Merge pull request #191062 from yoelhor/patch-249

denrea · web-flow · commit 614e31db68b5 · 2022-03-14T10:57:55.000-07:00
Update to new Azure Identity auth library
diff --git a/articles/active-directory/external-identities/code-samples.md b/articles/active-directory/external-identities/code-samples.md
@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: B2B
 ms.topic: sample
-ms.date: 04/11/2017
+ms.date: 03/14/2022
 
 ms.author: mimart
 author: msmimart
@@ -19,7 +19,8 @@ ms.collection: M365-identity-device-management
 # Azure Active Directory B2B collaboration code and PowerShell samples
 
 ## PowerShell example
-You can bulk-invite external users to an organization from email addresses that you have stored in a .CSV file.
+
+You can bulk-invite external users to an organization from email addresses that you've stored in a .CSV file.
 
 1. Prepare the .CSV file
    Create a new CSV file and name it invitations.csv. In this example, the file is saved in C:\data, and contains the following information:
@@ -49,49 +50,49 @@ You can bulk-invite external users to an organization from email addresses that
    foreach ($email in $invitations) {New-AzureADMSInvitation -InvitedUserEmailAddress $email.InvitedUserEmailAddress -InvitedUserDisplayName $email.Name -InviteRedirectUrl https://wingtiptoysonline-dev-ed.my.salesforce.com -InvitedUserMessageInfo $messageInfo -SendInvitationMessage $true}
    ```
 
-This cmdlet sends an invitation to the email addresses in invitations.csv. Additional features of this cmdlet include:
+This cmdlet sends an invitation to the email addresses in invitations.csv. More features of this cmdlet include:
+
 - Customized text in the email message
 - Including a display name for the invited user
 - Sending messages to CCs or suppressing email messages altogether
 
