ADAL.NET Winforms应用程序

Question

I have a asp.net web api 2 which uses AAD(Azure AD) to authenticate users. Currently i only have a angular web application accessing the api. The authentication of the users is being handled by adal.js, this works. Now im trying to add a winforms application, that also authenticates against the same AAD. This also works, meaning i get an auth-token, but when i call the API it returns a 401 message. I have looked at the Azure AD samples at github and have based my code on them.

In the web api, i have the following code in the Startup.Auth.cs:

    app.UseWindowsAzureActiveDirectoryBearerAuthentication(
            new WindowsAzureActiveDirectoryBearerAuthenticationOptions
            {
                Audience = ConfigurationManager.AppSettings["ida:Audience"],
                Tenant = ConfigurationManager.AppSettings["ida:Tenant"]
            });

The audience and Tenant key are copied from Azure AD.

I use the following code in the Winforms Application:

    string authority = "https://login.microsoftonline.com/{TenantID}";
    string resourceURI = "APP ID URI from the Web API registered in Azure AD";
    string clientID = "Client ID from the WinForms Application registered in Azure AD";
    Uri returnUri = new Uri("Registered return uri");
    AuthenticationContext _ac = new AuthenticationContext(authority);
    AuthenticationResult _arr = _ac.AcquireToken(resourceURI, clientID, returnUri);

To recap, i can authenticate an user in the winforms application, but when i request data from the API, the api responds with a 401 error. I have checked the http request and the token is being injected into the request.

Thank you guys for you help

Answer 1

Did you make sure you associated both applications (the Web API and the WinForm application) with an AAD application, and that you have granted permissions to the WinForm application to access the Web API?

A good example is provided in https://github.com/Azure-Samples/active-directory-dotnet-native-multitarget .