堆栈内存溢出
  简体   繁体   English

使用Azure AD身份验证获取承载访问令牌以访问o365资源

[英]Obtaining bearer access token to access o365 resource, using Azure AD auth

 原文  2018-05-17 22:36:03       c#/ azure-active-directory/ microsoft-graph/ asp.net-core-2.1

问题描述

I'm using the bog-standard, file->new Asp.Net Core Web Application (Razor Pages) project, and configuring it to use Azure AD authentication against an o365 instance, which works just fine. 我正在使用沼泽标准的文件->新的Asp.Net核心Web应用程序(剃刀页面)项目,并将其配置为针对o365实例使用Azure AD身份验证,效果很好。

I now want to use the app to access an o365 resource (eg my calendar) using the Graph API. 我现在想使用该应用程序通过Graph API访问o365资源(例如,我的日历)。 In asp.net core 2.0, I used the method described here to obtain the access token, cache it, and retrieve it for any graph requests. 在asp.net core 2.0中,我使用了此处介绍的方法来获取访问令牌,对其进行缓存并针对任何图形请求进行检索。 It relies on an OpenIdConnect event (OnAuthorizationCodeReceived) to obtain the access code. 它依赖于OpenIdConnect事件(OnAuthorizationCodeReceived)获取访问代码。

I don't see any similar event on the new AddAzureAd method available using asp.net core 2.1. 我看不到使用asp.net core 2.1的新AddAzureAd方法上的任何类似事件。 Is there now a new method for obtaining the token for use in Graph calls? 现在是否有一种新的方法来获取用于Graph调用的令牌?

1 个解决方案

解决方案1
 0  2018-05-18 21:47:56

This always has been a complex question and depending on your scenario (permissions required, workloads you're talking too) this answer might need to be adjusted. 这一直是一个复杂的问题,根据您的情况(所需的权限,您正在谈论的工作量),可能需要调整此答案。 First thing, here, you have the code grant and the id_token. 首先,在这里,您具有代码授权和id_token。 The easiest way to achieve way to achieve what you want to achieve (may not be the best in terms of user experience) it to store the id token temporary. 实现ID的最简单方法是实现ID临时存储的方法(就用户体验而言可能不是最好的方法)。 (let's say in a token cache) (假设在令牌缓存中) 

services.AddAuthentication()
    .AddOpenIdConnect(opts =>
    {
        opts.Events = new OpenIdConnectEvents
    {
        OnAuthorizationCodeReceived = ctx =>
        {
            return Task.CompletedTask;
        }
    };
    });

You can see an example here you also need to make sure your application is configured with the proper permissions and you should be ready to go! 您可以在此处看到一个示例还需要确保已为您的应用程序配置了正确的权限,并且应该可以开始使用!

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Azure Graph API-检查用户是否具有对O365邮箱的完全访问权限 - Azure Graph API - Check if user has full access to an O365 mailbox Azure AD 访问令牌请求 - Azure AD Access Token Request 在基于多租户,基于天蓝色AD的应用程序中代表用户获取令牌-没有配置访问用户信息的权限? - Obtaining a token on behalf of a user in a multi-tenanted, azure AD based application - No permission to access user information is configured? Azure AD Jwt Bearer令牌 - Azure AD Jwt Bearer token O365使用Mailkit删除邮件? - O365 using Mailkit to Delete mail? 获取来宾的Azure AD令牌 - Azure AD token obtaining for guest 单个AAD应用程序的多个租户是否可以访问O365进行日历事件 - Multiple tenants of single AAD application can access O365 for calendar events or not 找不到范围(scp)中的Azure AD访问令牌 - Azure AD Access token in not found Scope (scp) 从 Azure AD 接收无效的访问令牌 - Receiving invalid access token from Azure AD Azure AD 获取访问令牌 - 错误请求 - Azure AD getting Access token - Bad Request
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM