从图中获取密钥过期 API
Get secret key expiration from graph API
我正在尝试阅读所有应用程序注册机密以查明是否有任何即将过期。我可以获取应用程序注册,但找不到任何秘密信息:
var scopes = new string[] { "https://graph.microsoft.com/.default" };
// Configure the MSAL client as a confidential client
var confidentialClient = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithAuthority($"https://login.microsoftonline.com/xxx-e95b-4ad0-a4fb-xxx/v2.0")
.WithClientSecret(secret)
.Build();
// Build the Microsoft Graph client. As the authentication provider, set an async lambda
// which uses the MSAL client to obtain an app-only access token to Microsoft Graph,
// and inserts this access token in the Authorization header of each API request.
GraphServiceClient graphServiceClient =
new GraphServiceClient(new DelegateAuthenticationProvider(async (requestMessage) => {
// Retrieve an access token for Microsoft Graph (gets a fresh token if needed).
var authResult = await confidentialClient
.AcquireTokenForClient(scopes)
.ExecuteAsync();
// Add the access token in the Authorization header of the API request.
requestMessage.Headers.Authorization =
new AuthenticationHeaderValue("Bearer", authResult.AccessToken);
})
);
var users = await graphServiceClient.Applications.Request().GetAsync();
var app = users.Where(p => p.DisplayName == "MDMIntegrations").First();
while (users.Count > 0)
{
if (users.NextPageRequest != null)
{
users = await users.NextPageRequest
.GetAsync();
}
else
{
return;
}
}
这是我从调试器中得到的。 Microsoft.Graph 客户端 SDK 无法获取此信息吗?
下面是一个如何执行此类查询的示例:
var now = DateTime.UtcNow;
var apps = await client
.Applications
.Request()
.Select(x => new
{
x.Id,
x.DisplayName,
x.PasswordCredentials,
})
.GetAsync();
var results = new List<Application>();
var pages = PageIterator<Application>.CreatePageIterator(
client,
apps,
x =>
{
if (x.PasswordCredentials.Any(y => y.EndDateTime <= now))
{
results.Add(x);
}
return true;
}
);
while (pages.State != PagingState.Complete)
{
await pages.IterateAsync();
}
遗憾的是,您无法为 PasswordCredentials 定义过滤器,因为您无法过滤复杂类型,因此您需要在客户端执行此操作。
我正在尝试阅读所有应用程序注册机密以查明是否有任何即将过期。我可以获取应用程序注册,但找不到任何秘密信息:
var scopes = new string[] { "https://graph.microsoft.com/.default" };
// Configure the MSAL client as a confidential client
var confidentialClient = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithAuthority($"https://login.microsoftonline.com/xxx-e95b-4ad0-a4fb-xxx/v2.0")
.WithClientSecret(secret)
.Build();
// Build the Microsoft Graph client. As the authentication provider, set an async lambda
// which uses the MSAL client to obtain an app-only access token to Microsoft Graph,
// and inserts this access token in the Authorization header of each API request.
GraphServiceClient graphServiceClient =
new GraphServiceClient(new DelegateAuthenticationProvider(async (requestMessage) => {
// Retrieve an access token for Microsoft Graph (gets a fresh token if needed).
var authResult = await confidentialClient
.AcquireTokenForClient(scopes)
.ExecuteAsync();
// Add the access token in the Authorization header of the API request.
requestMessage.Headers.Authorization =
new AuthenticationHeaderValue("Bearer", authResult.AccessToken);
})
);
var users = await graphServiceClient.Applications.Request().GetAsync();
var app = users.Where(p => p.DisplayName == "MDMIntegrations").First();
while (users.Count > 0)
{
if (users.NextPageRequest != null)
{
users = await users.NextPageRequest
.GetAsync();
}
else
{
return;
}
}
这是我从调试器中得到的。 Microsoft.Graph 客户端 SDK 无法获取此信息吗?
下面是一个如何执行此类查询的示例:
var now = DateTime.UtcNow;
var apps = await client
.Applications
.Request()
.Select(x => new
{
x.Id,
x.DisplayName,
x.PasswordCredentials,
})
.GetAsync();
var results = new List<Application>();
var pages = PageIterator<Application>.CreatePageIterator(
client,
apps,
x =>
{
if (x.PasswordCredentials.Any(y => y.EndDateTime <= now))
{
results.Add(x);
}
return true;
}
);
while (pages.State != PagingState.Complete)
{
await pages.IterateAsync();
}
遗憾的是,您无法为 PasswordCredentials 定义过滤器,因为您无法过滤复杂类型,因此您需要在客户端执行此操作。