Graph REST AddMember to Group - Bad Request - microsoft-graph-api

I am attempting to add members to a group. I am able to list all groups in my org, get user by email, get all users and I can even remove a Member from a group but I cannot add one - The error returned is 400 Bad Request.
Here is the function which is the same function signature as those that work: (I do have the accesstoken, valid group id and a valid member id)
I have confirmed the body data looks correct at least as far as I can see from the example in the docs.
Not sure what else I can add to make things clearer, ask and I'll update
public async Task<string> AddGroupMember(string accessToken, string groupId, string memberId)
{
var status = string.Empty;
string endpoint = $"https://graph.microsoft.com/v1.0/groups/{groupId}/members/$ref";
string queryParameter = "";
// pass body data
var keyOdataId = "#odata.id";
var valueODataId = $"https://graph.microsoft.com/v1.0/directoryObjects/{memberId}";
var values = new List<KeyValuePair<string, string>>
{
new KeyValuePair<string, string>(keyOdataId, valueODataId)
};
var body = new FormUrlEncodedContent(values);
try
{
using(var client = new HttpClient())
{
using(var request = new HttpRequestMessage(HttpMethod.Post, endpoint + queryParameter))
{
request.Content = body;
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
using(var response = await client.SendAsync(request))
{
if (response.StatusCode == HttpStatusCode.NoContent)
status = "Member added to Group";
else
status = $"Unable to add Member to Group: {response.StatusCode}";
}
}
}
}
catch (Exception ex)
{
status = $"Error adding Member to Group: {ex.Message}";
}
return status;
}
Thanks for any help that anyone can offer - this is the last call I have to make then home free

Found the issue for any who care to know for the future:
var body = new FormUrl... my code was incorrect, what's needed is a simple json string changed to this UPDATED:
var jsonData = $#"{{ ""{keyOdataId}"": ""{valueODataId}"" }}";
var body = new StringContent(jsonData, Encoding.UTF8, "application/json");
I would normally put the values in a class but this is for proof of concept and the json key needs to look exactly like this #odata.id

Clarifying what is happening here:
The request body for this call should be JSON encoded (application/json). The FormUrlEncodedContent method returns your dictionary as Form encoded (application/x-www-form-urlencoded).
You can write the JSON by hand (like you have so far) but a better solution would be to leverage Json.NET. This will let you encode the dictionary in much the same way you were with FormUrlEncodedContent:
var values = new Dictionary<string, string>
{
{ keyOdataId, valueODataId}
};
var body = JsonConvert.SerializeObject(values);
If you're going to be doing a lot of work with Microsoft Graph, I would highly recommend switching to the Microsoft Graph .NET SDK.
You're method here would be far simpler using the SDK:
public async Task<string> AddGroupMember(string groupId, string memberId)
{
GraphServiceClient graphClient = AuthenticationHelper.GetAuthenticatedClient();
User userToAdd = new User { Id = memberId };
await graphClient.Groups[groupId].Members.References.Request().AddAsync(userToAdd);
}

Related

https://graph.microsoft.com/v1.0/users/ is returning only 100 records, I want to fetch all the record present in Azure AD