 ## Code sample
-Here we illustrate how to call the invitation API, in "app-only" mode, to get the redemption URL for the resource to which you are inviting the B2B user. The goal is to send a custom invitation email. The email can be composed with an HTTP client, so you can customize how it looks and send it through the Microsoft Graph API.
+
+The code sample illustrates how to call the invitation API and get the redemption URL. Use the redemption URL to send a custom invitation email. The email can be composed with an HTTP client, so you can customize how it looks and send it through the Microsoft Graph API.
+
+
+# [HTTP](#tab/http)
+
+```http
+POST https://graph.microsoft.com/v1.0/invitations
+Content-type: application/json
+{
+  "invitedUserEmailAddress": "david@fabrikam.com",
+  "invitedUserDisplayName": "David",
+  "inviteRedirectUrl": "https://myapp.contoso.com",
+  "sendInvitationMessage": true
+}
+```
+
+# [C#](#tab/csharp)
 
 ```csharp
+using System;
+using System.Threading.Tasks;
+using Microsoft.Graph;
+using Azure.Identity;
+
 namespace SampleInviteApp
 {
-    using System;
-    using System.Linq;
-    using System.Net.Http;
-    using System.Net.Http.Headers;
-    using Microsoft.IdentityModel.Clients.ActiveDirectory;
-    using Newtonsoft.Json;
     class Program
     {
         /// <summary>
-        /// Microsoft Graph resource.
-        /// </summary>
-        static readonly string GraphResource = "https://graph.microsoft.com";
-
-        /// <summary>
-        /// Microsoft Graph invite endpoint.
-        /// </summary>
-        static readonly string InviteEndPoint = "https://graph.microsoft.com/v1.0/invitations";
-
-        /// <summary>
-        ///  Authentication endpoint to get token.
-        /// </summary>
-        static readonly string EstsLoginEndpoint = "https://login.microsoftonline.com";
-
-        /// <summary>
-        /// This is the tenantid of the tenant you want to invite users to.
+        /// This is the tenant ID of the tenant you want to invite users to.
         /// </summary>
         private static readonly string TenantID = "";
 
         /// <summary>
         /// This is the application id of the application that is registered in the above tenant.
-        /// The required scopes are available in the below link.
-        /// https://developer.microsoft.com/graph/docs/api-reference/v1.0/api/invitation_post
         /// </summary>
         private static readonly string TestAppClientId = "";
 
@@ -114,119 +115,106 @@ namespace SampleInviteApp
         /// Main method.
         /// </summary>
         /// <param name="args">Optional arguments</param>
-        static void Main(string[] args)
-        {
-            Invitation invitation = CreateInvitation();
-            SendInvitation(invitation);
-        }
-
-        /// <summary>
-        /// Create the invitation object.
-        /// </summary>
-        /// <returns>Returns the invitation object.</returns>
-        private static Invitation CreateInvitation()
+        static async Task Main(string[] args)
         {
-            // Set the invitation object.
-            Invitation invitation = new Invitation();
-            invitation.InvitedUserDisplayName = InvitedUserDisplayName;
-            invitation.InvitedUserEmailAddress = InvitedUserEmailAddress;
-            invitation.InviteRedirectUrl = "https://www.microsoft.com";
-            invitation.SendInvitationMessage = true;
-            return invitation;
+            string InviteRedeemUrl = await SendInvitation();
         }
 
         /// <summary>
         /// Send the guest user invite request.
         /// </summary>
-        /// <param name="invitation">Invitation object.</param>
-        private static void SendInvitation(Invitation invitation)
+        private static async string SendInvitation()
         {
-            string accessToken = GetAccessToken();
+            /// Get the access token for our application to talk to Microsoft Graph.
+            var scopes = new[] { "https://graph.microsoft.com/.default" };
+            var clientSecretCredential = new ClientSecretCredential(TenantID, TestAppClientId, TestAppClientSecret);
+            var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
 
-            HttpClient httpClient = GetHttpClient(accessToken);
-
-            // Make the invite call.
-            HttpContent content = new StringContent(JsonConvert.SerializeObject(invitation));
-            content.Headers.Add("ContentType", "application/json");
-            var postResponse = httpClient.PostAsync(InviteEndPoint, content).Result;
-            string serverResponse = postResponse.Content.ReadAsStringAsync().Result;
-            Console.WriteLine(serverResponse);
+            // Create the invitation object.
+            var invitation = new Invitation
+            {
+                InvitedUserEmailAddress = InvitedUserEmailAddress,
+                InvitedUserDisplayName = InvitedUserDisplayName,
+                InviteRedirectUrl = "https://www.microsoft.com",
+                SendInvitationMessage = true
+            };
+
+            // Send the invitation 
+            var GraphResponse = await graphClient.Invitations
+                .Request()
+                .AddAsync(invitation);
+
+            // Return the invite redeem URL
