如何在我的 web 表單應用程序中調用 Azure AD 服務

Question

我有一個 WebForms 項目和一些 Web 服務。我的 web 服務由 Azure AD 投影。 所以我需要從項目中獲取我的 web 中的 AD 訪問令牌。 但是我在微軟官方示例中找不到任何關於如何將 Azure AD 與 web 表單項目集成的示例。 有人可以幫我嗎？

Answer 1

如果要調用受Azure AD保護的服務，可以使用OpenId Connect協議。

例如：

在項目中添加 Startup.cs 文件

using System;
using System.Collections.Generic;
using System.Configuration;
using System.Globalization;
using System.Linq;
using System.Web;
using Owin;
using Microsoft.Owin.Extensions;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Cookies;
using Microsoft.Owin.Security.OpenIdConnect;
using Microsoft.Owin.Security.Notifications;
using Microsoft.IdentityModel.Protocols;
using System.Threading.Tasks;
using Microsoft.Identity.Client;
using System.IdentityModel.Tokens.Jwt;
using Microsoft.IdentityModel.Tokens;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;

namespace TestWebForm
{
    public partial class Startup
    {
        private static string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
        private static string aadInstance = EnsureTrailingSlash(ConfigurationManager.AppSettings["ida:AADInstance"]);
        private static string tenantId = ConfigurationManager.AppSettings["ida:TenantId"];
        private static string postLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];
        private static string redirectUri = postLogoutRedirectUri;
        private static string clientSecret = ConfigurationManager.AppSettings["ida:ClientSecret"];
        string authority = aadInstance + tenantId;

        public void ConfigureAuth(IAppBuilder app)
        {
            app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

            app.UseCookieAuthentication(new CookieAuthenticationOptions());

            app.UseOpenIdConnectAuthentication(
                new OpenIdConnectAuthenticationOptions
                {
                    ClientId = clientId,
                    Authority = authority,
                    PostLogoutRedirectUri = postLogoutRedirectUri,

                    Notifications = new OpenIdConnectAuthenticationNotifications()
                    {
                        AuthenticationFailed = (context) =>
                        {
                            return System.Threading.Tasks.Task.FromResult(0);
                        },
                        AuthorizationCodeReceived = OnAuthorizationCodeReceived
                    }

                }
                );


        }
        private Task OnAuthenticationFailed(AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
        {
            context.HandleResponse();
            context.Response.Redirect("/?errormessage=" + context.Exception.Message);
            return Task.FromResult(0);
        }


        private async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedNotification notification)
        {
            var idClient = ConfidentialClientApplicationBuilder.Create(clientId)
                .WithRedirectUri(redirectUri)
                .WithClientSecret(clientSecret)
                .Build();

            string[] scopes = { "user.read" };

            var result = await idClient.AcquireTokenByAuthorizationCode(
                scopes, notification.Code).ExecuteAsync();

            GenUtil.token = result.AccessToken;
        }

        private static string EnsureTrailingSlash(string value)
        {
            if (value == null)
            {
                value = string.Empty;
            }

            if (!value.EndsWith("/", StringComparison.Ordinal))
            {
                return value + "/";
            }

            return value;
        }


    }
}

For more details, please refer to Azure AD Authentication in Asp.net web forms web application .

如何在我的 web 表單應用程序中調用 Azure AD 服務

問題描述

1 個解決方案

解決方案1
1 已采納 2019-10-02 02:38:27

如何在我的 web 表單應用程序中調用 Azure AD 服務

問題描述

1 個解決方案

解決方案1 1 已采納 2019-10-02 02:38:27

解決方案1
1 已采納 2019-10-02 02:38:27