https://graph.microsoft.com/v1.0/users/ is returning only 100 records, I want to fetch all the record present in Azure AD.
I have tried with above API to but it always gives me 100 records and with top, I am able to fetch only 999 records. But I have more than 100k records and want to fetch at a time.
The call to https://graph.microsoft.com/v1.0/users/ returns a property called #odata.nextlink. Use #odata.nextlink to request more pages of user data.
I think it is not possible to fetch all users with one request but you could wirte a method getting all users for you. The following code is requesting the first 100 users. Afterwards it is calling the next 100 users until there is no more users.
It is only a work around. You should keep in mind that this function needs a long time to run
public async Task<List<GraphApiUser>> GetAllCloudUserAsync()
{
var query = "/users";
var response = await SendGraphApiRequest(HttpMethod.Get, query);
var data = JsonConvert.DeserializeObject<GetMultipleUserResponse>(await response.Content.ReadAsStringAsync());
var result = new List<GraphApiUser>();
result.AddRange(data.value);
var debugCounter = 1;
while (!string.IsNullOrEmpty(data.NextLink))
{
response = await SendGraphApiRequest(HttpMethod.Get, "/"+data.NextLink);
data = JsonConvert.DeserializeObject<GetMultipleUserResponse>(await response.Content.ReadAsStringAsync());
result.AddRange(data.value);
debugCounter++;
}
return result;
}
GetMultipleUserResponse-Class looks like that:
public class GetMultipleUserResponse
{
public List<GraphApiUser> value { get; set; }
[JsonProperty("odata.nextLink")]
public string NextLink { get; set; }
}
The GraphApiUser-Class looks diffrent from AD to AD because everyone is able to define own claims. Setting up this class belongs to you!
Sending a request can be done like this:
private async Task<HttpResponseMessage> SendGraphApiRequest(HttpMethod httpMethod, string query,
string json = "")
{
HttpClient http = new HttpClient();
var requestUri = "Your Ressource Id" + "Your Tenant" + "your query"+ "your api version";
HttpRequestMessage request = new HttpRequestMessage(httpMethod, requestUri);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", GetYourTokenHere());
request.Content = new StringContent(json, Encoding.UTF8, "application/json");
HttpResponseMessage response = await http.SendAsync(request);
if (!response.IsSuccessStatusCode)
{
string error = await response.Content.ReadAsStringAsync();
object formatted = JsonConvert.DeserializeObject(error);
Debug.WriteLine("Error Calling the Graph API: \n" +
JsonConvert.SerializeObject(formatted, Newtonsoft.Json.Formatting.Indented));
return null;
}
return response;
}

How to create an appRoleAssignment via Microsoft Graph?

As per this documentation you should be able to create an appRoleAssignment via Microsoft Graph, however this doesn't work. In a GitHub issue I was instructed to create the issue here. We have migrated most of our code from Azure Graph API to Microsoft Graph and this is the last piece that is missing.
This finally worked for me!
There might be more optimized ways to post the JSON but I had to go to basics to make sure nothing is causing this to fail behind the scenes.
const string ROLE_ASSIGNMENT_FORMATTER = "https://graph.microsoft.com/beta/servicePrincipals/{0}/appRoleAssignments";
public static async Task AddApplicationUsers(string enterpriseAppId, string userId, string roleId)
{
HttpClient client = new HttpClient();
string url = string.Format(ROLE_ASSIGNMENT_FORMATTER, enterpriseAppId);
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", await GetAccessToken());
var roleAssignment = new
{
appRoleId = roleId,
principalId = userId,
resourceId = enterpriseAppId
};
var content = new StringContent(Newtonsoft.Json.JsonConvert.SerializeObject(roleAssignment), Encoding.UTF8, "application/json");
content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
var response = await client.PostAsync(url, content);
if (response.IsSuccessStatusCode)
{
return ;
}
else
{
throw new HttpRequestException(response.ReasonPhrase);
}
}

HttpClient Post without FormUrlEncodedContent

I am using HTTPClient to make a post request, following is the simple code.
private static readonly HttpClient client = new HttpClient();
var values = new Dictionary<string, string>{
{ "x", "value" }};
var content = new FormUrlEncodedContent(values);
var response = await client.PostAsync(someUrl, content);
If I dont want to use FormUrlEncodedContent, what are the other alternatives to post data? i.e. I dont want to url encode my post body.
Say you have data in your model format.. E.g., UserData then you could try:
UserData ud = new UserData(){
// your user's data here
};
var content = new ObjectContent<UserData>(ud , new JsonMediaTypeFormatter());
var response = await client.PostAsync(url, content);
Would this work?

