如何从 Azure Graph API 获取基于用户的令牌 [英] How to acquire a user based token from Azure Graph API
问题描述
我有一个 Azure Active Directory,在我的 Web Api 中有一段代码,我可以使用我在 Azure 中注册的应用程序和客户端证书从 Azure Graph Api 获取令牌.这是我现在使用的代码:
I have an Azure Active Directory and in my Web Api I have a piece of code that I can get a token from Azure Graph Api using the Application that I have registered with Azure and a Client Certificate. Here is the code that I use right now:
public static string AcquireServiceToken()
{
var authority = string.Format(_authority, "common");
var authContext = new AuthenticationContext(authority);
var result = authContext.AcquireToken(_serviceTokenResourceId, new ClientAssertionCertificate(_serviceTokenClientId, GetClientCertificate(_certThumbprint)));
return result.AccessToken;
}
这段代码工作得很好,现在我需要的是一个更具体的令牌,它具有登录用户的上下文,所以基本上我需要能够传入用户名和密码并从 Azure 获取一个 Graph 令牌.有什么想法吗?
This snippet of code works just fine, now what I need is a more specific token which has logged-in user's context, so basically I need to be able to pass in a username and password and get a Graph token back from Azure. Any Ideas?
推荐答案
AcquireToken 有另一个重载,它接受一个 UserCredential 对象,你假设你可以使用它(你需要 Active Directory 的 TenantId,用户需要获取代币)
AcquireToken has another overload that takes in a UserCredential object and U assume you could use that (You will need the TenantId of the Active Directory that the users you need to acquire the tokens for)
您的函数将如下所示:(请用您自己的应用程序信息填写_variables)
Your function will look something like this: (Please fill in the _variables with your own application information)
public static string AcquireTokenWithoutUserCredentials(string userName, string password)
{
var authContext = new AuthenticationContext(string.Format(_authority, _userTokenTenantId));
var userCreds = new UserCredential(userName, password);
var result = authContext.AcquireToken(_resourceId, _userTokenClientId, userCreds);
return result.AccessToken;
}
查看您的代码,您似乎有一个多租户场景,在该场景中,您使用common"作为 TenatName,我不确定它如何/是否可以使用我粘贴在这里的代码,但试一试...
Looking at your code, looks like you have a multi tenant scenario, in which you use "common" as TenatName, which I'm not sure how/if it will work using the code I pasted here but give it a try ...
这篇关于如何从 Azure Graph API 获取基于用户的令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
