D365: Graph API(三)程序调用Graph API
D365: Graph API(三)程序调用Graph API
在D365中,系统通过GraphAPIClient封装了Graph API接口,可以直接通过调用SysUserMSODSImportHelper::getGraphAPIClient().ListUsers().GetEnumerator()来获取AAD的用户列表,但是通过此方式,有一些限制条件,不能获取到所有字段信息,不能自定义筛选和不能指定字段进行查询。
在D365中,创建用户需要手工进行添加或者手工来导入,当如果有客户希望系统可以自动根据一定规则从AAD检索用户信息直接导入到D365来创建用户,如果通过GraphAPIClient来做,由于上面的一些限制条件,导致有些需求我们无法实现,例如有些字段GraphAPIClient是获取不到的,像office location, onPremisesSamAccountName, employeeid等等,还比如,如果需要做一些筛选,某些特定用户不需要导入到D365,GraphAPIClient不能指定筛选条件
出于上面的限制条件,要实现用户创建自动化,我们需要借助于Graph API,通过代码进行直接调用。
实现跟前面讲到的Postman一样,先获取token,在根据token请求API,下面是具体的逻辑实现
//生成token
public static str getGraphToken(str _tenantId, str _clientId, str _clientSecret) { System.Net.HttpWebRequest request; System.Net.HttpWebResponse response; System.Text.ASCIIEncoding encodingASCII; System.Net.WebHeaderCollection httpHeader; VyaAuthorizationToken authorizationToken = new VyaAuthorizationToken(); System.IO.Stream requestStream, receiveStream; System.IO.StreamReader readStream; CLRObject clrObj; str postData; str graphUrl = strFmt("https://login.microsoftonline.com/%1/oauth2/v2.0/token", _tenantId); ; new InteropPermission(InteropKind::ClrInterop).assert(); httpHeader = new System.Net.WebHeaderCollection(); clrObj = System.Net.WebRequest::Create(graphUrl); request = clrObj; request.set_Method("POST"); request.set_KeepAlive(true); request.set_ContentType("application/x-www-form-urlencoded"); postData = "client_id=" + _clientId; postData += "&scope=https://graph.microsoft.com/.default"; postData += "&client_secret=" + _clientSecret; postData += "&grant_type=client_credentials"; encodingASCII = new System.Text.ASCIIEncoding(); var data = encodingASCII.GetBytes(postData); request.ContentLength = data.Length; requestStream = request.GetRequestStream(); requestStream.Write(data, 0, data.Length); requestStream.Close(); response = request.GetResponse(); receiveStream = response.GetResponseStream(); readStream = new System.IO.StreamReader(receiveStream, System.Text.Encoding::get_UTF8()); str result = readStream.ReadToEnd(); authorizationToken = FormJsonSerializer::deserializeObject(classNum(VyaAuthorizationToken), result); response.Close(); readStream.Close(); return authorizationToken.access_Token; }
//序列化返回token的json
[DataContractAttribute] class VyaAuthorizationToken { public str token_Type; public str resource; public str access_Token; public real expires_In; public real not_Before; public real expires_On; [DataMemberAttribute('token_type')] public str paramToken_type(str _token_type = token_type) { token_type = _token_type; return token_type; } [DataMemberAttribute('resource')] public str paramResource(str _resource = resource) { resource = _resource; return resource; } [DataMemberAttribute('access_Token')] public str paramAccess_Token(str _access_Token = access_Token) { access_Token = _access_Token; return access_Token; } [DataMemberAttribute('expires_In')] public real paramExpires_In(real _expires_In = expires_In) { expires_In = _expires_In; return expires_In; } [DataMemberAttribute('not_Before')] public real paramNot_Before(real _not_Before = not_Before) { not_Before = _not_Before; return not_Before; } [DataMemberAttribute('expires_On')] public real paramExpires_On(real _expires_On = expires_On) { expires_On = _expires_On; return expires_On; } }
