如何从Azure AD获取用户属性
[英]How to get user properties from Azure AD
问题描述
I'm using standart snippet from MS library to get users and their properties from my azure AD . 
我正在使用MS库中的 standart代码段来从我的azure AD获取用户及其属性。 But unfortunately I found that this snippet doesn't get all properties that users have and only get their display name, fullname, surname, thats all, other properties are null , but I need to get all properties that users have. 但不幸的是,我发现此代码片段无法获取用户拥有的所有属性,而只能获取其显示名称,全名,姓氏,多数民众赞成,其他属性均为null ,但是我需要获取用户拥有的所有属性。 Im already google this question a lot and only found solution for LDAP that does not fit for me. 我已经在谷歌上搜索了很多这个问题,只找到了不适合我的LDAP解决方案。
Image of JSON output of user properties: 用户属性的JSON输出图像:
[{"Properties":{},"Id":null,"Display":null,"Department":null,"GivenName":"Example","Surname":"Example","UserPrincipalName":"Example@Example.com"},{"Properties":{},"Id":null,"Display":null,"Department":null,"GivenName":"Example","Surname":"Example","UserPrincipalName":"Example@Example.com"},{"Properties":{},"Id":null,"Display":null,"Department":null,"GivenName":"Example","Surname":"Example","UserPrincipalName":"Example@Example.com"},{"Properties":{},"Id":null,"Display":null,"Department":null,"GivenName":"Example","Surname":"Example","UserPrincipalName":"Example@Example.com"},{"Properties":{},"Id":null,"Display":null,"Department":null,"GivenName":"Example","Surname":"Example","UserPrincipalName":"Example@Example.com"},{"Properties":{},"Id":null,"Display":null,"Department":null,"GivenName":"Example","Surname":"Example","UserPrincipalName":"Example@Example.com"},
So question is, how to get all user properties from Azure AD using C#? 所以问题是,如何使用C#从Azure AD获取所有用户属性?
My user model: 我的用户模型:
public async Task<List<ResultsItem>> GetUsers(GraphServiceClient graphClient)
{
List<ResultsItem> items = new List<ResultsItem>();
// Get users.
IGraphServiceUsersCollectionPage users = await graphClient.Users.Request().GetAsync();
// Populate the view model.
if (users?.Count > 0)
{
foreach (User user in users)
{
// Filter out conference rooms.
string displayName = user.DisplayName ?? "";
if (!displayName.StartsWith("Conf Room"))
{
// Get user properties.
items.Add(new ResultsItem
{
Mail = user.Mail,
Display = user.DisplayName,
Id = user.Id,
Department = user.Department,
GivenName = user.GivenName,
Surname = user.Surname,
UserPrincipalName = user.UserPrincipalName
});
}
}
}
var jsonEmployees = JsonConvert.SerializeObject(items); // Convert to JSON
return items;
}
1 个解决方案
解决方案1
2 2018-01-24 08:59:17
According to your description, I registered the AD v2.0 app and used MSAL for retrieving the access token by using the User.Read and User.ReadBasic.All scopes. 根据您的描述,我注册了AD v2.0应用程序,并使用MSAL通过使用User.Read和User.ReadBasic.All范围来检索访问令牌。 Use fiddler to capture the network traces when getting users, I could get the response as follows: 在获取用户时使用提琴手捕获网络跟踪,我可以得到如下响应:
As Microsoft Graph List users states as follows: 作为Microsoft Graph List用户,状态如下:
By default, only a limited set of properties are returned ( businessPhones, displayName, givenName, id, jobTitle, mail, mobilePhone, officeLocation, preferredLanguage, surname, userPrincipalName ).
To return an alternative property set, you must specify the desired set of user properties using the OData
$selectquery parameter.$select查询参数指定所需的用户属性集。 For example, to return displayName, givenName, and postalCode, you would use the add the following to your query$select=displayName,givenName,postalCode$select=displayName,givenName,postalCode
For a simple way, I just use the Microsoft Graph Explorer and access https://graph.microsoft.com/v1.0/users?$select=Department,Mail,Display,Id,GivenName,Surname,UserPrincipleName as follows: 以一种简单的方式,我只使用Microsoft Graph Explorer并访问https://graph.microsoft.com/v1.0/users?$select=Department,Mail,Display,Id,GivenName,Surname,UserPrincipleName ,如下所示:
When using the client library, you could use the following code: 使用客户端库时,可以使用以下代码:
var users = await graphClient.Users.Request().Select("Department,Mail,Display,Id,GivenName,Surname,UserPrincipleName").GetAsync();
Details you could follow the Query options section under Microsoft Graph .NET Client Library Overview . 有关详细信息,请按照Microsoft Graph .NET客户端库概述下的“查询选项”部分进行操作。
Moreover, you need to check if there has any more records and retrieve all users via the following code snippet: 此外,您需要检查是否还有更多记录,并通过以下代码片段检索所有用户:
var userList = new List<User>();
IGraphServiceUsersCollectionPage pagedCollection = await graphClient.Users.Request().Select("Department,Mail,Display,Id,GivenName,Surname,UserPrincipleName").GetAsync();
if (pagedCollection != null)
{
do
{
List<User> usersList = pagedCollection.CurrentPage.ToList();
foreach (var user in usersList)
{
userList.Add(user);
}
pagedCollection = await pagedCollection.NextPageRequest.GetAsync();
} while (pagedCollection != null);
}
UPDATE: 更新:
I leveraged the Microsoft Graph Snippets Sample for ASP.NET 4.6 sample and registered my AD V2.0 app and replaced the ida:AppId and ida:AppSecret setting under my web.config file. 我利用了Microsoft Graph Snippets Sample for ASP.NET 4.6示例,并注册了我的AD V2.0应用程序,并在web.config文件下替换了ida:AppId和ida:AppSecret设置。 It could work on my side as follows: 它可能对我有利,如下所示:
Using fiddler, I could capture the network trace for https://graph.microsoft.com/v1.0/users and it could correctly return the user properties. 使用提琴手,我可以捕获https://graph.microsoft.com/v1.0/users的网络跟踪,它可以正确返回用户属性。 I would recommend you debug your application and check the result after invoked await graphClient.Users.Request().GetAsync(); 我建议您调试应用程序并在调用await graphClient.Users.Request().GetAsync();之后检查结果await graphClient.Users.Request().GetAsync(); , also check the properties of the user instance when you iterate the users collection. ,还需要在迭代users集合时检查user实例的属性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.