[英]Azure - Authenticating Service Management Requests
我需要執行一些Azure SQL操作。 我有一個Azure AD本機應用程序。 我正在使用以下文章中的第一種方法來獲取令牌。
https://msdn.microsoft.com/en-us/library/azure/ee460782.aspx
現在下面這個文章,我使用上面的標記來執行數據庫操作。
static void HttpPost(string sourceDb, string targetDb, string pointInTime)
{
var client = new HttpClient();
string uri = "https://management.core.windows.net:8443/" + AzureSubscriptionId + "/services/sqlservers/servers/" + AzureSqlServerName + "/restoredatabaseoperations";
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, uri);
request.Headers.Add("Authorization", "Bearer " + accessToken);
request.Headers.Add("x-ms-version", "2012-03-01");
string payload = File.ReadAllText("Resources\\Backup.xml");
payload = payload.Replace("$SourceDb", sourceDb);
payload = payload.Replace("$TargetDb", targetDb);
payload = payload.Replace("$PointInTime", pointInTime);
request.Content = new StringContent(payload, Encoding.UTF8, "application/xml");
HttpResponseMessage response = client.SendAsync(request).GetAwaiter().GetResult();
if (response.Content != null)
{
string ss = response.Content.ReadAsStringAsync().Result;
}
}
但是我收到的錯誤是:
"<Error xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><Code>AuthenticationFailed</Code><Message>A security token exception occured for the received JWT token.</Message></Error>"
根據您提到的創建數據庫還原請求(經典)REST API ,此命令用於經典部署模型。 我們應該使用新的REST API,並且在您提到的文檔中也提到了它。
您應該使用位於此處的更新的基於Resource Manager的REST API命令。
我們可以使用ARM REST 創建或更新數據庫 API。 關於如何獲取令牌,我們需要注冊AD App並將角色分配給應用程序,更多信息請參考官方文檔 。 我從提琴手發送了http請求,它對我來說正常工作。 標頭和正文信息請參見屏幕截圖。
身體信息:
{
"properties": {
"edition": "Standard",
"requestedServiceObjectiveName": "S1",
"sourceDatabaseId": "/subscriptions/{your subscriptionId}/resourceGroups/{ResourceGroup}/providers/Microsoft.Sql/servers/{servername}/databases/sourcedatabasename",
"createMode": "PointInTimeRestore",
"restorePointInTime": "2017-02-09T10:28:20.21+08:00" //source database restorePointTime
},
"location": "East Asia",
"tags": {}
}
我們也可以為此使用Microsoft Azure SQL管理庫。 SqlMgmtClient.Databases.CreateOrUpdate(resourceGroupName, serverName, databaseName, DatabaseCreateOrUpdateParameters)
;
我們可以參考教程開始。 我為此做一個演示。 更多詳細信息,請參閱以下步驟
1.創建一個控制台應用程序並安裝所需的庫(詳細信息請參考教程 )
2.注冊一個應用程序后,我們可以獲取tenantId,applicationId,SecretKey,然后使用subscriptionId獲取身份驗證令牌。
3.使用令牌創建SqlManagementClient對象
var _sqlMgmtClient = new SqlManagementClient(new TokenCloudCredentials(_subscriptionId, _token.AccessToken));
4.根據我們的要求創建DatabaseCreateOrUpdateParameters。 以源數據庫中的還原數據庫為例:
CreateMode = DatabaseCreateMode.PointInTimeRestore, //craete mode from pointtimerestore
Edition = databaseEdition,
SourceDatabaseId = "/subscriptions/subscriptionId/resourceGroups/groupname/providers/Microsoft.Sql/servers/AzureSQlname/databases/databaseName", //source database Id
RestorePointInTime = DateTime.Parse("2017-02-09T02:28:20.21Z"), //resore point Time
RequestedServiceObjectiveName = "S1"
democode:
static void Main(string[] args)
{
_token = GetToken(_tenantId, _applicationId, _applicationSecret);
Console.WriteLine("Token acquired. Expires on:" + _token.ExpiresOn);
// Instantiate management clients:
_resourceMgmtClient = new ResourceManagementClient(new Microsoft.Rest.TokenCredentials(_token.AccessToken));
_sqlMgmtClient = new SqlManagementClient(new TokenCloudCredentials(_subscriptionId, _token.AccessToken));
DatabaseCreateOrUpdateResponse dbr = CreateOrUpdateDatabase(_sqlMgmtClient, _resourceGroupName, _serverName, _databaseName, _databaseEdition, _databasePerfLevel);
Console.WriteLine("Database: " + dbr.Database.Id);
}
private static AuthenticationResult GetToken(string tenantId, string applicationId, string applicationSecret)
{
AuthenticationContext authContext = new AuthenticationContext("https://login.windows.net/" + tenantId);
_token = authContext.AcquireToken("https://management.core.windows.net/", new ClientCredential(applicationId, applicationSecret));
return _token;
}
static DatabaseCreateOrUpdateResponse CreateOrUpdateDatabase(SqlManagementClient sqlMgmtClient, string resourceGroupName, string serverName, string databaseName, string databaseEdition, string databasePerfLevel)
{
// Retrieve the server that will host this database
Server currentServer = sqlMgmtClient.Servers.Get(resourceGroupName, serverName).Server;
// Create a database: configure create or update parameters and properties explicitly
DatabaseCreateOrUpdateParameters newDatabaseParameters = new DatabaseCreateOrUpdateParameters()
{
Location = currentServer.Location,
Properties = new DatabaseCreateOrUpdateProperties
{
CreateMode = DatabaseCreateMode.PointInTimeRestore,
Edition = databaseEdition,
SourceDatabaseId = "/subscriptions/subscriptionId/resourceGroups/tomnewgroup/providers/Microsoft.Sql/servers/tomsunsqltest/databases/sourceDatabaseName",
RestorePointInTime = DateTime.Parse("2017-02-09T02:28:20.21Z"),//Restore Point time
RequestedServiceObjectiveName = databasePerfLevel
}
};
DatabaseCreateOrUpdateResponse dbResponse = sqlMgmtClient.Databases.CreateOrUpdate(resourceGroupName, serverName, databaseName, newDatabaseParameters);
return dbResponse;
}
packages.config文件:
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="Hyak.Common" version="1.0.2" targetFramework="net462" />
<package id="Microsoft.Azure.Common" version="2.1.0" targetFramework="net462" />
<package id="Microsoft.Azure.Common.Authentication" version="1.7.0-preview" targetFramework="net462" />
<package id="Microsoft.Azure.Common.Dependencies" version="1.0.0" targetFramework="net462" />
<package id="Microsoft.Azure.Management.ResourceManager" version="1.4.0-preview" targetFramework="net462" />
<package id="Microsoft.Azure.Management.Sql" version="0.51.0-prerelease" targetFramework="net462" />
<package id="Microsoft.Bcl" version="1.1.9" targetFramework="net462" />
<package id="Microsoft.Bcl.Async" version="1.0.168" targetFramework="net462" />
<package id="Microsoft.Bcl.Build" version="1.0.14" targetFramework="net462" />
<package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="2.18.206251556" targetFramework="net462" />
<package id="Microsoft.Net.Http" version="2.2.22" targetFramework="net462" />
<package id="Microsoft.Rest.ClientRuntime" version="2.1.0" targetFramework="net462" />
<package id="Microsoft.Rest.ClientRuntime.Azure" version="3.1.0" targetFramework="net462" />
<package id="Microsoft.Rest.ClientRuntime.Azure.Authentication" version="2.0.1-preview" targetFramework="net462" />
<package id="Newtonsoft.Json" version="6.0.8" targetFramework="net462" />
</packages>
請打開一個支持案例,以便我們更好地了解問題
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.