C＃ADAL AcquireTokenAsync（）没有弹出框 [英] C# ADAL AcquireTokenAsync() without pop-up box

问题描述

我们正在编写WCF服务，该服务必须与Dynamics CRM 2016 Online集成。我正在尝试使用 AcquireTokenAsync（）方法使用ADAL进行身份验证。问题是，它显示一个弹出框，提示用户输入凭据。自然，我们的应用程序是服务，这不是我们想要的。我们一直在寻找一种无需此弹出框即可进行身份验证的方法。

We are writing a WCF service which has to integrate with Dynamics CRM 2016 Online. I'm trying to authenticate using ADAL, using method AcquireTokenAsync(). Problem is, it displays a pop-up box, prompting the user for credentials. Naturally, our application being a service, this isn't what we want. We've been searching for a way to authenticate without having this pop-up box.

有一个名为 AuthenticationContextIntegratedAuthExtensions ，应该有助于用户名/密码流。它具有单一方法 AcquireTokenAsync ，该方法禁止弹出框，但是我们找不到任何将密码传递给它的方法。当仅使用用户名运行时，会引发一个异常，即基本上说未提供密码。

There is a class called AuthenticationContextIntegratedAuthExtensions, which is supposed to assist with "username/password flow". It has the single method AcquireTokenAsync, which suppresses the pop-up box, but we haven't found any way to pass the password to it. When run with just the username, it raises the exception that basically says "no password was supplied".

有人知道如何解决此问题吗？甚至不必是ADAL。只是获取OAuth令牌的方法。

Does anyone have any idea how to work around this? Doesn't even have to be ADAL. Just something to acquire the OAuth token.

推荐答案

private static string API_BASE_URL = "https://<CRM DOMAIN>.com/";
private static string API_URL = "https://<CRM DOMAIN>.com/api/data/v8.1/";
private static string CLIENT_ID = "<CLIENT ID>";

static void Main(string[] args)
{
    var ap = AuthenticationParameters.CreateFromResourceUrlAsync(
                new Uri(API_URL)).Result;

    var authContext = new AuthenticationContext(ap.Authority, false);

    var userCredential = new UserCredential("<USERNAME>", "<PASSWORD>");

    var result = authContext.AcquireToken(API_BASE_URL, CLIENT_ID, userCredential);

    var httpClient = HttpWebRequest.CreateHttp(Path.Combine(API_URL, "accounts"));
    httpClient.Headers.Add(HttpRequestHeader.Authorization, "Bearer:" + result.AccessToken);
    using (var sr = new StreamReader(httpClient.GetResponse().GetResponseStream()))
    {
        Console.WriteLine(sr.ReadToEnd());
    }
}

注意：我使用的是旧版ADAL （ 2.19.208020213 ），因为它已采用了密码参数

Note: I'm using an older version of ADAL (2.19.208020213) as it appears the password parameter has been taken out of the UserCredential constructor.

编辑：最新版本的ADAL具有 UserPasswordCredential 可以代替 UserCredential （并且很可能是从 UserCredential 中删除​​ Password 后添加的）

Latest versions of ADAL have UserPasswordCredential which can be used in place of UserCredential (and probably was added as soon as Password was removed from UserCredential)

编辑2： CRM现在支持服务器到服务器的身份验证，它允许您创建应用程序用户。

EDIT 2: CRM now supports Server to Server Authentication which allows you to create an application user.

这篇关于C＃ADAL AcquireTokenAsync（）没有弹出框的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！