From 4fe9b82dd417ef93a591b0d785f86de5fb665f2e Mon Sep 17 00:00:00 2001 From: Alexander Pajer Date: Sun, 25 Sep 2022 10:25:58 +0200 Subject: [PATCH] graph demos copied from ms-600 --- .../Demo-05}/_images/rest-client.png | Bin .../06-Identity/Demo-05}/_images/scope.png | Bin .../06-Identity/Demo-05/get-auth-token.http | 0 Demos/06-Identity/Demo-05/graph-batching.http | 41 +++++++ .../06-Identity/Demo-05}/readme.md | 16 ++- .../setup-rest-client/create-appreg.azcli | 4 + Demos/06-Identity/Demo-05/use-teamwork.http | 109 ++++++++++++++++++ Demos/06-Identity/Demo-05/usr-grp-mgmt.http | 68 +++++++++++ Demos/06-Identity/readme.md | 2 +- Tooling/07-REST-Client/create-appreg.azcli | 7 -- 10 files changed, 234 insertions(+), 13 deletions(-) rename {Tooling/07-REST-Client => Demos/06-Identity/Demo-05}/_images/rest-client.png (100%) rename {Tooling/07-REST-Client => Demos/06-Identity/Demo-05}/_images/scope.png (100%) rename Tooling/07-REST-Client/get-token.http => Demos/06-Identity/Demo-05/get-auth-token.http (100%) create mode 100644 Demos/06-Identity/Demo-05/graph-batching.http rename {Tooling/07-REST-Client => Demos/06-Identity/Demo-05}/readme.md (72%) create mode 100644 Demos/06-Identity/Demo-05/setup-rest-client/create-appreg.azcli create mode 100644 Demos/06-Identity/Demo-05/use-teamwork.http create mode 100644 Demos/06-Identity/Demo-05/usr-grp-mgmt.http delete mode 100644 Tooling/07-REST-Client/create-appreg.azcli diff --git a/Tooling/07-REST-Client/_images/rest-client.png b/Demos/06-Identity/Demo-05/_images/rest-client.png similarity index 100% rename from Tooling/07-REST-Client/_images/rest-client.png rename to Demos/06-Identity/Demo-05/_images/rest-client.png diff --git a/Tooling/07-REST-Client/_images/scope.png b/Demos/06-Identity/Demo-05/_images/scope.png similarity index 100% rename from Tooling/07-REST-Client/_images/scope.png rename to Demos/06-Identity/Demo-05/_images/scope.png diff --git a/Tooling/07-REST-Client/get-token.http b/Demos/06-Identity/Demo-05/get-auth-token.http similarity index 100% rename from Tooling/07-REST-Client/get-token.http rename to Demos/06-Identity/Demo-05/get-auth-token.http diff --git a/Demos/06-Identity/Demo-05/graph-batching.http b/Demos/06-Identity/Demo-05/graph-batching.http new file mode 100644 index 00000000..2c8e4f57 --- /dev/null +++ b/Demos/06-Identity/Demo-05/graph-batching.http @@ -0,0 +1,41 @@ +# @name auth +POST https://login.microsoftonline.com/{{tenantId}}/oauth2/v2.0/token HTTP/1.1 +Content-type: application/x-www-form-urlencoded + +grant_type=client_credentials +&client_id={{clientId}} +&client_secret={{clientSecret}} +&scope={{scope}} + +### get all users +# @name users +GET https://graph.microsoft.com/v1.0/users +Authorization: Bearer {{auth.response.body.access_token}} + + +### get profile +GET https://graph.microsoft.com/v1.0/users/{{users.response.body.value[0].userPrincipalName }}/ +Accept: application/json +Content-Type: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +### batch request +POST https://graph.microsoft.com/v1.0/$batch +Accept: application/json +Content-Type: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +{ + "requests": [ + { + "url": "/users/{{users.response.body.value[0].userPrincipalName }}/", + "method": "GET", + "id": "1" + }, + { + "url": "/users/{{users.response.body.value[3].userPrincipalName }}/events", + "method": "GET", + "id": "2" + } + ] +} \ No newline at end of file diff --git a/Tooling/07-REST-Client/readme.md b/Demos/06-Identity/Demo-05/readme.md similarity index 72% rename from Tooling/07-REST-Client/readme.md rename to Demos/06-Identity/Demo-05/readme.md index 2c73420e..db4da3c7 100644 --- a/Tooling/07-REST-Client/readme.md +++ b/Demos/06-Identity/Demo-05/readme.md @@ -1,15 +1,21 @@ -# REST Client +# Graph Samples + +- graph-batching.http +- usr-grp-mgmt.http +- use-teamwork.http + +## Use REST Client with Microsoft Graph [REST Client VS Code