[英]How does SqlClient gets 'scope' of Azure SQL Server when using Azure Active Directory as authentication method?
As I understand that for getting selective authorization for a protected resource using Azure AD based OAuth 2.0 mechanism, client application need to mandatorily provide the scope URL for getting access token. As I understand that for getting selective authorization for a protected resource using Azure AD based OAuth 2.0 mechanism, client application need to mandatorily provide the scope URL for getting access token. Other parameters usually include client ID, client secret (in case of Service Principal auth flow), Azure AD username and password, etc.
其他参数通常包括客户端 ID、客户端密码(在服务主体身份验证流的情况下)、Azure AD 用户名和密码等。
SqlClient has integrated Azure AD OAuth mechanism with SqlClient for authorizing a database connection. SqlClient 已将 Azure AD OAuth 机制与 SqlClient 集成,用于授权数据库连接。 So, I guess SqlClient also need these parameters for establishing an connection to Azure SQL server using Azure Active Directory authentication method.
所以,我猜 SqlClient 也需要这些参数来使用 Azure Active Directory 身份验证方法建立与 Azure SQL 服务器的连接。 But I don't see that it accepts any scope from the client application.
但我没有看到它接受来自客户端应用程序的任何 scope。 How does SqlClient gets scope for a particular Azure SQL server instance?
SqlClient 如何为特定的 Azure SQL 服务器实例获取 scope? I see that it gets something as Federated Authentication Info from server but I don't understand it completely.
我看到它从服务器获得了联合身份验证信息,但我不完全理解。
The scope required for SQL Servder Authentication access tokens is https://database.windows.net/.default
which stands for default scopes/permissions for https://database.windows.net/
resource. The scope required for SQL Servder Authentication access tokens is
https://database.windows.net/.default
which stands for default scopes/permissions for https://database.windows.net/
resource.
Once an access token is obtained you pass it trough the SqlConnection.AccessToken property.获得访问令牌后,您通过SqlConnection.AccessToken属性将其传递。
Cheers干杯
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.