-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathGetCurrentUserDetails.cs
More file actions
144 lines (133 loc) · 6.26 KB
/
GetCurrentUserDetails.cs
File metadata and controls
144 lines (133 loc) · 6.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
using System;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Azure.WebJobs;
using Microsoft.Azure.WebJobs.Extensions.Http;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging;
using Microsoft.Identity.Client;
//using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Collections.Generic;
namespace MMC.GetCurrentUserDetails
{
public static class GetCurrentUserDetails
{
private static HttpClient httpClient = new HttpClient();
[FunctionName("GetCurrentUserDetails")]
public static async Task<IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = null)] HttpRequest req,
ILogger log)
{
log.LogInformation("MiddleTierAPI function processed a request.");
string tenantId = Environment.GetEnvironmentVariable("Azure_App_Tenant_Id");
string clientId = Environment.GetEnvironmentVariable("Azure_App_Client_Id");
string clientSecret = Environment.GetEnvironmentVariable("Azure_App_Client_Secret");
string selectProperties = Environment.GetEnvironmentVariable("Graph_Api_Select_Properties");
string[] downstreamApiScopes = { "https://graph.microsoft.com/.default" };
try
{
if (string.IsNullOrEmpty(tenantId) ||
string.IsNullOrEmpty(clientId) ||
string.IsNullOrEmpty(clientSecret))
{
throw new Exception("Configuration values are missing.");
}
string authority = $"https://login.microsoftonline.com/{tenantId}";
string issuer = $"https://sts.windows.net/{tenantId}/";
string audience = $"api://{clientId}";
var app = ConfidentialClientApplicationBuilder.Create(clientId)
.WithAuthority(authority)
.WithClientSecret(clientSecret)
.Build();
var headers = req.Headers;
log.LogInformation("headers");
log.LogInformation(headers.ToString());
var token = string.Empty;
if (headers.TryGetValue("Authorization", out var authHeader))
{
if (authHeader[0].StartsWith("Bearer "))
{
token = authHeader[0].Substring(7, authHeader[0].Length - 7);
log.LogInformation("token");
log.LogInformation(token);
}
else
{
return new UnauthorizedResult();
}
}
//var configurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(
// issuer + "/.well-known/openid-configuration",
// new OpenIdConnectConfigurationRetriever(),
// new HttpDocumentRetriever());
//
//bool validatedToken = await ValidateToken(token, issuer, audience, configurationManager);
//
//if (!validatedToken)
//{
// throw new Exception("Token validation failed.");
//}
UserAssertion userAssertion = new UserAssertion(token);
AuthenticationResult result = await app.AcquireTokenOnBehalfOf(downstreamApiScopes, userAssertion).ExecuteAsync();
string accessToken = result.AccessToken;
if (accessToken == null)
{
throw new Exception("Access Token could not be acquired.");
}
log.LogInformation("accessToken", accessToken);
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var requestUri = string.IsNullOrWhiteSpace(selectProperties) ? $"https://graph.microsoft.com/v1.0/me" : $"https://graph.microsoft.com/v1.0/me?$select=" + selectProperties;
var request = new HttpRequestMessage(HttpMethod.Get, requestUri);
var response = await httpClient.SendAsync(request);
var content = await response.Content.ReadAsStringAsync();
var myProps = new Dictionary<string, string>();
myProps.Add("Current User through Microsoft Graph", content);
return new OkObjectResult(myProps);
}
catch (Exception ex)
{
log.LogInformation("Error:");
log.LogInformation(ex.Message);
return new BadRequestObjectResult(ex.Message);
}
}
//private static async Task<bool> ValidateToken(
// string token,
// string issuer,
// string audience,
// IConfigurationManager<OpenIdConnectConfiguration> configurationManager)
//{
// if (string.IsNullOrEmpty(token)) throw new ArgumentNullException(nameof(token));
// if (string.IsNullOrEmpty(issuer)) throw new ArgumentNullException(nameof(issuer));
//
// var discoveryDocument = await configurationManager.GetConfigurationAsync(default(CancellationToken));
// var signingKeys = discoveryDocument.SigningKeys;
//
// var validationParameters = new TokenValidationParameters
// {
// RequireExpirationTime = true,
// RequireSignedTokens = true,
// ValidateIssuer = true,
// ValidIssuer = issuer,
// ValidateAudience = true,
// ValidAudience = audience,
// ValidateIssuerSigningKey = true,
// IssuerSigningKeys = signingKeys,
// ValidateLifetime = true,
// ClockSkew = TimeSpan.FromMinutes(2),
// };
//
// try
// {
// new JwtSecurityTokenHandler().ValidateToken(token, validationParameters, out var rawValidatedToken);
// return true;
// }
// catch (SecurityTokenValidationException)
// {
// return false;
// }
//}
}
}