Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public static async Task<IServicePrincipal> GetServicePrincipalAsync(string accessToken, string tenantId, string clientId)
- {
- var graphClient = NewActiveDirectoryClient(accessToken, tenantId);
- var matches = await graphClient.ServicePrincipals.Where(sp => sp.AppId == clientId).ExecuteAsync();
- return matches.CurrentPage.ToList().FirstOrDefault();
- }
- private static ActiveDirectoryClient NewActiveDirectoryClient(string accessToken, string tenantId)
- {
- TaskCompletionSource<string> tcs = new TaskCompletionSource<string>();
- tcs.SetResult(accessToken);
- return new ActiveDirectoryClient(
- new Uri($"{GraphApiBaseUrl}{tenantId}"),
- async () => { return await tcs.Task; });
- }
- public static async Task AssignRoleToPrincipalAsync(
- string accessToken,
- string subscriptionId,
- string scope,
- string roleName,
- string principalObjectId)
- {
- using (var client = NewAuthorizationManagementClient(accessToken, subscriptionId))
- {
- RoleDefinition roleDef = (await FindRoleDefinitionAsync(accessToken, subscriptionId, scope, roleName)).FirstOrDefault();
- if (roleDef == null)
- throw new Exception($"Role was not found: {roleName}");
- var props = new RoleAssignmentProperties()
- {
- PrincipalId = principalObjectId,
- RoleDefinitionId = roleDef.Id
- };
- await client.RoleAssignments.CreateAsync(scope, Guid.NewGuid().ToString("N"), props);
- }
- }
- private static AuthorizationManagementClient NewAuthorizationManagementClient(string accessToken, string subscriptionId)
- {
- return new AuthorizationManagementClient(new TokenCredentials(accessToken)) { SubscriptionId = subscriptionId};
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement