Azure AD graph api working on local but fails when deployed

4
votes

I tried graphapi code from https://github.com/Azure-Samples/active-directory-dotnet-graphapi-console/tree/master/GraphConsoleAppV3. It worked on my local system. On local machine it pops up a window and ask for login. But When I deployed the application to azure web portal, it failed at the point where it gets the token sing Itenent.

"Error HRESULT E_FAIL has been returned from a call to a COM component" [COMException (0x80004005): Error HRESULT E_FAIL has been returned from a call to a COM component.]

I think this is searching token from local system. Is my token retrieving option related to windows or web? Any suggestion on code changes.

How can I replace this application to work when deployed. I think if we can change the ITenantDetail tenantDetail = GetTenantDetailsSync(client, UserModeConstants.TenantId); code to one which gets info from user, this should work on web also.

private static ActiveDirectoryClient client;
client = AuthenticationHelper.GetActiveDirectoryClientAsUser();
ITenantDetail tenantDetail = GetTenantDetailsSync(client, UserModeConstants.TenantId);



 public static ITenantDetail GetTenantDetailsSync(IActiveDirectoryClient client, string tenantId)
    {
        ITenantDetail tenant = null;
        try
        {
            IPagedCollection<ITenantDetail> tenantsCollection = client.TenantDetails
                .Where(tenantDetail => tenantDetail.ObjectId.Equals(tenantId)).ExecuteAsync().Result;

            List<ITenantDetail> tenantsList = tenantsCollection.CurrentPage.ToList();

            if (tenantsList.Count > 0)
            {
                tenant = tenantsList.First();
            }
        }
        catch (Exception ex)
        {
        }

        if (tenant == null)
        {
            return null;
        }
        else
        {
            TenantDetail tenantDetail = (TenantDetail)tenant;
            return tenantDetail;
        }
    }



public static ActiveDirectoryClient GetActiveDirectoryClientAsUser()
        {
            Uri servicePointUri = new Uri(GlobalConstants.ResourceUrl);
            Uri serviceRoot = new Uri(servicePointUri, UserModeConstants.TenantId);
            ActiveDirectoryClient activeDirectoryClient = new ActiveDirectoryClient(serviceRoot,
                async () => await AcquireTokenAsyncForUser());
            return activeDirectoryClient;
        }

public static async Task<string> AcquireTokenAsyncForUser()
        {
            return await GetTokenForUser();
        }

public static async Task<string> GetTokenForUser()
        {
            if (TokenForUser == null)
            {
                var redirectUri = new Uri("https://localhost");
                AuthenticationContext authenticationContext = new AuthenticationContext(UserModeConstants.AuthString, false);
                AuthenticationResult userAuthnResult = await authenticationContext.AcquireTokenAsync(GlobalConstants.ResourceUrl,
                    UserModeConstants.ClientId, redirectUri, new PlatformParameters(PromptBehavior.RefreshSession));
                TokenForUser = userAuthnResult.AccessToken;
            }
            return TokenForUser;
        }
2
c#asp.net-mvcazure-web-app-serviceazure-active-directoryazure-ad-graph-api
What do you mean by "deployed to the Azure web portal". The sample is a console application?RasmusW
Updated the console app to Web app and published.Kurkula
In that case, I think the COM exception stems from the code trying to start an IE instance to display the login dialog. You should probably use one of the web app samples as your starting point (like in Fei Xue's answer ).RasmusW
If you were developing an web app, the dialog will not be prompt to the end users since the code is running on server-side. In this scenario, please refer the code sample in my post. And if you have any question please feel free to let me know.Fei Xue - MSFT

2 Answers

5
votes

The Active Directory Authentication Library using in the code sample is help developers to use authentication functionality for your .NET client on various platforms including Windows desktop, Windows Store, Xamarin iOS and Xamarin Android.

If you were developing an web app, please refer the code sample active-directory-dotnet-webapp-openidconnect. And if you also want to use the Azure AD graph API in the web app, you can refer the code sample active-directory-dotnet-graphapi-web.

Microsoft also provide lots of samples to develop with Azure, you can find them from the below link:

Azure Samples

2
votes

you mean popup for login works fine on localhost but not popping up when deployed? please refer this link for the solution azure login popup not working

you have to use powershell for login.correct me if i misunderstood your question.