现单点登录
- asp.net调用腾讯微博API发微博
- ASP.NET调用V3版本的Google Maps API
- GOOGLE API - 翻译, 后台c# 调用前台js代码, asp.net后台调用js代码
- asp.net 模拟CURL调用微信公共平台API 上传下载多媒体文件接口
- asp.net 调用自定义类的方法 判断用户是否登录
- 解决调用url带有英文句号(.)导致asp.net api路由失败(404)的问题
- jquery+asp.net 调用百度geocoder手机浏览器定位--Api介绍及Html定位方法
- Google Map开发(一) ASP.NET中调用Google Map API实现简单的地图显示
- 关于AJAX跨域调用ASP.NET MVC或者WebAPI服务的问题及解决方案
- IIS 部署ASP.Net, WebAPI, Restful API, PUT/DELETE 报405错解决办法, webapi method not allowed 405
- Asp.NET MVC+WebAPI跨域调用
- C#编译器优化那点事 c# 如果一个对象的值为null,那么它调用扩展方法时为甚么不报错 webAPI 控制器(Controller)太多怎么办? .NET MVC项目设置包含Areas中的页面为默认启动页 (五)Net Core使用静态文件 学习ASP.NET Core Razor 编程系列八——并发处理
- ASP.Net 域自动登录(AD自动登录)
- ASP.NET调用存储过程验证用户登录
- 一个ASP.NET MVC中ajax调用WebApi返回500 Internal Server Error的调错方法。
- 关于AJAX跨域调用ASP.NET MVC或者WebAPI服务的问题及解决方案