ADAL v3: How to authenticate using UserPasswordCredential?

前端未结

关注

 2  1164

清歌不尽 2020-12-03 04:03

ADAL v3 has the UserPasswordCredential class, but I cannot find a working implementation. There\'s no AcquireToken overload which accepts a UserPasswordCredential or UserCre

2条回答

眼角桃花 (楼主)

2020-12-03 04:56

To elaborate on the second part of the accepted answer, here is an implementation to make the POST request:

    From SettingHelper: public static string GetAuthorityEndpoint(string azuretenantId) => $"https://login.microsoftonline.com/{azuretenantId}/";

    private static async Task AuthenticateAsync(string resource = "https://yourAzureADProtectedResource.url/")
    {
        var oauthEndpoint = new Uri(new Uri(SettingsHelper.GetAuthorityEndpoint("your AAD Tenent ID")), "oauth2/token");

        using (var client = new HttpClient())
        {
            var result = await client.PostAsync(oauthEndpoint, new FormUrlEncodedContent(new[]
            {
                new KeyValuePair("resource", resource),
                new KeyValuePair("client_id", "your AAD App Id"),
                new KeyValuePair("grant_type", "password"),
                new KeyValuePair("username", "your.user@yourtenent.url"),
                new KeyValuePair("password", "your password"),
                new KeyValuePair("scope", "openid"),
                new KeyValuePair("client_secret", "an access key for your AAD App"),
            }));

            var content = await result.Content.ReadAsStringAsync();
            var authResult = JsonConvert.DeserializeObject(content);
            return authResult;
        }
    }

    class OAuthResult
    {
        public string Token_Type { get; set; }
        public string Scope { get; set; }
        public int Expires_In { get; set; }
        public int Ext_Expires_In { get; set; }
        public int Expires_On { get; set; }
        public int Not_Before { get; set; }
        public Uri Resource { get; set; }
        public string Access_Token { get; set; }
    }

You can then go on to use the Auth result like this:

    private async Task GetHttpClientWithAzureADAuthentication()
    {
        OAuthResult authResult;
        try
        {
            authResult = await AuthenticateAsync();
            var httpClient = GetHttpClient();
            httpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {authResult.Access_Token}");

            return httpClient;
        }
        catch (Exception e)
        {
            Debug.WriteLine(e);
            throw;
        }
    }

0 讨论(0)

查看其它2个回答