微软图形 API 身份验证
我实际上正在探索 microsoft graph api 并寻找一种无需任何交互即可以用户身份进行身份验证的解决方案,但找不到解决方案。我发现的每个代码示例都需要用户交互才能登录 microsoft 以获得令牌。是否有可能避免用户交互?
否则,我在此示例中找到了客户端凭据流的解决方法:https : //github.com/microsoftgraph/console-csharp-snippets-sample 但如果我尝试在 c# Asp.net mav applcition 或 Windows 窗体中实现此代码应用程序我无法获得应用程序令牌。如果我调试应用程序,它会一直等待令牌,但不会引发错误(病毒保护已停用)。有人对主要问题或我的解决方法有想法吗?
这是我尝试获取令牌的解决方法的代码,但卡在 daemonClient.AcquireTokenForClientAsync 上。
public async Task<Users> GetUser(string Username)
{
MSALCache appTokenCache = new MSALCache(clientId);
ClientCredential clientdummy = new ClientCredential(clientSecret);
ConfidentialClientApplication daemonClient = new ConfidentialClientApplication(clientId, string.Format(AuthorityFormat, tenantId), redirectUri,
clientdummy, null, null);
authenticate(daemonClient).Wait();
string token = authResult.AccessToken;
client = GetAuthenticatedClientForApp(token);
IGraphServiceUsersCollectionPage users = client.Users.Request().GetAsync().Result;
}
private async Task<AuthenticationResult> authenticate(ConfidentialClientApplication daemonClient)
{
authResult = await daemonClient.AcquireTokenForClientAsync(new[] { MSGraphScope });
return authResult;
}
素胚勾勒不出你2回答
-
胡子哥哥
找到解决方法:通过 REST API 获取令牌。在这里,我可以获得用户令牌或客户端令牌来访问图形 api: var client = new RestClient("https://login.microsoftonline.com/" + domainname); var request = new RestRequest("/oauth2/token", Method.POST); request.AddBody("grant_type", "client_credentials"); request.AddParameter("client_id", clientId); request.AddParameter("client_secret", clientSecret); request.AddParameter("Resource", "https://graph.microsoft.com"); request.AddParameter("scope", "[scopes]"); IRestResponse response = client.Execute(request); //contains the token var content = response.Content; -
SMILET
根据您的描述,我假设您需要一个解决方案来验证用户而无需任何交互。我们可以通过一些后台服务或守护进程获取访问令牌。更多细节,我们可以参考这个文档。根据我的测试,我们可以尝试以下步骤:首先,我们应该得到管理员的同意:app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions { ClientId = clientId, Authority = authority, RedirectUri = redirectUri, PostLogoutRedirectUri = redirectUri, Scope = "openid profile", ResponseType = "id_token", TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false, NameClaimType = "name" }, Notifications = new OpenIdConnectAuthenticationNotifications { AuthenticationFailed = this.OnAuthenticationFailedAsync, SecurityTokenValidated = this.OnSecurityTokenValidatedAsync } });ConfidentialClientApplication daemonClient = new ConfidentialClientApplication(Startup.clientId, string.Format(AuthorityFormat, tenantId), Startup.redirectUri, new ClientCredential(Startup.clientSecret), null, appTokenCache.GetMsalCacheInstance());AuthenticationResult authResult = await daemonClient.AcquireTokenForClientAsync(new[] { MSGraphScope });然后,我们可以使用此访问令牌来使用 Graph API。有关更多详细信息,我们可以查看GitHub 上的v2.0 守护程序示例。
随时随地看视频慕课网APP
相关分类
C#