我正在编写一个方法来获取ObjectID的DisplayName。有没有一种快速方法可以确定 ObjectID 是组、用户还是ServicePrincipal
下面是我的奇怪\粗糙的方法,它对我有用。但我想检查是否有人有更简单或更酷的解决方案。
我尝试在线搜索一些解决方案,但还没有成功。
public static async Task<string> GetDisplayName(string TenantID, string ObjectID, string MSGraphToken, string ObjectType)
{
string DisplayNameURI = null;
string DisplayName = null;
var DisplayNamehttpClient = new HttpClient
{
BaseAddress = new Uri("https://graph.windows.net/")
};
if (ObjectType.Equals("Decide", StringComparison.OrdinalIgnoreCase))
{
// trying servicePrincipals
ObjectType = "servicePrincipals";
DisplayNameURI = $"{TenantID}/{ObjectType}/{ObjectID}?api-version=1.6";
var SPNhttpClient = new HttpClient
{
BaseAddress = new Uri("https://graph.windows.net/")
};
SPNhttpClient.DefaultRequestHeaders.Remove("Authorization");
SPNhttpClient.DefaultRequestHeaders.Add("Authorization", "Bearer " + MSGraphToken);
HttpResponseMessage SPNResponse = await SPNhttpClient.GetAsync(DisplayNameURI).ConfigureAwait(false);
var SPNHttpsResponse = await SPNResponse.Content.ReadAsStringAsync();
dynamic SPNResult = JsonConvert.DeserializeObject<object>(SPNHttpsResponse);
DisplayName = SPNResult.displayName;
if (string.IsNullOrEmpty(DisplayName) == true)
{
// Trying for Users
ObjectType = "users";
DisplayNameURI = $"{TenantID}/{ObjectType}/{ObjectID}?api-version=1.6";
var usershttpClient = new HttpClient
{
BaseAddress = new Uri("https://graph.windows.net/")
};
usershttpClient.DefaultRequestHeaders.Remove("Authorization");
usershttpClient.DefaultRequestHeaders.Add("Authorization", "Bearer " + MSGraphToken);
HttpResponseMessage usersResponse = await usershttpClient.GetAsync(DisplayNameURI).ConfigureAwait(false);
var usersHttpsResponse = await usersResponse.Content.ReadAsStringAsync();
dynamic usersResult = JsonConvert.DeserializeObject<object>(usersHttpsResponse);
DisplayName = usersResult.displayName;
if (string.IsNullOrEmpty(DisplayName) == true)
{
//Trying for Groups
ObjectType = "groups";
DisplayNameURI = $"{TenantID}/{ObjectType}/{ObjectID}?api-version=1.6";
var groupshttpClient = new HttpClient
{
BaseAddress = new Uri("https://graph.windows.net/")
};
groupshttpClient.DefaultRequestHeaders.Remove("Authorization");
groupshttpClient.DefaultRequestHeaders.Add("Authorization", "Bearer " + MSGraphToken);
HttpResponseMessage groupsResponse = await groupshttpClient.GetAsync(DisplayNameURI).ConfigureAwait(false);
var groupsHttpsResponse = await groupsResponse.Content.ReadAsStringAsync();
dynamic groupsResult = JsonConvert.DeserializeObject<object>(groupsHttpsResponse);
DisplayName = groupsResult.displayName;
}
}
}
else
{
DisplayNameURI = $"{TenantID}/{ObjectType}/{ObjectID}?api-version=1.6";
DisplayNamehttpClient.DefaultRequestHeaders.Remove("Authorization");
DisplayNamehttpClient.DefaultRequestHeaders.Add("Authorization", "Bearer " + MSGraphToken);
HttpResponseMessage DisplayNameResponse = await DisplayNamehttpClient.GetAsync(DisplayNameURI).ConfigureAwait(false);
var DisplayNameHttpsResponse = await DisplayNameResponse.Content.ReadAsStringAsync();
dynamic DisplayNameResult = JsonConvert.DeserializeObject<object>(DisplayNameHttpsResponse);
DisplayName = DisplayNameResult.displayName;
}
//Console.WriteLine($"{DisplayName}");
if (string.IsNullOrEmpty(DisplayName) == true)
{
DisplayName = "Unknown";
}
return DisplayName;
}
最佳答案
您可以使用PowerShell直接根据objectID查找AD对象。
命令: Get-AzureADObjectByObjectId -ObjectIds objectID1,objected2
引用: Get-AzureADObjectByObjectId (AzureAD) | Microsoft Docs
否则,您可以使用 C# 调用图 api 来获取详细信息。
代码:
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var ids = new List<String>()
{
"objectID1",
"objectID2"
};
var types = new List<String>()
{
"user"
};
await graphClient.DirectoryObjects
.GetByIds(ids,types)
.Request()
.PostAsync();
引用: directoryObject: getByIds - Microsoft Graph v1.0 | Microsoft Docs
关于c# - 使用 C# 找出 Azure 中的 ObjectID 是组、用户还是服务主体的最快方法,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68490972/