//根据请求地址和token,获取到用户信息Json public static str getUserProperty(str _graphUrl, str _token) { System.Net.HttpWebRequest request; System.Net.HttpWebResponse response; System.Exception ex; System.Net.WebHeaderCollection httpHeader; System.IO.Stream requestStream, responseStream; System.IO.StreamReader streamRead; System.IO.StreamWriter streamWriter; CLRObject clrObj; str returnJson; container dataList; Map mapData; ; try { httpHeader = new System.Net.WebHeaderCollection(); new InteropPermission(InteropKind::ClrInterop).assert(); clrObj = System.Net.WebRequest::Create(_graphUrl); request = clrObj; // adding headers httpHeader.Add("ConsistencyLevel", "eventual"); httpHeader.Add("Authorization", strFmt("Bearer %1", _token)); request.set_Method("GET"); request.set_KeepAlive(true); request.set_ContentType("application/json"); request.set_Headers(httpHeader); response = request.GetResponse(); streamRead = new System.IO.StreamReader(response.GetResponseStream()); returnJson = streamRead.ReadToEnd(); } catch { ex = CLRInterop::getLastException().GetBaseException(); error(ex.get_Message()); } return returnJson; }
//返回的用户信息进行json解析,并存储在container中 public container userList() { Map userPropertyJsonMap, userPropertyMap; MapEnumerator userPropertyMapEnum; container userList, userListAll; str userPropertyJson; str employeeIdAAD; str userPrincipalNameAAD; str nextLinkAAD; str token; SystemParameters systemParameters = SystemParameters::find(); UserInfo userInfo; int rows = 1; ; str graphUrl = systemParameters.VyaGraphURL; str tenant_id = systemParameters.VyaGraphTenantId; str clientId = systemParameters.VyaGraphClientId; str clientSecret = systemParameters.VyaGraphSecret; token = VyaUserAutoGenerateFromAAD::getGraphToken(tenant_id, clientId, clientSecret); userPropertyJson = VyaUserAutoGenerateFromAAD::getUserProperty(graphUrl, token); userPropertyJsonMap = RetailCommonWebAPI::getMapFromJsonString(userPropertyJson); if (userPropertyJsonMap.exists(#Value)) { userList = userPropertyJsonMap.lookup(#Value); userList = conDel(userList, 1, 3); } if (userList) { userListAll = conIns(userListAll, 1, userList); } if (userPropertyJsonMap.exists(#NextLink)) { nextLinkAAD = userPropertyJsonMap.lookup(#NextLink); while (nextLinkAAD != "") { [userList, nextLinkAAD] = this.getNextUserList(nextLinkAAD, token); if (userList) { rows++; userListAll = conIns(userListAll, rows, userList); } } } return userListAll; } public container getNextUserList(str _nextLink, str _token) { System.Net.HttpWebRequest request; System.Net.HttpWebResponse response; str nextLink, returnJson; container userList; Map userMap; CLRObject clrObj; System.Exception ex; System.Net.WebHeaderCollection httpHeader; System.IO.Stream requestStream, responseStream; System.IO.StreamWriter streamWriter; ; try { httpHeader = new System.Net.WebHeaderCollection(); new InteropPermission(InteropKind::ClrInterop).assert(); clrObj = System.Net.WebRequest::Create(_nextLink); request = clrObj; httpHeader.Add("ConsistencyLevel", "eventual"); httpHeader.Add("Authorization", strFmt("Bearer %1", _token)); request.set_Method("GET"); request.set_KeepAlive(true); request.set_ContentType("application/json"); request.set_Headers(httpHeader); response = request.GetResponse(); System.IO.StreamReader streamRead = new System.IO.StreamReader(response.GetResponseStream()); returnJson = streamRead.ReadToEnd(); userMap = RetailCommonWebAPI::getMapFromJsonString(returnJson); if (userMap.exists(#Value)) { userList = userMap.lookup(#Value); userList = conDel(userList, 1, 3); } if (userMap.exists(#NextLink)) { nextLink = userMap.lookup(#NextLink); } } catch { //exception ex = CLRInterop::getLastException().GetBaseException(); error(ex.get_Message()); } return [userList, nextLink]; }
