[英]How Do I Get the JWT Bearer Token Using B2C and Blazor
I've created a new Blazor app using the Visual Studio template adding B2C using the wizard during the project creation.我使用 Visual Studio 模板在项目创建期间使用向导添加 B2C 创建了一个新的 Blazor 应用程序。
All works great with authentication.一切都适用于身份验证。 I can sign in using my favorite identity provider and receive the id_token.
我可以使用我最喜欢的身份提供者登录并接收 id_token。 I don't know where I can get the id_token, but I can see the claims in my user identity.
我不知道在哪里可以获得 id_token,但我可以在我的用户身份中看到声明。
What I need help with is how do I take the information in the claims to acquire the access token.我需要帮助的是如何获取声明中的信息来获取访问令牌。 I need this token to call my endpoints.
我需要这个令牌来调用我的端点。
This seems like it should be straightforward and a common thing, but I can't seem to find any good examples.这似乎应该是直截了当和常见的事情,但我似乎找不到任何好的例子。
In a normal MVC app, I can get this through the ConfidentialClientApplicationBuilder.AcquireTokenByAuthorizationCode but that doesn't work in Blazor (unless I'm doing something wrong).在普通的 MVC 应用程序中,我可以通过 ConfidentialClientApplicationBuilder.AcquireTokenByAuthorizationCode 获取此信息,但这在 Blazor 中不起作用(除非我做错了什么)。
I've tried this: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-access-tokens我试过这个: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-access-tokens
I think it'll work.我认为它会工作。 How do I get "code"(id_token) in my blazor app?
如何在我的 blazor 应用程序中获取“代码”(id_token)? It's what is decoded behind the scenes and all I can find are the claims resulting from decoding the "code".
这是在幕后解码的内容,我能找到的只是解码“代码”所产生的声明。
I've used the azure's "Run user flow" to access an example id_token("code") and pasted it into my project and made the call in the link above and it seems to work.我已经使用 azure 的“运行用户流程”来访问示例 id_token("code") 并将其粘贴到我的项目中并在上面的链接中进行调用,它似乎可以工作。 I'm running into permission issues, but it's at least a successful call.
我遇到了权限问题,但这至少是一次成功的通话。
Maybe if I can just get access to the id_token I can make it work from there?也许如果我可以访问 id_token 我可以让它从那里工作?
This seems like a client side app, similar to a SPA.这似乎是一个客户端应用程序,类似于 SPA。 In which case you must use the implicit flow, where the response type is “id_token token”, and returns an id token and access token to the browser in one call.
在这种情况下,您必须使用隐式流,其中响应类型为“id_token 令牌”,并在一次调用中将 id 令牌和访问令牌返回给浏览器。 This isn't an exact answer, but only our MSAL.js library can make this type of call, but Blazor seems to use C#, and msal .net does not do client side auth calls.
这不是一个确切的答案,但只有我们的 MSAL.js 库可以进行这种类型的调用,但 Blazor 似乎使用 C#,而 msal .net 客户端不这样做。 acquireTokenByAuthCode() would work client side as long as you register the app as a native app, so a secret is not required.
只要您将应用程序注册为本机应用程序,acquireTokenByAuthCode() 就可以在客户端工作,因此不需要密码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.