Graph API

Connect Graph API GraphServiceClient With Certificate thumbprint

On 10/05/2023


using Microsoft.Graph;
using Microsoft.Identity.Client;
using System;
using System.Linq;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks;
using Azure.Identity;
using System.Reflection.Metadata.Ecma335;
using Microsoft.Graph.Models;

public class ClientCredentialsAuthProvider
    {
        private readonly IConfidentialClientApplication msalClient;
        private readonly string[] scopes;
        protected GraphServiceClient _graphClient;

        public ClientCredentialsAuthProvider()
        {
            try
            {

                string appId = "922b7a94-268f-4ac0-ad5e-4d44fe4429cf";
                string tenantId = "3533ab30-c2f0-48fd-b4c5-f5dc6ca77ec3";
                string thumbprint = "AD120A05FF3AAC9A71A6DD71530E96306C29B395 ";// "AD120A05FF3AAC9A71A6DD71530E96306C29B395";
                var scopes = new[] { "https://graph.microsoft.com/.default" };//"https://graph.microsoft.com/.default", "User.Read"

                // Values from app registration
                var clientId = appId;
                var clientCertificate = GetCert(thumbprint);

                // using Azure.Identity;
                var options = new TokenCredentialOptions
                {
                    AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
                };

                var clientCertCredential = new ClientCertificateCredential(
                    tenantId, clientId, clientCertificate, options);

                this._graphClient = new GraphServiceClient(clientCertCredential, scopes);

            }
            catch (Exception ex)
            {
                throw ex;
            }
        }

        public async Task GetUserByMail(string mail)
        {

            try
            {
                var result = await this._graphClient.Users.GetAsync((requestConfiguration) =>
                {
                    requestConfiguration.QueryParameters.Select = new string[] { "displayName", "id", "mail" };
                    requestConfiguration.QueryParameters.Filter = string.Format("mail eq '{0}'", mail);
                    requestConfiguration.QueryParameters.Orderby = new string[] { "displayName" };
                    requestConfiguration.QueryParameters.Count = true;
                    requestConfiguration.Headers.Add("ConsistencyLevel", "eventual");
                });

                if (result.OdataCount == 1)
                {
                    Microsoft.Graph.Models.User user = result.Value[0];
                    return user;
                }
                return null;

            }
            catch (Exception ex)
            {

                throw;
            }
        }

        public async Task CreateTeams(string teamsName, string teamsDescription, string ownerId)
        {
            try
            {
                GraphServiceClient graphClient = null;
                string getUser = string.Format("https://graph.microsoft.com/v1.0/users('{0}')", ownerId);

                var requestBody = new Team
                {
                    DisplayName = teamsName,
                    Description = teamsDescription,
                    Members = new List
                    {
                        new ConversationMember
                        {
                            OdataType = "#microsoft.graph.aadUserConversationMember",
                            Roles = new List
                            {
                                "owner",
                            }
                            ,
                            AdditionalData = new Dictionary
                            {
                                {
                                    "user@odata.bind" , getUser
                                },
                            },
                        },
                    },
                    AdditionalData = new Dictionary
                    {
                        {
                            "template@odata.bind" , "https://graph.microsoft.com/v1.0/teamsTemplates('standard')"
                        }
                    }
                };
                var result = await this._graphClient.Teams.PostAsync(requestBody);

                return "";
            }
            catch (Exception ex)
            {

                throw;
            }
        }

        private X509Certificate2 GetCert(string thumbprint)
        {
            X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
            certStore.Open(OpenFlags.ReadOnly);
            X509Certificate2Collection certCollection = certStore.Certificates.Find(
                                       X509FindType.FindByThumbprint,
                                 // Replace below with your cert's thumbprint
                                 thumbprint,
                                       false);
            X509Certificate2 cert = null;
            // Get the first cert with the thumbprint
            if (certCollection.Count > 0)
            {
                cert = certCollection[0];
                // Use certificate
                Console.WriteLine(cert.FriendlyName);
            }
            certStore.Close();
            return cert;
        }
    }