使用 Azure AD Graph 为用户更新“AdditionalValues”字典中的值

Use Azure AD Graph to update values on the `AdditionalValues` dictionary for a user

如何使用 Azure AD Graph 为用户更新 AdditionalValues 词典中的值?下面的测试 returns 400 Bad Response.

背景: 我的应用程序的其余部分使用 MSGraph。但是,由于 a federated user can not be updated using MSGraph 在放弃 Graph 的每个实现和版本并实现我自己的数据库之前,我正在寻找替代方案。

此问题与 类似,但就我而言,我正在尝试更新 AdditionalData 属性。

Documentation

[TestMethod]
public async Task UpdateUserUsingAzureADGraphAPI()
{
    string userID = "a880b5ac-d3cc-4e7c-89a1-123b1bd3bdc5"; // A federated user

    // Get the user make sure IsAdmin is false.
    
    User user = (await graphService.FindUser(userID)).First();
    Assert.IsNotNull(user);

    if (user.AdditionalData == null)
    {
        user.AdditionalData = new Dictionary<string, object>();
    }
    else
    {
        user.AdditionalData.TryGetValue(UserAttributes.IsCorporateAdmin, out object o);
        Assert.IsNotNull(o);
        Assert.IsFalse(Convert.ToBoolean(o));
    }
    
    string tenant_id = "me.onmicrosoft.com";
    string resource_path = "users/" + userID;
    string api_version = "1.6";
    string apiUrl = $"https://graph.windows.net/{tenant_id}/{resource_path}?{api_version}";
    
    // Set the field on the extended attribute
    user.AdditionalData.TryAdd(UserAttributes.IsCorporateAdmin, true);
    // Serialize the dictionary and put it in the content of the request
    string content = JsonConvert.SerializeObject(user.AdditionalData);
    string additionalData = "{\"AdditionalData\"" + ":" + $"[{content}]" + "}";
    //additionalData: {"AdditionalData":[{"extension_myID_IsCorporateAdmin":true}]}

    HttpClient httpClient = new HttpClient();
    HttpRequestMessage request = new HttpRequestMessage
    {
        Method = HttpMethod.Patch,
        RequestUri = new Uri(apiUrl),
        Content = new StringContent(additionalData, Encoding.UTF8, "application/json")
    };
    var response = await httpClient.SendAsync(request); // 400 Bad Request
}
  1. 确保请求 URL 看起来像:https://graph.windows.net/{tenant}/users/{user_id}?api-version=1.6。您需要将 api_version 更改为“api-version=1.6”。

  2. 不能直接在AdditionalData中添加扩展,会return报错(400)。

按照steps注册扩展,然后将扩展值写入用户。

注册一个分机:

POST https://graph.windows.net/{tenant}/applications/<applicationObjectId>/extensionProperties?api-version=1.6

{
    "name": "<extensionPropertyName like 'extension_myID_IsCorporateAdmin>'",
    "dataType": "<String or Binary>",
    "targetObjects": [
        "User"
    ]
}

写入扩展值:

PATCH https://graph.windows.net/{tenant}/users/{user-id}?api-version=1.6

{
    "<extensionPropertyName>": <value>
}