[英]Using a refresh token in AAD B2C with Azure App Service and Xamarin.Forms
I'm trying to get a refresh token set up in my Xamarin.Forms app using AAD B2C. 我正在尝试使用AAD B2C在Xamarin.Forms应用程序中设置刷新令牌。 I've got everything set up but run into issues when calling
LoginAsync
on my MobileServiceClient
. 我已经进行了所有设置,但是在
MobileServiceClient
上调用LoginAsync
时遇到了问题。 All of the docs and examples I can find show to update my LoginAsync
method to this: 我可以找到的所有文档和示例都显示了如何将我的
LoginAsync
方法更新为:
var user = await App.MobileServiceClient.LoginAsync(MobileServiceAuthenticationProvider.WindowsAzureActiveDirectory,
new Dictionary<string, string>() { { "response_type", "code id_token" } });
Except that the MobileServiceClient
does not take a Dictionary<string, string>
for the second parameter. 除了
MobileServiceClient
的第二个参数不使用Dictionary<string, string>
。 It takes a JObject
. 它需要一个
JObject
。 Here's what my current code looks like: 这是我当前的代码:
var authResult = await App.AuthenticationClient.AcquireTokenAsync(Constants.Scopes, "", UiOptions.SelectAccount, string.Empty, null, Constants.Authority, Constants.Policy);
var payload = new JObject();
payload["access_token"] = authResult.Token;
var user = await App.MobileServiceClient.LoginAsync(MobileServiceAuthenticationProvider.WindowsAzureActiveDirectory, payload);
I can not find an example use the JObject
anywhere. 我找不到在任何地方使用
JObject
的示例。
It is as simple as adding payload["response_type"] = "code id_token";
就像添加
payload["response_type"] = "code id_token";
一样简单payload["response_type"] = "code id_token";
to my payload? 到我的有效载荷?
AFAIK, Mobile Apps support two authentication flows ( client-managed flow and server-managed flow ). AFAIK,Mobile Apps支持两个身份验证流程( 客户端管理的流程和服务器管理的流程 )。
Client-managed authentication 客户端管理的身份验证
Your app can independently contact the identity provider and then provide the returned token during login with your backend .
您的应用程序可以独立地与身份提供者联系,然后在与后端登录时提供返回的令牌 。 This client flow enables you to provide a single sign-on experience for users or to retrieve additional user data from the identity provider.
该客户端流使您能够为用户提供单点登录体验,或者从身份提供者那里检索其他用户数据。
After you retrieved the token, then you would login with your azure mobile backend by passing the token into a JObject
instance as follows: 检索令牌后,可以通过将令牌传递到
JObject
实例中来使用azure移动后端登录,如下所示:
JObject payload = new JObject();
payload["access_token"] = ar.AccessToken;
var user = await client.LoginAsync(MobileServiceAuthenticationProvider.WindowsAzureActiveDirectory, payload);
For more details about other identity providers via client-flow authentication, you could refer to Client-managed authentication . 有关通过客户端流身份验证的其他身份提供者的更多详细信息,可以参考客户端管理的身份验证 。
Server-managed authentication 服务器管理的身份验证
Your app directly contacts your mobile backend, then your azure mobile backend contacts the identity provider and provide you with the logged user. 您的应用程序直接与您的移动后端联系,然后您的Azure移动后端与身份提供者联系并为您提供登录用户。
For more details about server-managed authentication in Xamarin.Forms, you could refer to Add authentication to your Xamarin Forms app . 有关Xamarin.Forms中服务器管理的身份验证的更多详细信息,可以参考将身份验证添加到Xamarin Forms应用程序 。
UPDATE: 更新:
I have checked that if you call MobileServiceClient.LoginAsync
in PCL, you could not see any extensions for LoginAsync
. 我已经检查过,如果您在PCL中调用
MobileServiceClient.LoginAsync
,则看不到LoginAsync
任何扩展名。 As you could see, there are many extension LoginAsync
methods in the Microsoft.WindowsAzure.Mobile.Ext.dll
for each platform. 如您所见,每个平台的
Microsoft.WindowsAzure.Mobile.Ext.dll
都有许多扩展LoginAsync
方法。 You need to define the IAuthenticate
interface and implement it in each of your app (uwp, android, ios, etc.), for more details you could refer to here . 您需要定义
IAuthenticate
接口并在每个应用程序(uwp,android,ios等)中实现它,有关更多详细信息,请参见此处 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.