[英]Refreshing Azure Active Directory access token in ASP.NET Core with dependency injection for SQL Database
我有一个ASP.NET Core网站(带有Razor页面),该网站使用带有Entity Framework Core的Azure SQL数据库。 我在Startup.cs中创建数据库上下文以进行依赖项注入。 棘手的部分是,我正在对来自我的App Service中具有托管身份的数据库使用Azure Active Directory身份验证。 所以我的连接字符串中没有任何凭证,看起来像这样:
"DatabaseConnectionString": "Server=tcp:myserver.database.windows.net,1433;Initial Catalog=mydb;Persist Security Info=False;MultipleActiveResultSets=True;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;"
在Startup.cs中,我使用托管身份获取访问令牌:
public void ConfigureServices(IServiceCollection services)
{
// other stuff...
var dbConnection = new SqlConnection(Configuration["DatabaseConnectionString"])
{
AccessToken = new AzureServiceTokenProvider().GetAccessTokenAsync("https://database.windows.net/").Result
};
services.AddDbContext<AlpinehutsDbContext>(options => options.UseSqlServer(dbConnection));
}
这一切都像一个魅力。 但是,过了一段时间(我不确定确切要到多长时间)之后,令牌似乎已过期,然后出现以下错误,并且直到重新启动整个应用程序服务,数据库连接才不再起作用:
2019-07-30 08:31:25.635 +00:00 [Information] Microsoft.AspNetCore.Mvc.RazorPages.Internal.PageActionInvoker: Executing handler method AlpinHutsDashboard.Pages.HutsModel.OnGetAsync - ModelState is Valid
2019-07-30 08:31:25.635 +00:00 [Information] Microsoft.EntityFrameworkCore.Infrastructure: Entity Framework Core 2.2.6-servicing-10079 initialized 'AlpinehutsDbContext' using provider 'Microsoft.EntityFrameworkCore.SqlServer' with options: None
2019-07-30 08:31:25.861 +00:00 [Error] Microsoft.EntityFrameworkCore.Database.Connection: An error occurred using the connection to database 'mydb' on server 'tcp:myserver.database.windows.net,1433'.System.Data.SqlClient.SqlException (0x80131904): Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, Boolean applyTransientFaultHandling, String accessToken)at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnection owningObject, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions)at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection)at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection)
at System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)at System.Data.ProviderBase.DbConnectionPool.WaitForPendingOpen()--- End of stack trace from previous location where exception was thrown ---at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenDbConnectionAsync(Boolean errorsExpected, CancellationToken cancellationToken)ClientConnectionId:17e2a3f3-9dba-4c30-baff-5fa9e5e082c6Error Number:18456,State:1,Class:14ClientConnectionId before routing:7dc72f29-efa2-420d-8f28-8d63de1c059cRouting Destination:f0ae6a8cac94.tr5.westeurope1-a.worker.database.windows.net,11017
所以我的问题是:当我最初仅在启动时获得令牌时,如何刷新令牌?
对于您的问题,这是由于您将dbConnection
传递给AlpinehutsDbContext
。 初始化AlpinehutsDbContext
,它将始终使用dbConnection
。 然后,如果连接无效,它将引发错误。
您可以在初始化AlpinehutsDbContext
时尝试初始化dbConnection
,例如
services.AddDbContext<AlpinehutsDbContext>(options =>
{
var dbConnection = new SqlConnection(Configuration["DatabaseConnectionString"])
{
AccessToken = new AzureServiceTokenProvider().GetAccessTokenAsync("https://database.windows.net/").Result
};
options.UseSqlServer(dbConnection);
});
这样,它将在初始化AlpinehutsDbContext
时检索neweast令牌。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.