deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

s

Browse Source
This commit is contained in:
Ben Alfasi 2019-03-12 23:32:33 +02:00
parent 62a9c551c6
commit 57e2d78f53
3 changed files with 37 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md
View File

@ -112,39 +112,51 @@ For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.co
### Using C# ### Using C#
The code was below tested with nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8 - Copy/Paste the below class in your application.
- Use **AcquireUserTokenAsync** method with the your application ID, tenant ID, user name and password to acquire a token.
- Create a new Console Application
- Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/)
- Add the below using
``` ```
using Microsoft.IdentityModel.Clients.ActiveDirectory; namespace WindowsDefenderATP
``` {
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json.Linq;
- Copy/Paste the below code in your application (pay attention to the comments in the code) public static class WindowsDefenderATPUtils
{
private const string Authority = "https://login.windows.net";
``` private const string WdatpResourceId = "https://api.securitycenter.windows.com";
const string authority = "https://login.windows.net";
const string wdatpResourceId = "https://api.securitycenter.windows.com";
string tenantId = "00000000-0000-0000-0000-000000000000"; // Paste your own tenant ID here public static async Task<string> AcquireUserTokenAsync(string username, string password, string appId, string tenantId)
string appId = "11111111-1111-1111-1111-111111111111"; // Paste your own app ID here {
using (var httpClient = new HttpClient())
{
var urlEncodedBody = $"resource={WdatpResourceId}&client_id={appId}&grant_type=password&username={username}&password={password}";
string username = "SecurityAdmin123@microsoft.com"; // Paste your username here var stringContent = new StringContent(urlEncodedBody, Encoding.UTF8, "application/x-www-form-urlencoded");
string password = GetPasswordFromSafePlace(); // Paste your own password here for a test, and then store it in a safe place!
UserPasswordCredential userCreds = new UserPasswordCredential(username, password); using (var response = await httpClient.PostAsync($"{Authority}/{tenantId}/oauth2/token", stringContent).ConfigureAwait(false))
{
response.EnsureSuccessStatusCode();
AuthenticationContext auth = new AuthenticationContext($"{authority}/{tenantId}"); var json = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
AuthenticationResult authenticationResult = auth.AcquireTokenAsync(wdatpResourceId, appId, userCreds).GetAwaiter().GetResult();
string token = authenticationResult.AccessToken; var jObject = JObject.Parse(json);
return jObject["access_token"].Value<string>();
}
}
}
}
}
``` ```
## Validate the token ## Validate the token
Sanity check to make sure you got a correct token: Sanity check to make sure you got a correct token:
- Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it - Copy/paste into [JWT](https://jwt.ms) the token you got in the previous step in order to decode it
- Validate you get a 'scp' claim with the desired app permissions - Validate you get a 'scp' claim with the desired app permissions
- In the screenshot below you can see a decoded token acquired from the app in the tutorial: - In the screenshot below you can see a decoded token acquired from the app in the tutorial:
@ -164,7 +176,7 @@ Sanity check to make sure you got a correct token:
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
var response = await httpClient.SendAsync(request).ConfigureAwait(false); var response = httpClient.SendAsync(request).GetAwaiter().GetResult();
// Do something useful with the response // Do something useful with the response
``` ```

2
windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md
View File

@ -235,7 +235,7 @@ Sanity check to make sure you got a correct token:
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
var response = await httpClient.SendAsync(request).ConfigureAwait(false); var response = httpClient.SendAsync(request).GetAwaiter().GetResult();
// Do something useful with the response // Do something useful with the response
``` ```

5
windows/security/threat-protection/windows-defender-atp/prerelease.md
View File

@ -1,5 +1,6 @@
--- ---
ms.date: 08/28/2017 ms.date: 08/28/2017
--- ---
>[!IMPORTANT]
>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. >[!IMPORTANT]
>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.