Permalink
Browse files

Added a class to connect to the Azure AD Graph API and retrieve a use…

…r's groups
  • Loading branch information...
robdmoore committed Oct 24, 2014
1 parent ade3c63 commit ff840598c88302a4f6ab4b81a091aa8a68c924d5
@@ -159,6 +159,7 @@
<Compile Include="Global.asax.cs">
<DependentUpon>Global.asax</DependentUpon>
</Compile>
<Compile Include="Infrastructure\Auth\AzureADGraphConnection.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
</ItemGroup>
<ItemGroup>
@@ -0,0 +1,39 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using Microsoft.Azure.ActiveDirectory.GraphClient;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
namespace AzureAdMvcExample.Infrastructure.Auth
{
public interface IAzureADGraphConnection
{
IList<string> GetRolesForUser(ClaimsPrincipal userPrincipal);
}
public class AzureADGraphConnection : IAzureADGraphConnection
{
const string Resource = "https://graph.windows.net";
public readonly Guid ClientRequestId = Guid.NewGuid();
private readonly GraphConnection _graphConnection;
public AzureADGraphConnection(string tenantName, string clientId, string clientSecret)
{
var authenticationContext = new AuthenticationContext("https://login.windows.net/" + tenantName, false);
var clientCred = new ClientCredential(clientId, clientSecret);
var token = authenticationContext.AcquireToken(Resource, clientCred).AccessToken;
_graphConnection = new GraphConnection(token, ClientRequestId);
}
public IList<string> GetRolesForUser(ClaimsPrincipal userPrincipal)
{
return _graphConnection.GetMemberGroups(new User(userPrincipal.Identity.Name), true)
.Select(groupId => _graphConnection.Get<Group>(groupId))
.Where(g => g != null)
.Select(g => g.DisplayName)
.ToList();
}
}
}

0 comments on commit ff84059

Please sign in to comment.