none
Implement Microsoft Graph API in a .netcore API project RRS feed

  • Question

  • I am trying to write a .netcore API which gets a bearer token from third party Webapp. This .netcore API should access the Microsoft graph API and get the user group information back from Azure AD.

    I was following the sample project https://github.com/Azure-Samples/active-directory-dotnet-webapp-webapi-openidconnect-aspnetcore.

    But unfortunately this uses AAD graph rather tha Microsoft graph API.

    I tried to implement Graph API in the .netcore api project in the above sample.

    Things I have tried

    I have changed the AAD graph to Graph API in the AzureAdAuthenticationBuilderExtensions.cs(in the web app project)

    options.Resource = "https://graph.microsoft.com";
    

    Also I used the Microsoft.Graph nuget in the API project. And I am trying to create the GraphServiceClient using the code below

    public GraphServiceClient GetClient(string accessToken, IHttpProvider provider = null)
        {
            var words = accessToken.Split(' ');
            var token = words[1];
            var delegateAuthProvider = new DelegateAuthenticationProvider((requestMessage) =>
            {
                requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", token);
    
                return Task.FromResult(0);
            });
    
            var graphClient = new GraphServiceClient(delegateAuthProvider, provider ?? new HttpProvider());
    
            return graphClient;
        }
    

    And finally I am trying to access the user information using the code below,

    public async Task<IEnumerable<Group>> GetGroupAsync(string accessToken)
        {
            var graphClient = GetClient(accessToken);
            try
            {
                User me = await graphClient.Me.Request().GetAsync();
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
                throw;
            }
    
            var user= await graphClient.Users["***"].Request().Expand("MemberOf").GetAsync();
    
    
            var userEmail = "testemail@test.com";
            var usergroup = await graphClient.Users[userEmail].GetMemberGroups(false).Request().PostAsync();
            var groupList = new List<Group>();
    
            foreach (var g in usergroup.CurrentPage)
            {
                var groupObject = await graphClient.Groups[g].Request().GetAsync();
                groupList.Add(groupObject);
            }
            return groupList;
        }
    

    But when I try the code I am getting the error "Microsoft.Graph.ServiceException: Code: InvalidAuthenticationToken Message: Access token validation failure.Inner error at Microsoft.Graph.HttpProvider."

    Can somebody help me please?

    Thanks in advance

    Wednesday, March 6, 2019 10:30 PM