Microsoft Graph API: How to tell if an attendee is a group

I need to get events from a calendar, and find out individual users in the event.
var graphServiceClient = new GraphServiceClient(...);
var events = graphServiceClient.Me.CalendarView.Request().GetAsync();
// ...
var attendee = events[0].Attendees[0];
// Is attendee a group or user?
// If a group, how do we expand it?
We can determine whether the mail address is a user or the group via retrieve the user/group. For example, we can get the specific group via the REST below:
https://graph.microsoft.com/v1.0/groups?$filter=mail+eq+'group1#yourtenant.onmicrosoft.com'
If the email we provide is a user, then the response would have an empty value, otherwise it return the information for this group.
And to get the members of specific group, we can make a request with the id return by the above request:
https://graph.microsoft.com/v1.0/groups/{groupid}/members
And here is the code to get the group and its members for your reference. And I recommend you make the REST via HttpClient because it is more flexible and efficient.
public async Task GetGroup(string mailAddress)
{
var groups = await graphserviceClient.Groups.Request().Top(10).GetAsync();
foreach (var group in groups.CurrentPage)
{
Console.WriteLine(group.Mail);
if (mailAddress.Equals(group.Mail))
return group.Id;
}
while (groups.NextPageRequest != null)
{
groups = await groups.NextPageRequest.GetAsync();
foreach (var group in groups.CurrentPage)
{
Console.WriteLine(group.Mail);
if (mailAddress.Equals(group.Mail))
return group.Id;
}
}
return null;
}
public async void GetMembers(string groupId)
{
HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization", "bearer " + _accessToken);
string serviceURL = String.Format("https://graph.microsoft.com/v1.0/groups/{0}/members?$select=mail", groupId);
var response = client.GetAsync(serviceURL).Result;
JObject json = JObject.Parse(response.Content.ReadAsStringAsync().Result);
foreach (var mail in json["value"].Values("mail"))
{
Console.WriteLine(mail);
}
}
update
We need to have the "Group.Read.All" scope to read the groups:

