在 Azure Active Directory 控制台代码 C# 中获取响应的问题

Question

I am trying to execute below code to search a user in Azure Active Directory:我正在尝试执行以下代码以在 Azure Active Directory 中搜索用户：

using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Net.Mail;
using System.IO;

namespace AADConsoleApp
{
    class Program
    {
          static void Main(string[] args)
          {
             async System.Threading.Tasks.Task MySearchResult()
             {
                string search_url= "https://XXXXX-XXX.XX-XX.XXX.io/api/legacy/users?email=XXXX@XXX";

                try
                {
                    HttpClient client = new HttpClient();
                    client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic",
                        Convert.ToBase64String(
                            System.Text.ASCIIEncoding.ASCII.GetBytes(
                                string.Format("{0}:{1}", "username", "password"))));

                    using (client)
                    {
                        HttpResponseMessage responsemMsg = await client.GetAsync(AD_API_Name_Search_URL);

                        Console.WriteLine("Hello");

                        if (responsemMsg.IsSuccessStatusCode)
                        {
                            var apiResponse = await responsemMsg.Content.ReadAsStringAsync();
                        }
                    }
                }
                catch (Exception ex)
                {
                }
            }

            MySearchResult();
          }
    }
}

But, I am unable to get anything in response and below line fails:但是，我无法得到任何回应，以下行失败：

HttpResponseMessage responsemMsg = await client.GetAsync(search_url);

Please help me fix this problem.请帮我解决这个问题。

Answer 1

As far as I know, you need to use Azure AD Graph API or Microsoft Graph API to retrieve a user.据我所知，您需要使用Azure AD Graph API或Microsoft Graph API来检索用户。 And, Microsoft Graph API is now officially recommended.而且，现在正式推荐Microsoft Graph API 。

On the other hand, both Azure AD Graph API and Microsoft Graph API are protected by Azure AD which uses OAuth2 authorization, not basic authorization.另一方面，Azure AD Graph API 和 Microsoft Graph API 都受 Azure AD 保护，它使用 OAuth2 授权，而不是基本授权。 You may get-started with Authentication and authorization basics for Microsoft Graph你可以开始使用Microsoft Graph 的身份验证和授权基础知识

So, basically, you need to do the following steps:因此，基本上，您需要执行以下步骤：

Register an app in Azure portal . 在 Azure 门户中注册应用程序。 And和
Choose right scopes.选择正确的范围。 For example, the Get a user API needs one of the following permission:例如，获取用户API 需要以下权限之一：

Get access on behalf of a user (delegated permission) or Get access without a user (application permission) 代表用户获取访问权限（委托权限）或在没有用户的情况下获取访问权限（应用程序权限）
Call Grapp API with token.使用令牌调用 Grapp API。 Here is a sample:这是一个示例：

class Program
{
    public static string GetDelegatedToken()
    {
        string token = null;

        using (HttpClient hc = new HttpClient())
        {
            hc.DefaultRequestHeaders.TryAddWithoutValidation("Cache-Control", "no-cache");

            var body = new List<KeyValuePair<string, string>>();
            body.Add(new KeyValuePair<string, string>("grant_type", "password"));
            // Set scope
            body.Add(new KeyValuePair<string, string>("scope", "User.Read"));
            // The app id of the app you registered in Azure AD
            body.Add(new KeyValuePair<string, string>("client_id", "dc17****-****-****-****-****a5e7"));
            // The secret you created in your app
            body.Add(new KeyValuePair<string, string>("client_secret", "/pG******************32"));
            // Change it with your own user id
            body.Add(new KeyValuePair<string, string>("username", "jack@hanxia.onmicrosoft.com"));
            body.Add(new KeyValuePair<string, string>("password", "your password"));

            // Change e4c9ab4e-bd27-40d5-8459-230ba2a757fb with your tenant id
            var result = hc.PostAsync("https://login.microsoftonline.com/e4c9ab4e-bd27-40d5-8459-230ba2a757fb/oauth2/v2.0/token", new FormUrlEncodedContent(body)).Result;

            var json = JsonConvert.DeserializeObject<JObject>(result.Content.ReadAsStringAsync().Result);
            token = json["access_token"].ToString();
        }

        return token;
    }


    static void Main(string[] args)
    {
        using (HttpClient hc = new HttpClient())
        {
            hc.DefaultRequestHeaders.TryAddWithoutValidation("Cache-Control", "no-cache");
            hc.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", GetDelegatedToken());
            var result = hc.GetAsync("https://graph.microsoft.com/v1.0/users/jack@hanxia.onmicrosoft.com").Result;
            result.Content.CopyToAsync(Console.OpenStandardOutput()).GetAwaiter().GetResult();
        }
        Console.WriteLine();
    }
}

Response:回复：

在 Azure Active Directory 控制台代码 C# 中获取响应的问题

问题描述

1 个解决方案

解决方案1
0 2020-02-10 21:00:25

在 Azure Active Directory 控制台代码 C# 中获取响应的问题

问题描述

1 个解决方案

解决方案1 0 2020-02-10 21:00:25

解决方案1
0 2020-02-10 21:00:25