# Microsoft Graph API import asyncio import json from azure.identity.aio import ClientSecretCredential from msgraph import GraphServiceClient async def main(): # Helyettesítsd a saját adataiddal tenant_id = "tenantID" client_id = "clientID" client_secret = "clientSecret" # Credential létrehozása credential = ClientSecretCredential(tenant_id, client_id, client_secret) # Graph client létrehozása graph_client = GraphServiceClient(credential) try: # Bejelentkezett felhasználó adatainak lekérése print("Bejelentkezett felhasználó adatai:") user = await graph_client.me.get() print(f" Név: {user.display_name}") print(f" Email: {user.mail or user.user_principal_name}") print(f" ID: {user.id}") # Jogosultságok (permission scopes) lekérése print("\nJogosultságok ellenőrzése...") # Service principal lekérése sp = await graph_client.serviceprincipals.get(request_configuration={ "query_parameters": {"filter": f"appId eq '{client_id}'"} }) if sp.value: app_sp = sp.value[0] print(f"\nAlkalmazás neve: {app_sp.display_name}") print(f"App ID: {app_sp.app_id}") # App role assignments lekérése try: app_role_assignments = await graph_client.serviceprincipals[app_sp.id].app_role_assignments.get() print("\nEngedélyezett app role jogosultságok:") if app_role_assignments.value: for assignment in app_role_assignments.value: print(f" - Resource ID: {assignment.resource_display_name or assignment.resource_id}") print(f" App Role ID: {assignment.app_role_id}") print(f" Principal Type: {assignment.principal_type}") print(f" Granted To: {assignment.principal_display_name}") print() else: print(" Nincsenek app role jogosultságok beállítva") except Exception as e: print(f" App role lekérési hiba: {e}") # OAuth2 permission scopes lekérése try: oauth2_permission_grants = await graph_client.serviceprincipals[app_sp.id].oauth2_permission_grants.get() print("\nEngedélyezett OAuth2 permission scopes:") if oauth2_permission_grants.value: for grant in oauth2_permission_grants.value: print(f" - Client ID: {grant.client_id}") print(f" Consent Type: {grant.consent_type}") print(f" Scopes: {grant.scope}") print() else: print(" Nincsenek OAuth2 permission scope-ok beállítva") except Exception as e: print(f" OAuth2 permission lekérési hiba: {e}") # Current user permissions lekérése try: print("\nJelenlegi felhasználó jogosultságai:") me = await graph_client.me.get() # User memberof check memberof = await graph_client.me.member_of.get() if memberof.value: print(" Csoporttagságok:") for group in memberof.value: print(f" - {group.display_name}") # User app role assignments user_app_roles = await graph_client.me.app_role_assignments.get() if user_app_roles.value: print(" Felhasználó app role jogosultságai:") for role in user_app_roles.value: print(f" - {role.resource_display_name}: {role.app_role_id}") except Exception as e: print(f" Felhasználói jogosultságok lekérési hiba: {e}") # Alapvető API hívás teszt print("\nAPI hívás teszt:") users = await graph_client.users.get(request_configuration={ "query_parameters": {"top": 5} }) print(f" Felhasználók száma: {len(users.value) if users.value else 0}") except Exception as e: print(f"Hiba történt: {e}") finally: await credential.close() if __name__ == "__main__": asyncio.run(main())