c# - 从图 API 获取密钥过期
问题描述
我正在尝试阅读所有应用注册秘密,以了解是否有任何即将到期。我可以获得应用注册,但找不到任何秘密信息:
var scopes = new string[] { "https://graph.microsoft.com/.default" };
// Configure the MSAL client as a confidential client
var confidentialClient = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithAuthority($"https://login.microsoftonline.com/xxx-e95b-4ad0-a4fb-xxx/v2.0")
.WithClientSecret(secret)
.Build();
// Build the Microsoft Graph client. As the authentication provider, set an async lambda
// which uses the MSAL client to obtain an app-only access token to Microsoft Graph,
// and inserts this access token in the Authorization header of each API request.
GraphServiceClient graphServiceClient =
new GraphServiceClient(new DelegateAuthenticationProvider(async (requestMessage) => {
// Retrieve an access token for Microsoft Graph (gets a fresh token if needed).
var authResult = await confidentialClient
.AcquireTokenForClient(scopes)
.ExecuteAsync();
// Add the access token in the Authorization header of the API request.
requestMessage.Headers.Authorization =
new AuthenticationHeaderValue("Bearer", authResult.AccessToken);
})
);
var users = await graphServiceClient.Applications.Request().GetAsync();
var app = users.Where(p => p.DisplayName == "MDMIntegrations").First();
while (users.Count > 0)
{
if (users.NextPageRequest != null)
{
users = await users.NextPageRequest
.GetAsync();
}
else
{
return;
}
}
这是我从调试器中得到的。是否无法使用 Microsoft.Graph 客户端 SDK 获取此信息?
解决方案
这是一个如何执行此类查询的示例:
var now = DateTime.UtcNow;
var apps = await client
.Applications
.Request()
.Select(x => new
{
x.Id,
x.DisplayName,
x.PasswordCredentials,
})
.GetAsync();
var results = new List<Application>();
var pages = PageIterator<Application>.CreatePageIterator(
client,
apps,
x =>
{
if (x.PasswordCredentials.Any(y => y.EndDateTime <= now))
{
results.Add(x);
}
return true;
}
);
while (pages.State != PagingState.Complete)
{
await pages.IterateAsync();
}
不幸的是,您无法为 定义过滤器,PasswordCredentials
因为您无法过滤复杂类型,因此您需要在客户端执行此操作。
推荐阅读
- python - 我在哪里将解码代码放在 python 脚本中?
- sql - 使用 SQLAlchemy 在 PostgreSQL 中连接多个 shemas
- ios - 为什么我的变量在 didMove 委托中为零?
- javascript - 下拉/选择值不变 - useState
- python - 使用变量作为函数名和字符串
- laravel - laravel spatie/media library 使用 cloudfront 提供来自 s3 的图像
- django - 如何自定义 DjangoModelPermissions 以拒绝 GET、HEAD 和 OPTIONS 请求
- sql-server - ORA-28545: Net8 在连接到代理时诊断出错误(Oracle linux 连接到 Sql Server Windows)
- mysql - Admin Dashboard 中的 Laravel 用户管理
- android - Android导航组件 - 如何从后台弹出startDestination?