I recently facing to a problem. Because at beginning I used client secret for generating access token and refresh token like that:
public TokenModel RefreshToken(string refreshToken, string tenantId, string clientId, string clientSecret)
{
string url = string.Format(TOKEN_ENDPOINT_URL, tenantId);
Dictionary<string, string> values = new Dictionary<string, string>
{
{ "client_id", clientId },
{ "scope", ALL_SCOPE_AUTHORIZATIONS },
{ "client_secret", clientSecret },
{ "grant_type", "refresh_token" },
{ "refresh_token", refreshToken }
};
FormUrlEncodedContent data = new FormUrlEncodedContent(values);
HttpClient client = new HttpClient();
HttpResponseMessage response = client.PostAsync(url, data).Result;
string jsonToken = response.Content.ReadAsStringAsync().Result;
return ExtractToken(jsonToken);
}
and
public TokenModel GetAccessTokenByAuthorizationCode(string authorizationCode, string tenantId, string clientId, string clientSecret, string redirectUrl)
{
string url = string.Format(TOKEN_ENDPOINT_URL, tenantId);
Dictionary<string, string> values = new Dictionary<string, string>
{
{ "client_id", clientId },
{ "scope", ALL_SCOPE_AUTHORIZATIONS },
{ "client_secret", clientSecret },
{ "grant_type", "authorization_code" },
{ "redirect_uri", "https://mycompany.com/" },
{ "code", authorizationCode }
};
FormUrlEncodedContent data = new FormUrlEncodedContent(values);
HttpClient client = new HttpClient();
HttpResponseMessage response = client.PostAsync(url, data).Result;
string jsonToken = response.Content.ReadAsStringAsync().Result;
return ExtractToken(jsonToken);
}
TokenModel contains the access token and refresh token
But now I need to pass a Certificate and never use a client secret. Any one know how to do this with a HttpClient Request plz? I already read with article: Microsoft Graph: How to get access token with certificate in client credentials flow? (instead of using a client_secret)
But I don't know how to generate the client_assertion in my C# code
Best regards Adrien
A code part for generating access and refresh token
Well, generating a client assertion is quite complex task. I've found some resources where you find more details and examples for C#.
Alternative method to create assertion with Microsoft.IdentityModel.JsonWebTokens
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.