.NET Azure SDK 中的 Login-AzureRmAccount(和相关)等效项 [英] Login-AzureRmAccount (and related) equivalent(s) in .NET Azure SDK
问题描述
我开始想知道,
的等价物会是什么- 登录-AzureRmAccount
- New-AzureRmADServicePrincipal
- New-AzureRmADApplication
在
- 分配以登录用户身份访问目录委派权限
- 我们可以在屏幕截图中获取我们的租户 ID,即 目录 信息门户
步骤:
1.创建一个C#控制台项目.
2.引用
packages.config 文件
<?xml version="1.0" encoding="utf-8"?><包><package id="Microsoft.Azure.ActiveDirectory.GraphClient" version="2.1.1" targetFramework="net452"/><包 id="Microsoft.Data.Edm" 版本="5.6.4" targetFramework="net452"/>
I became to wonder, what would could the equivalents of
- Login-AzureRmAccount
- New-AzureRmADServicePrincipal
- New-AzureRmADApplication
in Azure SDK for .NET. For some reason I don't seem to be able to locate them and I would like to do something like in this blog post, but in code.
<edit: 2017-06-20 00:42
Taking some cues from Tom Sun and poking this a bit deeper, I found an answer that solves partially a problem of "old libraries" and also the one initially choosing a subscription. It's described at https://stackoverflow.com/a/41360632/1332416, but that code is already a bit old too, and poking a bit further, there's a re-write of that into a bit newer form at https://stackoverflow.com/a/38036598/1332416. However, this isn't quite there yet, I keep poking a bit further (unless someone pokes further). I think I rephrased the original question unprecisely. I'd like to re-create "the usual log-in flow with PowerShell", but this time in code. These PS commands are a bit rough to pin down, though. :)
The part about choosing a subscription using PowerShell could be like this:
$subscription = Get-AzureRmSubscription | Out-GridView -Title "Select the subsbcription for the deployment" -PassThru
Select-AzureRmSubscription -SubscriptionId $subscription.SubscriptionId
From the Azure Management Libraries for .NET source code, I couldn't find Creating AD ServicePrincipal and Azure AD function. After some investigation, I found we could do that with Microsoft.Azure.ActiveDirectory.GraphClient SDK. I do a test demo, it works correctly on my side. The following is my detail steps:
Preparation:
1.We need to create a native AD Application in the Azure portal
- Assign Access the directory as the signed-in user delegated permissions
- We could get our tenant Id that is Directory info on the screenshot portal
Steps:
1.Create a C# console project.
2.Reference the Microsoft.Azure.ActiveDirectory.GraphClient SDK, more details please refer to packages.config section
3.Add the following code in the project.
public static async Task<string> GetAccessToken(string userName, string password)
{
var tokenResponse = await context.AcquireTokenAsync("https://graph.windows.net", appId, new UserCredential(userName, password));
var accessToken = tokenResponse.AccessToken;
return accessToken;
}
static string appId = "created AD Application Id";
static string tenantId = "tenant Id";
static string graphResourceId = "https://graph.windows.net";
static string username = "user name";
static string userPasswrod = "passowrd";
static void Main(string[] args)
{
Uri servicePointUri = new Uri(graphResourceId);
Uri serviceRoot = new Uri(servicePointUri, tenantId);
ActiveDirectoryClient activeDirectoryClient = new ActiveDirectoryClient(serviceRoot, async () => await GetAccessToken(username, userPasswrod));
Application application = new Application
{
Homepage = "http://localhost:13526/",
DisplayName = "tomnewapplication",
IdentifierUris = new List<string> { "http://localhost/abcde" }
};
//Create Azure Directory Application
activeDirectoryClient.Applications.AddApplicationAsync(application).Wait();
ServicePrincipal servicePrincipal = new ServicePrincipal
{
AppId = "existing AD application Id"
};
//Create service principal
activeDirectoryClient.ServicePrincipals.AddServicePrincipalAsync(servicePrincipal).Wait();
}
4. Check from azure portal
packages.config file
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="Microsoft.Azure.ActiveDirectory.GraphClient" version="2.1.1" targetFramework="net452" />
<package id="Microsoft.Data.Edm" version="5.6.4" targetFramework="net452" />
<package id="Microsoft.Data.OData" version="5.6.4" targetFramework="net452" />
<package id="Microsoft.Data.Services.Client" version="5.6.4" targetFramework="net452" />
<package id="Microsoft.Graph" version="1.2.0" targetFramework="net452" />
<package id="Microsoft.Graph.Core" version="1.3.0" targetFramework="net452" />
<package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="2.28.3" targetFramework="net452" />
<package id="Newtonsoft.Json" version="6.0.1" targetFramework="net452" />
<package id="System.Spatial" version="5.6.4" targetFramework="net452" />
</packages>
这篇关于.NET Azure SDK 中的 Login-AzureRmAccount(和相关)等效项的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!