ASP.NET MVC - Using cURL or similar to perform requests in application

I'm building an application in ASP.NET MVC (using C#) and I would like to know how I can perform calls like curl http://www.mywebsite.com/clients_list.xml inside my controller
Basically I would like to build a kind of REST API to perform actions such as show edit and delete, such as Twitter API.
But unfortunately until now I didn't find anything besides that cURL for windows on this website: http://curl.haxx.se/
So I don't know if is there any traditional way to retrieve this kind of call from URL with methods like post delete and put on the requests, etc...
I just would like to know an easy way to perform commands like curl inside my controller on my ASP.NET MVC Application.
UPDATE:
Hi so I managed to make GET Requests but now I'm having a serious problem in retrieve POST Request for example, I'm using the update status API from Twitter that in curl would work like this:
curl -u user:password -d "status=playing with cURL and the Twitter API" http://twitter.com/statuses/update.xml
but on my ASP.NET MVC application I'm doing like this inside my custom function:
string responseText = String.Empty;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create("http://twitter.com/statuses/update.xml");
request.Method = "POST";
request.Credentials = new NetworkCredential("username", "password");
request.Headers.Add("status", "Tweeting from ASP.NET MVC C#");
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
using (StreamReader sr = new StreamReader(response.GetResponseStream()))
{
responseText = sr.ReadToEnd();
}
return responseText;
Now the problem is that this request is returning 403 Forbidden,
I really don't know why if it works perfectly on curl
:\
UPDATE:
I finally manage to get it working, but probably there's a way to make it cleaner and beautiful, as I'm new on C# I'll need more knowledge to do it, the way the POST params are passed makes me very confused because is a lot of code to just pass params.
Well, I've created a Gist - http://gist.github.com/215900 , so everybody feel free to revise it as you will. Thanks for your help çağdaş
also follow the code here:
public string TwitterCurl()
{
//PREVENT RESPONSE 417 - EXPECTATION FAILED
System.Net.ServicePointManager.Expect100Continue = false;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create("http://twitter.com/statuses/update.xml");
request.Method = "POST";
request.Credentials = new NetworkCredential("twitterUsername", "twitterPassword");
//DECLARE POST PARAMS
string headerVars = String.Format("status={0}", "Tweeting from ASP.NET MVC C#");
request.ContentLength = headerVars.Length;
//SEND INFORMATION
using (StreamWriter streamWriter = new StreamWriter(request.GetRequestStream(), ASCIIEncoding.ASCII))
{
streamWriter.Write(headerVars);
streamWriter.Close();
}
//RETRIEVE RESPONSE
string responseText = String.Empty;
using (StreamReader sr = new StreamReader(request.GetResponse().GetResponseStream()))
{
responseText = sr.ReadToEnd();
}
return responseText;
/*
//I'M NOT SURE WHAT THIS IS FOR
request.Timeout = 500000;
request.ContentType = "application/x-www-form-urlencoded";
request.UserAgent = "Custom Twitter Agent";
#if USE_PROXY
request.Proxy = new WebProxy("http://localhost:3000", false);
#endif
*/
}
Try using Microsoft.Http.HttpClient. This is what your request would look like
var client = new HttpClient();
client.DefaultHeaders.Authorization = Credential.CreateBasic("username","password");
var form = new HttpUrlEncodedForm();
form.Add("status","Test tweet using Microsoft.Http.HttpClient");
var content = form.CreateHttpContent();
var resp = client.Post("http://www.twitter.com/statuses/update.xml", content);
string result = resp.Content.ReadAsString();
You can find this library and its source included in the WCF REST Starter kit Preview 2, however it can be used independently of the rest of the stuff in there.
P.S. I tested this code on my twitter account and it works.
Example code using HttpWebRequest and HttpWebResponse :
public string GetResponseText(string url) {
string responseText = String.Empty;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Method = "GET";
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
using (StreamReader sr = new StreamReader(response.GetResponseStream())) {
responseText = sr.ReadToEnd();
}
return responseText;
}
To POST data :
public string GetResponseText(string url, string postData) {
string responseText = String.Empty;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Method = "POST";
request.ContentLength = postData.Length;
using (StreamWriter sw = new StreamWriter(request.GetRequestStream())) {
sw.Write(postData);
}
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
using (StreamReader sr = new StreamReader(response.GetResponseStream())) {
responseText = sr.ReadToEnd();
}
return responseText;
}
This is the single line of code I use for calls to a RESTful API that returns JSON.
return ((dynamic) JsonConvert.DeserializeObject<ExpandoObject>(
new WebClient().DownloadString(
GetUri(surveyId))
)).data;
Notes
The Uri is generated off stage using the surveyId and credentials
The 'data' property is part of the de-serialized JSON object returned
by the SurveyGizmo API
The Complete Service
public static class SurveyGizmoService
{
public static string UserName { get { return WebConfigurationManager.AppSettings["SurveyGizmo.UserName"]; } }
public static string Password { get { return WebConfigurationManager.AppSettings["SurveyGizmo.Password"]; } }
public static string ApiUri { get { return WebConfigurationManager.AppSettings["SurveyGizmo.ApiUri"]; } }
public static string SurveyId { get { return WebConfigurationManager.AppSettings["SurveyGizmo.Survey"]; } }
public static dynamic GetSurvey(string surveyId = null)
{
return ((dynamic) JsonConvert.DeserializeObject<ExpandoObject>(
new WebClient().DownloadString(
GetUri(surveyId))
)).data;
}
private static Uri GetUri(string surveyId = null)
{
if (surveyId == null) surveyId = SurveyId;
return new UriBuilder(ApiUri)
{
Path = "/head/survey/" + surveyId,
Query = String.Format("user:pass={0}:{1}", UserName, Password)
}.Uri;
}
}
Look into the System.Net.WebClient class. It should offer the functionality you require. For finer grained control, you might find WebRequest to be more useful, but WebClient seems the best fit for your needs.

Resources