Extension](https://marketplace.visualstudio.com/items?itemName=humao.rest-client) -To support Auth create an app registration in Azure AD using `create-appreg.azcli`. +To support Auth create an app registration in Azure AD using `setup-rest-client/create-appreg.azcli`. -Persist the output into your VS Code `settings.json`: +Persist the output into `settings.json` of Visual Studio Code: ```json "rest-client.environmentVariables": { "$shared": {}, - "blogdemo":{ + "dev":{ "tenantId":"<>", "clientId":"<>", "clientSecret":"<>", @@ -25,7 +31,7 @@ Assign the `User.ReadAll` permissions for out test as an Application Permission >Note: If you need additional permission you will have to assign them using the app registrations "API Permissions" tab -To test choose "F1" -> "REST Clien: Switch Environment" and execute `get-token.http`. +To test choose "F1" -> "REST Clien: Switch Environment", chose environment `dev` and execute `get-auth-token.http`. ```json # @name auth diff --git a/Demos/06-Identity/Demo-05/setup-rest-client/create-appreg.azcli b/Demos/06-Identity/Demo-05/setup-rest-client/create-appreg.azcli new file mode 100644 index 00000000..6cd6be38 --- /dev/null +++ b/Demos/06-Identity/Demo-05/setup-rest-client/create-appreg.azcli @@ -0,0 +1,4 @@ +app=vscode-rest-client +id=$(az ad app create --display-name $app --enable-access-token-issuance true --enable-id-token-issuance true --query appId -o tsv) + +az ad app credential reset --id $id --append \ No newline at end of file diff --git a/Demos/06-Identity/Demo-05/use-teamwork.http b/Demos/06-Identity/Demo-05/use-teamwork.http new file mode 100644 index 00000000..0a7924bf --- /dev/null +++ b/Demos/06-Identity/Demo-05/use-teamwork.http @@ -0,0 +1,109 @@ +### Set the graph base url +@graph=https://graph.microsoft.com/v1.0 +@tenanat=integrationsonline +@splistapp=6a04eb4c-afa8-4673-829a-19ca38640abb + +# Autenticate User +# @name auth +POST https://login.microsoftonline.com/{{tenantId}}/oauth2/v2.0/token HTTP/1.1 +Content-type: application/x-www-form-urlencoded + +grant_type=client_credentials +&client_id={{clientId}} +&client_secret={{clientSecret}} +&scope={{scope}} + +### get a specific user +# @name user +GET {{graph}}/users/alexander.pajer@integrations.at +Authorization: Bearer {{auth.response.body.access_token}} + + +### Create group +# @name m365grp +POST {{graph}}/groups +Accept: application/json +Content-Type: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +{ + "displayName":"graph-teams", + "mailNickname":"graph-teams", + "description":"a group for teams development", + "visibility":"Private", + "groupTypes":["Unified"], + "mailEnabled":true, + "securityEnabled":false, + "members@odata.bind":[ + "{{graph}}/users/{{user.response.body.id }}", + ], + "owners@odata.bind":[ + "{{graph}}/users/{{user.response.body.id }}" + ] +} + +### List groups +GET {{graph}}/groups +Accept: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +### Convert it to a Microsoft Teams +# @name team +POST {{graph}}/teams +Accept: application/json +Content-Type: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +{ + "template@odata.bind": "{{graph}}/teamsTemplates('standard')", + "group@odata.bind": "{{graph}}/groups('{{m365grp.response.body.id}}')" +} + +### List Teams +GET {{graph}}/groups?$select=id,displayName,resourceProvisioningOptions +Accept: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +### List all teams the current user has joined: +GET {{graph}}/users/{{user.response.body.id }}/joinedTeams +Accept: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +### Get channel id of default channel +# @name channel +GET {{graph}}/teams/{{m365grp.response.body.id}}/channels +Accept: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +### todo install app https://docs.microsoft.com/en-us/graph/api/team-list-installedapps?view=graph-rest-1.0&tabs=http +### Get installed apps +GET {{graph}}/teams/{{m365grp.response.body.id}}/installedApps +Accept: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +### Install app +POST {{graph}}/teams/{{m365grp.response.body.id}}/installedApps +Content-Type: application/json +Accept: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +{ + "teamsApp@odata.bind":"{{graph}}/appCatalogs/teamsApps/{{splistapp}}" +} + +### Add a tab to a teams default channel +POST {{graph}}/teams/{{m365grp.response.body.id}}/channels/{channelId}/tabs +Content-Type: application/json +Accept: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +{ + "displayName": "Skills", + "teamsApp@odata.bind" : "{{graph}}//appCatalogs/teamsApps/{{m365grp.response.body.id}}", + "configuration": { + "entityId": "2a527703-1f6f-4559-a332-d8a7d288cd88", + "contentUrl": "https://{tenant}.sharepoint.com/sites/m365-dev/skills", + "removeUrl": null, + "websiteUrl": null + } +} diff --git a/Demos/06-Identity/Demo-05/usr-grp-mgmt.http b/Demos/06-Identity/Demo-05/usr-grp-mgmt.http new file mode 100644 index 00000000..4d60c246 --- /dev/null +++ b/Demos/06-Identity/Demo-05/usr-grp-mgmt.http @@ -0,0 +1,68 @@ +### Set base vars +@graph=https://graph.microsoft.com/v1.0 + +### Authenticate +# @name auth +POST https://login.microsoftonline.com/{{tenantId}}/oauth2/v2.0/token HTTP/1.1 +Content-type: application/x-www-form-urlencoded + +grant_type=client_credentials +&client_id={{clientId}} +&client_secret={{clientSecret}} +&scope={{scope}} + +### get a specific user +# @name user +GET {{graph}}/users/alexander.pajer@integrations.at +Authorization: Bearer {{auth.response.body.access_token}} + +### get a specific user photo +# @name photo +GET {{graph}}/users/{{user.response.body.id}}/photo/$value +Authorization: Bearer {{auth.response.body.access_token}} + +### Get groups +# @name grps +GET {{graph}}/groups +Authorization: Bearer {{auth.response.body.access_token}} + +### Get group owner +GET {{graph}}/groups/{{grps.response.body.value[0].id}}/owners +Authorization: Bearer {{auth.response.body.access_token}} + +### Get the list of groups where a user is an owner +GET {{graph}}/users/{{user.response.body.id}}/ownedObjects +Authorization: Bearer {{auth.response.body.access_token}} + +### list groups +# @name grps +GET {{graph}}/groups +Authorization: Bearer {{auth.response.body.access_token}} + +### create grp +# @name grp +POST {{graph}}/groups/ +Content-type: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +{ + "description": "a dynamic group for ms-600", + "displayName": "ms600-dynamic", + "groupTypes": [ + "Unified" + ], + "mailEnabled": false, + "mailNickname": "ms600-dynamic", + "securityEnabled": true +} + +### add dynamic members - requires Azure AD Premium P1 or higher +PATCH https://graph.microsoft.com/v1.0/groups/{{grp.response.body.id}} +Content-type: application/json +Authorization: Bearer {{auth.response.body.access_token}} + +{ + "groupTypes": + ["Unified", "DynamicMembership"], + "membershipRule": "user.department -eq 'IT'","membershipRuleProcessingState": "on" +} \ No newline at end of file diff --git a/Demos/06-Identity/readme.md b/Demos/06-Identity/readme.md index 58dcfa55..5131a929 100644 --- a/Demos/06-Identity/readme.md +++ b/Demos/06-Identity/readme.md @@ -6,7 +6,7 @@ - Managing App Registrations & Understanding Microsoft Identity Authentication Flows - MSAL secured Mail Daemon Service with Microsoft Graph - MSAL secured .NET 6 Api consumed by Angular App using `@azure/msal-angular` - +- Graph Samples ## Readings [Microsoft Identity Platform Docs](https://docs.microsoft.com/en-us/azure/active-directory/develop/) diff --git a/Tooling/07-REST-Client/create-appreg.azcli b/Tooling/07-REST-Client/create-appreg.azcli deleted file mode 100644 index 5051a2e8..00000000 --- a/Tooling/07-REST-Client/create-appreg.azcli +++ /dev/null @@ -1,7 +0,0 @@ -app=vscode-rest-client -id=$(az ad app create --display-name $app --available-to-other-tenants false --oauth2-allow-implicit-flow true --query appId - -az ad app credential reset --id $id --append - - -