get app permission

Scripts/python/Microsoft Grap Api.py

@@ -0,0 +1,109 @@
+# Microsoft Graph API
+import asyncio
+import json
+from azure.identity.aio import ClientSecretCredential
+from msgraph import GraphServiceClient
+
+async def main():
+    # Helyettesítsd a saját adataiddal
+    tenant_id = "tenantID"
+    client_id = "clientID"
+    client_secret = "clientSecret"
+    
+    # Credential létrehozása
+    credential = ClientSecretCredential(tenant_id, client_id, client_secret)
+    
+    # Graph client létrehozása
+    graph_client = GraphServiceClient(credential)
+    
+    try:
+        # Bejelentkezett felhasználó adatainak lekérése
+        print("Bejelentkezett felhasználó adatai:")
+        user = await graph_client.me.get()
+        print(f"  Név: {user.display_name}")
+        print(f"  Email: {user.mail or user.user_principal_name}")
+        print(f"  ID: {user.id}")
+        
+        # Jogosultságok (permission scopes) lekérése
+        print("\nJogosultságok ellenőrzése...")
+        
+        # Service principal lekérése
+        sp = await graph_client.serviceprincipals.get(request_configuration={
+            "query_parameters": {"filter": f"appId eq '{client_id}'"}
+        })
+        
+        if sp.value:
+            app_sp = sp.value[0]
+            print(f"\nAlkalmazás neve: {app_sp.display_name}")
+            print(f"App ID: {app_sp.app_id}")
+            
+            # App role assignments lekérése
+            try:
+                app_role_assignments = await graph_client.serviceprincipals[app_sp.id].app_role_assignments.get()
+                
+                print("\nEngedélyezett app role jogosultságok:")
+                if app_role_assignments.value:
+                    for assignment in app_role_assignments.value:
+                        print(f"  - Resource ID: {assignment.resource_display_name or assignment.resource_id}")
+                        print(f"    App Role ID: {assignment.app_role_id}")
+                        print(f"    Principal Type: {assignment.principal_type}")
+                        print(f"    Granted To: {assignment.principal_display_name}")
+                        print()
+                else:
+                    print("  Nincsenek app role jogosultságok beállítva")
+            except Exception as e:
+                print(f"  App role lekérési hiba: {e}")
+            
+            # OAuth2 permission scopes lekérése
+            try:
+                oauth2_permission_grants = await graph_client.serviceprincipals[app_sp.id].oauth2_permission_grants.get()
+                
+                print("\nEngedélyezett OAuth2 permission scopes:")
+                if oauth2_permission_grants.value:
+                    for grant in oauth2_permission_grants.value:
+                        print(f"  - Client ID: {grant.client_id}")
+                        print(f"    Consent Type: {grant.consent_type}")
+                        print(f"    Scopes: {grant.scope}")
+                        print()
+                else:
+                    print("  Nincsenek OAuth2 permission scope-ok beállítva")
+            except Exception as e:
+                print(f"  OAuth2 permission lekérési hiba: {e}")
+        
+        # Current user permissions lekérése
+        try:
+            print("\nJelenlegi felhasználó jogosultságai:")
+            me = await graph_client.me.get()
+            
+            # User memberof check
+            memberof = await graph_client.me.member_of.get()
+            if memberof.value:
+                print("  Csoporttagságok:")
+                for group in memberof.value:
+                    print(f"    - {group.display_name}")
+            
+            # User app role assignments
+            user_app_roles = await graph_client.me.app_role_assignments.get()
+            if user_app_roles.value:
+                print("  Felhasználó app role jogosultságai:")
+                for role in user_app_roles.value:
+                    print(f"    - {role.resource_display_name}: {role.app_role_id}")
+                    
+        except Exception as e:
+            print(f"  Felhasználói jogosultságok lekérési hiba: {e}")
+        
+        # Alapvető API hívás teszt
+        print("\nAPI hívás teszt:")
+        users = await graph_client.users.get(request_configuration={
+            "query_parameters": {"top": 5}
+        })
+        print(f"  Felhasználók száma: {len(users.value) if users.value else 0}")
+        
+    except Exception as e:
+        print(f"Hiba történt: {e}")
+    
+    finally:
+        await credential.close()
+
+if __name__ == "__main__":
+    asyncio.run(main())