[英]Java Console Application to bulk upload user to Azure B2C active directory
I am trying to create a Java Console Application to bulk upload users from local SQL database to Azure b2c active directory.我正在尝试创建一个 Java 控制台应用程序,以将本地 SQL 数据库中的用户批量上传到 Azure b2c 活动目录。 I have a JSON file which I created
我有一个我创建的 JSON 文件
{
"users": [
{
"displayName": "Amanda Polly",
"givenName": "Amanda",
"surname": "Polly",
"extension_user_type": "user",
"identities": [
{
"signInType": "emailAddress",
"issuerAssignedId": "amandapolly@gmail.com"
}
],
"extension_timezone": "PST",
"extension_locale": "en-US",
"extension_tenant": "EG1234"
},
{
"displayName": "Lowa Doe",
"givenName": "Lowa",
"surname": "Doe",
"extension_user_type": "user",
"identities": [
{
"signInType": "userName",
"issuerAssignedId": "lowadow123"
}
],
"extension_timezone": "PST",
"extension_locale": "en-US",
"extension_tenant": "EG1234"
}
]
}
These are the users which I want to create on B2C, I need help in starting this, I have to use microsoft graph API, can anyone guide me through, I read about tokens and clientID but was not able to understand it.这些是我想在 B2C 上创建的用户,我需要帮助才能开始,我必须使用 microsoft graph API,任何人都可以指导我完成,我阅读了有关令牌和 clientID 的信息,但无法理解。
It is stuck in this state for a long time.卡在这个state里面很久了。 deserializing to JSON
反序列化为 JSON
To call Microsoft Graph, your app must acquire an access token from the Microsoft identity platform.
要调用 Microsoft Graph,你的应用必须从 Microsoft 标识平台获取访问令牌。 The access token contains information about your app and the permissions it has for the resources and APIs available through Microsoft Graph.
访问令牌包含有关您的应用的信息以及它对通过 Microsoft Graph 可用的资源和 API 的权限。 To get an access token, your app must be registered with the Microsoft identity platform and be authorized by either a user or an administrator for access to the Microsoft Graph resources it needs.
要获取访问令牌,您的应用必须在 Microsoft 标识平台上注册并获得用户或管理员的授权才能访问所需的 Microsoft Graph 资源。
There are two kinds of common auth flow: client_credentials flow and authorization_code flow .常见的认证流程有两种: client_credentials 流程和authorization_code 流程。 The former is app-only, and the latter is app+user.
前者是app-only,后者是app+user。
Here I take "client_credentials flow" as the example.这里我以“client_credentials flow”为例。
Firstly you need to Register your app .首先,您需要注册您的应用程序。 More detailed steps here .
更详细的步骤在这里。 Remember to add and grant consent to
User.ReadWrite.All
application permission in your Azure AD app.请记住在您的 Azure AD 应用程序中添加并授予
User.ReadWrite.All
应用程序权限。
After you add the permission, don't forget to click on " Grant admin consent for {your tenant} " (see it below).添加权限后,不要忘记点击“为{您的租户}授予管理员许可”(见下文)。
Create a client secret is necessary.创建客户端密码是必要的。 (record it once it is created because you won't see it later).
(一旦创建就记录下来,因为您以后不会看到它)。
Also remember to record the application id (client id) for late use.还要记得记录应用程序id(client id)以备后期使用。
Now you can Install the Microsoft Graph Java SDK to your project and implement Client credentials provider like this:现在您可以将 Microsoft Graph Java SDK 安装到您的项目中,并像这样实现客户端凭据提供程序:
ClientCredentialProvider authProvider = new ClientCredentialProvider(
clientId,
scopes,
clientSecret,
tenant,
endpoint);
You should have clientId
and clientSecret
from the previous steps.您应该具有前面步骤中的
clientId
和clientSecret
。 scopes
should be "https://graph.microsoft.com/.default"
. scopes
应该是"https://graph.microsoft.com/.default"
。 tenant
should be the tenant id of your B2C tenant. tenant
应该是您的 B2C 租户的租户 ID。 endpoint
is the NATIONAL_CLOUD of Microsoft. endpoint
是微软的 NATIONAL_CLOUD。 See the sample here .请参阅此处的示例。
Then you could use the following code to create user.然后您可以使用以下代码创建用户。 See reference here.
请参阅此处的参考。
IGraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider(authProvider).buildClient();
User user = new User();
user.displayName = "John Smith";
LinkedList<ObjectIdentity> identitiesList = new LinkedList<ObjectIdentity>();
ObjectIdentity identities = new ObjectIdentity();
identities.signInType = "userName";
identities.issuer = "contoso.onmicrosoft.com";
identities.issuerAssignedId = "johnsmith";
identitiesList.add(identities);
ObjectIdentity identities1 = new ObjectIdentity();
identities1.signInType = "emailAddress";
identities1.issuer = "contoso.onmicrosoft.com";
identities1.issuerAssignedId = "jsmith@yahoo.com";
identitiesList.add(identities1);
ObjectIdentity identities2 = new ObjectIdentity();
identities2.signInType = "federated";
identities2.issuer = "facebook.com";
identities2.issuerAssignedId = "5eecb0cd";
identitiesList.add(identities2);
user.identities = identitiesList;
PasswordProfile passwordProfile = new PasswordProfile();
passwordProfile.password = "password-value";
passwordProfile.forceChangePasswordNextSignIn = false;
user.passwordProfile = passwordProfile;
user.passwordPolicies = "DisablePasswordExpiration";
graphClient.users()
.buildRequest()
.post(user);
Modify the code based on your needs.根据您的需要修改代码。
Besides, if you want to add extension attributes, you need to refer to Create extensionProperty .另外,如果要添加扩展属性,需要参考创建扩展属性。 You should create extensionProperty first and then create the users with extension attributes.
您应该先创建 extensionProperty,然后再创建具有扩展属性的用户。 See my another answer for the logic.
有关逻辑,请参阅我的另一个答案。 (just need to look into the content before "Then create a claimsMappingPolicy:" )
(只需要在“然后创建一个claimsMappingPolicy:”之前查看内容)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.