Connect Graph API GraphServiceClient With Certificate thumbprint
On 10/05/2023
using Microsoft.Graph;
using Microsoft.Identity.Client;
using System;
using System.Linq;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Security.Cryptography.X509Certificates;
using System.Threading.Tasks;
using Azure.Identity;
using System.Reflection.Metadata.Ecma335;
using Microsoft.Graph.Models;
public class ClientCredentialsAuthProvider
{
private readonly IConfidentialClientApplication msalClient;
private readonly string[] scopes;
protected GraphServiceClient _graphClient;
public ClientCredentialsAuthProvider()
{
try
{
string appId = "922b7a94-268f-4ac0-ad5e-4d44fe4429cf";
string tenantId = "3533ab30-c2f0-48fd-b4c5-f5dc6ca77ec3";
string thumbprint = "AD120A05FF3AAC9A71A6DD71530E96306C29B395 ";// "AD120A05FF3AAC9A71A6DD71530E96306C29B395";
var scopes = new[] { "https://graph.microsoft.com/.default" };//"https://graph.microsoft.com/.default", "User.Read"
// Values from app registration
var clientId = appId;
var clientCertificate = GetCert(thumbprint);
// using Azure.Identity;
var options = new TokenCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
};
var clientCertCredential = new ClientCertificateCredential(
tenantId, clientId, clientCertificate, options);
this._graphClient = new GraphServiceClient(clientCertCredential, scopes);
}
catch (Exception ex)
{
throw ex;
}
}
public async Task GetUserByMail(string mail)
{
try
{
var result = await this._graphClient.Users.GetAsync((requestConfiguration) =>
{
requestConfiguration.QueryParameters.Select = new string[] { "displayName", "id", "mail" };
requestConfiguration.QueryParameters.Filter = string.Format("mail eq '{0}'", mail);
requestConfiguration.QueryParameters.Orderby = new string[] { "displayName" };
requestConfiguration.QueryParameters.Count = true;
requestConfiguration.Headers.Add("ConsistencyLevel", "eventual");
});
if (result.OdataCount == 1)
{
Microsoft.Graph.Models.User user = result.Value[0];
return user;
}
return null;
}
catch (Exception ex)
{
throw;
}
}
public async Task CreateTeams(string teamsName, string teamsDescription, string ownerId)
{
try
{
GraphServiceClient graphClient = null;
string getUser = string.Format("https://graph.microsoft.com/v1.0/users('{0}')", ownerId);
var requestBody = new Team
{
DisplayName = teamsName,
Description = teamsDescription,
Members = new List
{
new ConversationMember
{
OdataType = "#microsoft.graph.aadUserConversationMember",
Roles = new List
{
"owner",
}
,
AdditionalData = new Dictionary
{
{
"user@odata.bind" , getUser
},
},
},
},
AdditionalData = new Dictionary
{
{
"template@odata.bind" , "https://graph.microsoft.com/v1.0/teamsTemplates('standard')"
}
}
};
var result = await this._graphClient.Teams.PostAsync(requestBody);
return "";
}
catch (Exception ex)
{
throw;
}
}
private X509Certificate2 GetCert(string thumbprint)
{
X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
certStore.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certCollection = certStore.Certificates.Find(
X509FindType.FindByThumbprint,
// Replace below with your cert's thumbprint
thumbprint,
false);
X509Certificate2 cert = null;
// Get the first cert with the thumbprint
if (certCollection.Count > 0)
{
cert = certCollection[0];
// Use certificate
Console.WriteLine(cert.FriendlyName);
}
certStore.Close();
return cert;
}
}