+            return GraphResponse.InviteRedeemUrl;
         }
+    }
+}
+```
 
-        /// <summary>
-        /// Get the HTTP client.
-        /// </summary>
-        /// <param name="accessToken">Access token</param>
-        /// <returns>Returns the Http Client.</returns>
-        private static HttpClient GetHttpClient(string accessToken)
-        {
-            // setup http client.
-            HttpClient httpClient = new HttpClient();
-            httpClient.Timeout = TimeSpan.FromSeconds(300);
-            httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
-            httpClient.DefaultRequestHeaders.Add("client-request-id", Guid.NewGuid().ToString());
-            Console.WriteLine(
-                "CorrelationID for the request: {0}",
-                httpClient.DefaultRequestHeaders.GetValues("client-request-id").Single());
-            return httpClient;
-        }
+# [JavaScript](#tab/javascript)
 
-        /// <summary>
-        /// Get the access token for our application to talk to Microsoft Graph.
-        /// </summary>
-        /// <returns>Returns the access token for our application to talk to Microsoft Graph.</returns>
-        private static string GetAccessToken()
-        {
-            string accessToken = null;
+Install the following npm packages:
 
-            // Get the access token for our application to talk to Microsoft Graph.
-            try
-            {
-                AuthenticationContext testAuthContext =
-                    new AuthenticationContext(string.Format("{0}/{1}", EstsLoginEndpoint, TenantID));
-                AuthenticationResult testAuthResult = testAuthContext.AcquireTokenAsync(
-                    GraphResource,
-                    new ClientCredential(TestAppClientId, TestAppClientSecret)).Result;
-                accessToken = testAuthResult.AccessToken;
-            }
-            catch (AdalException ex)
-            {
-                Console.WriteLine("An exception was thrown while fetching the token: {0}.", ex);
-                throw;
-            }
-
-            return accessToken;
-        }
+```bash
+npm install express
+npm install isomorphic-fetch
+npm install @azure/identity
+npm install @microsoft/microsoft-graph-client
+```
 
-        /// <summary>
-        /// Invitation class.
-        /// </summary>
-        public class Invitation
-        {
-            /// <summary>
-            /// Gets or sets display name.
-            /// </summary>
-            public string InvitedUserDisplayName { get; set; }
-
-            /// <summary>
-            /// Gets or sets display name.
-            /// </summary>
-            public string InvitedUserEmailAddress { get; set; }
-
-            /// <summary>
-            /// Gets or sets a value indicating whether Invitation Manager should send the email to InvitedUser.
-            /// </summary>
-            public bool SendInvitationMessage { get; set; }
-
-            /// <summary>
-            /// Gets or sets invitation redirect URL
-            /// </summary>
-            public string InviteRedirectUrl { get; set; }
-        }
-    }
+```javascript
+const express = require('express')
+const app = express()
+
+const { Client } = require("@microsoft/microsoft-graph-client");
+const { TokenCredentialAuthenticationProvider } = require("@microsoft/microsoft-graph-client/authProviders/azureTokenCredentials");
+const { ClientSecretCredential } = require("@azure/identity");
+require("isomorphic-fetch");
+
+// This is the application id of the application that is registered in the above tenant.
+const CLIENT_ID = ""
+
+// Client secret of the application.
+const CLIENT_SECRET = ""
+
+// This is the tenant ID of the tenant you want to invite users to. For example fabrikam.onmicrosoft.com
+const TENANT_ID = ""
+
+async function sendInvite() {
+
+  // Initialize a confidential client application. For more info, visit: https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-service-principal-with-a-client-secret
+  const credential = new ClientSecretCredential(TENANT_ID, CLIENT_ID, CLIENT_SECRET);
+
+  // Initialize the Microsoft Graph authentication provider. For more info, visit: https://docs.microsoft.com/en-us/graph/sdks/choose-authentication-providers?tabs=Javascript#using--for-server-side-applications
+  const authProvider = new TokenCredentialAuthenticationProvider(credential, { scopes: ['https://graph.microsoft.com/.default'] });
+
+  // Create MS Graph client instance. For more info, visit: https://github.com/microsoftgraph/msgraph-sdk-javascript/blob/dev/docs/CreatingClientInstance.md
+  const client = Client.initWithMiddleware({
+    debugLogging: true,
+    authProvider,
+  });
+
+  // Create invitation object
+  const invitation = {
+    invitedUserEmailAddress: 'david@fabrikam.com',
+    invitedUserDisplayName: 'David',
+    inviteRedirectUrl: 'https://www.microsoft.com',
+    sendInvitationMessage: true
+  };
+  
+  // Execute the MS Graph command. For more information, visit: https://docs.microsoft.com/en-us/graph/api/invitation-post
+  graphResponse = await client.api('/invitations')
+    .post(invitation);
+  
+  // Return the invite redeem URL
+  return graphResponse.inviteRedeemUrl
 }
+
+const inviteRedeemUrl = await sendInvite();
+
 ```
 
+---
 
 ## Next steps
 
