-
Notifications
You must be signed in to change notification settings - Fork 1
/
CheckUserExistence.cs
107 lines (93 loc) · 4.21 KB
/
CheckUserExistence.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
using System;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Azure.WebJobs;
using Microsoft.Azure.WebJobs.Extensions.Http;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging;
using Microsoft.Graph.Auth;
using Microsoft.Identity.Client;
using Microsoft.Graph;
using Microsoft.Extensions.Options;
using System.IO;
using Newtonsoft.Json;
using System.Linq;
using MyProject.Shared.ViewModels;
using MyProject.Settings;
namespace MyProject.Function
{
public class CheckUserExistence
{
private readonly AdminConfiguration adminSettings;
public CheckUserExistence(IOptions<AdminConfiguration> adminSettings)
{
this.adminSettings = adminSettings.Value;
}
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[FunctionName("CheckUserExistence")]
public async Task<IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = null)] HttpRequest req,
ILogger log)
{
log.LogInformation($"C# Timer trigger function executed at: {DateTime.Now}");
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var adUser = JsonConvert.DeserializeObject<AdUserViewModel>(requestBody);
// If input data is null, show block page
if (adUser == null)
{
return new OkObjectResult(new ResponseContent("ShowBlockPage", "There was a problem with your request."));
}
string tenantId = adminSettings.TenantId;
string applicationId = adminSettings.ApplicationId;
string clientSecret = adminSettings.ClientSecret;
// If some configuration is missing, show block page
if (string.IsNullOrEmpty(tenantId) ||
string.IsNullOrEmpty(applicationId) ||
string.IsNullOrEmpty(clientSecret))
{
return new OkObjectResult(new ResponseContent("ShowBlockPage", "There was a problem with your request."));
}
// If email claim not found, show block page
if (string.IsNullOrEmpty(adUser.Email) || !adUser.Email.Contains("@"))
{
return new BadRequestObjectResult(new ResponseContent("ShowBlockPage", "Email name is mandatory."));
}
string userEmail = adUser.Email;
// Initialize the client credential auth provider
IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
.Create(applicationId)
.WithTenantId(tenantId)
.WithClientSecret(clientSecret)
.Build();
ClientCredentialProvider authProvider = new ClientCredentialProvider(confidentialClientApplication);
// Set up the Microsoft Graph service client with client credentials
GraphServiceClient graphClient = new GraphServiceClient(authProvider);
try
{
// Get user by sign-in name
var result = (await graphClient.Users
.Request()
.Filter($"identities/any(c:c/issuerAssignedId eq '{userEmail}' and c/issuer eq '{tenantId}')")
.GetAsync())
.Union(
await graphClient.Users
.Request()
.Filter($"otherMails/any(c:c eq '{userEmail}') and UserType eq 'Member'")
.GetAsync()
).ToArray();
if (result.Length > 0)
{
return new BadRequestObjectResult(new ResponseContent("ValidationError", "An user with this email already exists.", "400"));
}
}
catch (Exception e)
{
log.LogError("Error executing MS Graph request: ", e);
return new OkObjectResult(new ResponseContent("ShowBlockPage", "There was a problem with your request."));
}
// If all is OK, return 200 OK - Continue message
return new OkObjectResult(new ResponseContent("Continue"));
}
}
}