[英]How to create Azure AD users from within ASP .NET Core?
我目前正在使用ASP .NET Core在門戶中工作。 要求之一是創建Azure AD用戶,在此過程中發現了兩個問題。
首先,當嘗試使用GraphClient SDK時,出現以下編譯錯誤:
Severity Code Description Project File Line Suppression State
Error CS0012 The type 'IList<>' is defined in an assembly that is not referenced.
You must add a reference to assembly 'System.Runtime, Version=4.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. PTIWebPortal.Packages.Cloud.DNX 4.6
D:\Eduardo\PTI Projects\PTIPortal\Portal\PTIPortal\PTIWebPortal.Packages.Cloud\CloudUserManager.cs 40 Active
嘗試設置對象newUser.OtherMails = new System.Collections.Generic.List();的OtherMails屬性時發生這種情況。
另一個編譯錯誤是
Severity Code Description Project File Line Suppression State
Error CS0012 The type 'Uri' is defined in an assembly that is not referenced.
You must add a reference to assembly 'System.Runtime, Version=4.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'.
PTIWebPortal.Packages.Cloud.DNX 4.6
D:\Eduardo\PTI Projects\PTIPortal\Portal\PTIPortal\PTIWebPortal.Packages.Cloud\CloudUserManager.cs 43 Active
嘗試實例化ActiveDirectoryClient ActiveDirectoryClient adClient = new ActiveDirectoryClient(serviceRoot,null)時,會發生此情況。
我認為這兩個錯誤是由於SDK尚未與.NET Core完全兼容,因為我已經在使用Uri類型,而這是另一個版本
//由.NET Reflector從C:\\ Windows \\ Microsoft.Net \\ assembly \\ GAC_MSIL \\ System \\ v4.0_4.0.0.0__b77a5c561934e089 \\ System.dll生成
我花了太多時間,所以決定嘗試使用Microsoft Graph,但是即使在Azure AD中向應用程序添加了讀寫目錄數據后,我仍然收到“禁止”響應,這是該代碼的當前代碼。
public static readonly string CreateUserUrl = @"https://graph.microsoft.com/{0}/users";
public static async Task<UserInfo> CreateUser(string accessToken, UserInfo pUser)
{
using (var client = new HttpClient())
{
using (var request = new HttpRequestMessage(HttpMethod.Post, Settings.CreateUserUrl.v10Version()))
{
request.Headers.Accept.Add(Json);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
var userData = new
{
accountEnabled = true,
displayName = pUser.DisplayName,
mailNickname = pUser.Username,
passwordProfile = new
{
password = pUser.Password,
forceChangePasswordNextSignIn = false
},
userPrincipalName = string.Format("{0}@{1}", pUser.Username, pUser.Domain)
};
string serializedData = JsonConvert.SerializeObject(userData);
request.Content = new StringContent(serializedData, System.Text.Encoding.UTF8, "application/json");
//https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations
//http://stackoverflow.com/questions/35845541/microsoft-graph-rest-api-add-attachment-to-email-using-c-sharp-asp-net-mvc
using (var response = await client.SendAsync(request))
{
if (response.StatusCode == HttpStatusCode.OK)
{
var json = JObject.Parse(await response.Content.ReadAsStringAsync());
//myInfo.DisplayName = json?["displayName"]?.ToString();
//myInfo.MailAddress = json?["mail"]?.ToString().Trim().Replace(" ", string.Empty);
//myInfo.Department = json?["department"]?.ToString();
//myInfo.PhotoBytes = await GetUserPhotoAsync(accessToken, json?["userPrincipalName"]?.ToString());
}
}
}
}
return pUser;
}
注意:我已經能夠以Azure AD用戶身份登錄,並且還能夠使用Microsoft Graph獲取信息。
有什么想法可以解決兩個問題中的任何一個嗎?
如果將其添加到依賴項下的project.json中,則應解決兼容性問題
"Microsoft.NETCore.Portable.Compatibility": "1.0.1"
要修復“在未引用的程序集中定義了類型'IList <>'的編譯錯誤。您必須添加對程序集的引用”,應在web.config中添加以下內容:
<assemblies>
<add assembly="System.Runtime, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</assemblies>
這將解決第一個錯誤。
關於第二個錯誤,請嘗試確保在Azure AD注冊中設置正確的權限 ,以便您具有讀寫權限。
希望這可以幫助。
使用Azure SDK找到了第一個問題的解決方案,不得不添加dependenci,但是在project.json的Famework Assemblies部分中
"frameworks": {
"dnx46": {
"dependencies": {
"Microsoft.Azure.ActiveDirectory.GraphClient": "2.1.0",
"Microsoft.Azure.Common": "2.1.0",
"Microsoft.Azure.Management.Resources": "3.4.0-preview",
"Microsoft.Azure.Management.Websites": "1.1.0-preview",
"Microsoft.Azure.Gallery": "2.6.2-preview",
"Microsoft.Azure.Common.Dependencies": "1.0.0",
"Microsoft.WindowsAzure.Common": "1.4.1",
"Microsoft.WindowsAzure.Management.MediaServices": "4.1.0",
"Microsoft.WindowsAzure.Management.Storage": "5.1.1",
"Microsoft.WindowsAzure.Management.Compute": "12.3.1",
"Microsoft.WindowsAzure.Management.Libraries": "2.0.0",
"WindowsAzure.MediaServices": "3.5.2",
"windowsazure.mediaservices.extensions": "3.3.0",
"Microsoft.IdentityModel.Clients.ActiveDirectory": "3.9.302261508-alpha",
"Microsoft.Framework.WebEncoders": "1.0.0-beta8",
},
"frameworkAssemblies": {
"System.Runtime": "4.0.20.0",
"System.Threading.Tasks": "4.0.10.0"
}
}
},
.NET Core 2.2:如何在 Azure 應用服務中從 Azure AD 自動填充用戶列表?
[英].NET Core 2.2 : How to auto-populate list of users from Azure AD in Azure app service.?
如何在 C# ASP.NET Core 6.0 中從 Azure AD 檢索用戶擁有的所有組?
[英]How to retrieve all the groups that a user has from Azure AD in C# ASP.NET Core 6.0?
無法使用 asp.net 核心圖 API 在 Azure AD B2C 中創建自定義屬性
[英]Can't create custom attributes in Azure AD B2C with asp.net core Graph API
使用 Azure AD 在 .net 核心應用程序 (Blazor) 中對用戶進行身份驗證
[英]Using Azure AD to authenticate users in a .net core application (Blazor)
如何從 Azure AD B2C 用戶商店獲取 ASP.NET Core 3.1 中的用戶信息?
[英]How to get user information in ASP.NET Core 3.1 from Azure AD B2C user store?
使用Azure AD身份驗證的ASP.NET MVC-如何允許用戶管理組/角色分配?
[英]ASP.NET MVC using Azure AD authentication — how to allow users to administer group/role assignments?
使用來自 Azure AD 的承載令牌保護 ASP.Net Core 3.1 API
[英]Secure ASP.Net Core 3.1 API with Bearer Tokens from Azure AD
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.