如何使用Azure AD Graph API为当前用户获取登录名/用户名

时间:2016-10-23 21:49:39

标签: azure-active-directory azure-ad-graph-api

任何人都可以告诉我在查询中写什么来获取登录用户,AD用户名? ! NOT GivenName,FamilyName,displayname ---- 我需要域名** me.username **,我有域名,所以只是用户名。 这非常有效,可以检索用户的AD组,因此我应该更改以获取用户名。

public async Task<List<Groups>> GetAdGroups(string authority, string resource, string clientId, string returnUri)
    {
        JObject jResult = null;
        AuthenticationResult authResult = null;
        var authContext = new AuthenticationContext(authority);
        if (authContext.TokenCache.ReadItems().Any())
        {
            authContext = new AuthenticationContext(authContext.TokenCache.ReadItems().First().Authority);
        }
        var platformParams = new PlatformParameters((Activity)Forms.Context);
        authResult = await authContext.AcquireTokenAsync(resource, clientId, new Uri(returnUri), platformParams);
        var uri = new Uri(returnUri);
        string graphRequest = String.Format(CultureInfo.InvariantCulture, "{0}/{1}/users/{2}/memberOf?api-version=1.5", ServiceConstants.graphResourceUri, ServiceConstants.tenant, authResult.UserInfo.UniqueId);
        HttpClient client = new HttpClient();
        HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, graphRequest);
        request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authResult.AccessToken);

        HttpResponseMessage response = await client.SendAsync(request);
        List<Groups> memberOf = new List<Groups>();
        string content = await response.Content.ReadAsStringAsync();
        jResult = JObject.Parse(content);

        if (jResult["odata.error"] != null)
        {
            memberOf.Add(new Groups { id = "Error", displayName = (string)jResult["odata.error"]["message"]["value"] });
            return memberOf;
        }
        if (jResult["value"] == null)
        {
            memberOf.Add(new Groups { id = "Error", displayName = "Unknown Error." });
            return memberOf;
        }
        foreach (JObject result in jResult["value"])
        {
            memberOf.Add(
                new Groups
                {
                    id = (string)result["objectId"],
                    displayName = (string)result["displayName"]
                });
        }
        return memberOf;
    }

希望有人可以提供帮助。最诚挚的问候,克里斯蒂安。

1 个答案:

答案 0 :(得分:0)

要获取Azure AD帐户的登录名,我们可以从用户对象获取 userPrincipalName 。以下是Entity and complex type reference对此属性的说明。

UPN是基于Internet标准RFC 822的用户的Internet样式登录名。按照惯例,这应该映射到用户的电子邮件名称。一般格式为“alias @ domain”。对于工作或学校帐户,域必须存在于租户的已验证域集合中。创建工作或学校帐户时需要此属性;它对于本地帐户是可选的。

以下是使用Azure Graph客户端获取此属性供您参考的代码:

class Speaker
  @message = 'Howdy!'   # class-level instance variable

  def initialize
    @message = 'Hello!' # instance variable of Speaker's instances
  end

  def speak
    @message
  end

  class << self
    def speak
      @message
    end
  end
end

Speaker.speak
#=> "Howdy!"
Speaker.new.speak
#=> "Hello!"

如果您直接调用Azure Graph REST,可以参考以下请求:

//client is the instance of ActiveDirectoryClient
client.Me.ExecuteAsync().Result.UserPrincipalName
相关问题
最新问题