stackoom
  简体   繁体   中英

UserPasswordCredential not supported with .Net Core

 原文  2018-11-16 08:45:43       c#/ azure/ authentication

Question

I have to fetch the group members from the Azure Active Directory using Microsoft graph API. For that I need authorization token. I have a method in .NET that is authenticating to an API as a user and I am using UserPasswordCredential method to fetch access token (by passing username and password). 

private static string aadInstance =
ConfigurationManager.AppSettings["ida:AADInstance"];
private static string tenant = 
ConfigurationManager.AppSettings["ida:Tenant"];
private static string clientId = 
ConfigurationManager.AppSettings["ida:ClientId"];
private static string graphResourceId = 
ConfigurationManager.AppSettings["ida:GraphResourceId"];
private static string graphApiVersion = 
ConfigurationManager.AppSettings["ida:GraphApiVersion"];
private static string graphApiEndpoint = 
ConfigurationManager.AppSettings["ida:Gra`phEndpoint"];
private static string appKey = 
ConfigurationManager.AppSettings["ida:appKey"];
private static string authority = 
String.Format(CultureInfo.InvariantCulture, aadInstance, tenant);
Uri redirectUri = new 
Uri(ConfigurationManager.AppSettings["ida:RedirectUri"]);
private AuthenticationContext authContext = null;
private ClientCredential clientCredential = null;

public MainWindow()
{
InitializeComponent();
authContext = new AuthenticationContext(authority);
clientCredential = new ClientCredential(clientId, appKey);
CheckForCachedToken();
}

public async void GetToken()
{
AuthenticationResult result = null;
try
{
    UserCredential uc = new UserCredential("username", "password");
    result = await authContext.AcquireTokenAsync(graphResourceId, clientId, uc);
}
catch (AdalException ex)
{
    if (ex.ErrorCode != "user_interaction_required")
    {
        MessageBox.Show(ex.Message);
    }
    return;
 }
 }

But when I upgraded the solution to .Net Core, this has broken .ie UserPasswordCredential class is not supported in .NET core. Is there any workaround for this?

1 answers

solution1
 0  2018-11-16 09:07:01

In dot net core this is not supported by Design. Hardcoding the username and the password is not a recommended way to authenticate to azure AD. In most cases the login will happen via login.live.com or if you use other identity providers like google, facebook etc it would be their login page.

Looks like you are using a windows application you can check the options for it.

Samples for various authentication options are available for reference.

Token based authentication flow is a good way to do this. The whole point of going away from username/password option is if your application handles username or password in some way it is not safe. That is why it is left for the identity provider's responsibility to do that. In case you don't want to do this way you can check the App only option Is a browser required for Onedrive/Graph Authentication

You can also see if the usage of Microsoft Authenticator app is an option. But this is mainly for adding the second factor authentication to your mobile apps.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ADAL .Net Core nuget package does not support UserPasswordCredential UserPasswordCredential .Net Standard .NET Core 2.1 EventWaitHandle Not Supported? Why TransportWithMessageCredential is not supported in .net core? SecurityIdentifier not supported on .Net Core Linux? Are code contracts supported in .net core? Is .NET Core or .NET 5.0 supported by Pythonnet BeginInvoke not supported on .NET core? (PlatformNotSupported exception) .net core: Is Assert supported with C# on .net Core Are async console applications supported in .NET Core?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM