使用App Model V2訪問日曆

Question

我們在Azure中的ASP.NET上有一個web應用程序，我們想要訪問當前用戶到他的日曆以顯示今天的事件以及未讀電子郵件的數量。我們有使用graph.microsoft.com的應用程序，該應用程序使用Visual Studio創建的默認「工作或學校帳戶」身份驗證，但這不適用於App Model V2。

如何構建能夠使用App Model V2進行身份驗證並訪問graph.microsoft.com的應用程序？

Answer 1

您需要使用Microsoft.IdentityModel.Clients.ActiveDirectory;

一個很好的樣本中 https://azure.microsoft.com/en-us/documentation/articles/active-directory-appmodel-v2-overview/

是因爲你需要的應用型V2申請步驟是：

1. 使用的應用程序註冊門戶註冊應用程序上https://apps.dev.microsoft.com。記住爲你註冊的clientID和clientsecret。
2. 創建VS2015無需驗證一個asp.net（匿名）
3. 添加NuGet包Microsoft.IdentityModel.Clients.ActiveDirectory
4. 使用Microsoft.IdentityModel.Clients.ActiveDirectory添加到控制器
5. 您需要到您的代碼添加範圍爲私人構件

私人靜態字符串[]範圍= { 「https://graph.microsoft.com/calendars.readwrite」};

添加添加以下設置的Web.config

<add key="ida:ClientID" value="..." /> 
<add key="ida:ClientSecret" value="..." /> 

你必須創建2種額外的方法。一個用於登入和一個用於認證：

簽到：

 public async Task<ActionResult> SignIn() 
    { 
     string authority = "https://login.microsoftonline.com/common/v2.0"; 
     string clientId = System.Configuration.ConfigurationManager.AppSettings["ida:ClientID"]; 
     AuthenticationContext authContext = new AuthenticationContext(authority); 

     // The url in our app that Azure should redirect to after successful signin 
     Uri redirectUri = new Uri(Url.Action("Authorize", "Home", null, Request.Url.Scheme)); 

     // Generate the parameterized URL for Azure signin 
     Uri authUri = await authContext.GetAuthorizationRequestUrlAsync(scopes, additionalScopes, clientId, 
      redirectUri, UserIdentifier.AnyUser, null); 

     // Redirect the browser to the Azure signin page 
     return Redirect(authUri.ToString()); 
    } 

授權：

 public async Task<ActionResult> Authorize() 
    { 
     // Get the 'code' parameter from the Azure redirect 
     string authCode = Request.Params["code"]; 

     string authority = "https://login.microsoftonline.com/common/v2.0"; 
     string clientId = System.Configuration.ConfigurationManager.AppSettings["ida:ClientID"]; 
     string clientSecret = System.Configuration.ConfigurationManager.AppSettings["ida:ClientSecret"]; 
     AuthenticationContext authContext = new AuthenticationContext(authority); 

     // The same url we specified in the auth code request 
     Uri redirectUri = new Uri(Url.Action("Authorize", "Home", null, Request.Url.Scheme)); 

     // Use client ID and secret to establish app identity 
     ClientCredential credential = new ClientCredential(clientId, clientSecret); 

     try 
     { 
      // Get the token 

      var authResult = await authContext.AcquireTokenByAuthorizationCodeAsync(
       authCode, redirectUri, credential, scopes); 

      // Save the token in the session 
      Session["access_token"] = authResult.Token; 
      return Redirect(Url.Action("Tasks", "Home", null, Request.Url.Scheme)); 
     } 
     catch (AdalException ex) 
     { 
      return Content(string.Format("ERROR retrieving token: {0}", ex.Message)); 
     } 
    } 

的accestoken處於會話狀態。

現在，您可以撥打graph.microsoft.com用正確的accessToken和獲取數據：

 private async Task<List<DisplayEvent>> GetEvents() 
    { 
     List<DisplayEvent> tasks = new List<DisplayEvent>(); 

     HttpClient httpClient = new HttpClient(); 
     var accessToken = (string)Session["access_token"]; 

     httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken); 
     HttpResponseMessage response = await httpClient.GetAsync("https://graph.microsoft.com/beta/users/me/events"); 

     if (response.IsSuccessStatusCode) 
     { 
      string s = await response.Content.ReadAsStringAsync(); 
      JavaScriptSerializer serializer = new JavaScriptSerializer(); 
      EventModels eventList = serializer.Deserialize<EventModels>(s); 

      foreach (EventModel v in eventList.value) 
      { 
       //Fill tasks will events 
      } 
     } 
     return tasks; 
    }