任何人都可以告诉我在查询中写什么来获取登录用户,AD用户名? ! NOT GivenName,FamilyName,displayname ---- 我需要域名** me.username **,我有域名,所以只是用户名。 这非常有效,可以检索用户的AD组,因此我应该更改以获取用户名。
public async Task<List<Groups>> GetAdGroups(string authority, string resource, string clientId, string returnUri)
{
JObject jResult = null;
AuthenticationResult authResult = null;
var authContext = new AuthenticationContext(authority);
if (authContext.TokenCache.ReadItems().Any())
{
authContext = new AuthenticationContext(authContext.TokenCache.ReadItems().First().Authority);
}
var platformParams = new PlatformParameters((Activity)Forms.Context);
authResult = await authContext.AcquireTokenAsync(resource, clientId, new Uri(returnUri), platformParams);
var uri = new Uri(returnUri);
string graphRequest = String.Format(CultureInfo.InvariantCulture, "{0}/{1}/users/{2}/memberOf?api-version=1.5", ServiceConstants.graphResourceUri, ServiceConstants.tenant, authResult.UserInfo.UniqueId);
HttpClient client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, graphRequest);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authResult.AccessToken);
HttpResponseMessage response = await client.SendAsync(request);
List<Groups> memberOf = new List<Groups>();
string content = await response.Content.ReadAsStringAsync();
jResult = JObject.Parse(content);
if (jResult["odata.error"] != null)
{
memberOf.Add(new Groups { id = "Error", displayName = (string)jResult["odata.error"]["message"]["value"] });
return memberOf;
}
if (jResult["value"] == null)
{
memberOf.Add(new Groups { id = "Error", displayName = "Unknown Error." });
return memberOf;
}
foreach (JObject result in jResult["value"])
{
memberOf.Add(
new Groups
{
id = (string)result["objectId"],
displayName = (string)result["displayName"]
});
}
return memberOf;
}
希望有人可以提供帮助。最诚挚的问候,克里斯蒂安。
答案 0 :(得分:0)
要获取Azure AD帐户的登录名,我们可以从用户对象获取 userPrincipalName 。以下是Entity and complex type reference对此属性的说明。
UPN是基于Internet标准RFC 822的用户的Internet样式登录名。按照惯例,这应该映射到用户的电子邮件名称。一般格式为“alias @ domain”。对于工作或学校帐户,域必须存在于租户的已验证域集合中。创建工作或学校帐户时需要此属性;它对于本地帐户是可选的。
以下是使用Azure Graph客户端获取此属性供您参考的代码:
class Speaker
@message = 'Howdy!' # class-level instance variable
def initialize
@message = 'Hello!' # instance variable of Speaker's instances
end
def speak
@message
end
class << self
def speak
@message
end
end
end
Speaker.speak
#=> "Howdy!"
Speaker.new.speak
#=> "Hello!"
如果您直接调用Azure Graph REST,可以参考以下请求:
//client is the instance of ActiveDirectoryClient
client.Me.ExecuteAsync().Result.UserPrincipalName