在Azure SDK Fluent中使用身份验证令牌 [英] Using authentication token in azure sdk fluent

问题描述

要在天蓝色的sdk流利的nuget中使用Azure进行身份验证，有一种使用客户端ID和密钥的方法，如下所示:

To authenticate with Azure in azure sdk fluent nuget, there is a method that uses client id and secret as below

var azureCredentials = new AzureCredentials(new 
ServicePrincipalLoginInformation
        {
            ClientId = "ClientId",
            ClientSecret = "ClientSecret"
        }, "tenantId", AzureEnvironment.AzureGlobalCloud);

在下面的代码中创建IAzure时，是否存在可以使用身份验证令牌(JWT)而不使用客户端ID和密码的接口?

Is there any interface where authentication token (JWT) can be used instead of using client id and secret while creating IAzure in the below code?

_azure = Azure
            .Configure()
            .WithLogLevel(HttpLoggingDelegatingHandler.Level.Basic)
            .Authenticate(azureCredentials)
            .WithSubscription(_subscriptionId); 

注意:我有一个单独的authenticater模块，该模块将客户端ID和秘密信息自身保密，并使用它们来获取身份验证令牌，该令牌将由其他组件/SDK使用.

Note: I have a separate authenticater module that keeps client id and secret with itself and uses them to get authentication token which will be used by other components/sdks.

推荐答案

答案实际上是是，您可以使用身份验证令牌(JWT).只是不是那么明显.

The answer is actually yes, you can use the authentication token (JWT). It's just not that obvious.

        var context = new AuthenticationContext("https://login.microsoftonline.com/" + tenantId, false);
        var result = context.AcquireToken("https://management.core.windows.net/", clientId, new Uri("http://localhost"), PromptBehavior.Always);
        var token = result.AccessToken;
        var client = RestClient
            .Configure()
            .WithEnvironment(AzureEnvironment.AzureGlobalCloud)
            .WithLogLevel(HttpLoggingDelegatingHandler.Level.Basic)
            .WithCredentials(new TokenCredentials(token))
            .Build();
        var azure = Azure
            .Authenticate(client, tenantId)
            .WithSubscription(subscriptionId);

叹息...他们已将WithCredentials更改为使用AzureCredentials代替ServiceClientCredentials.这是更新的版本:-

Sigh...they've changed the WithCredentials to use an AzureCredentials instead of a ServiceClientCredentials. Here's an updated version:-

        var context = new AuthenticationContext("https://login.microsoftonline.com/" + tenantId, false);
        var result = context.AcquireToken("https://management.core.windows.net/", clientId, new Uri("http://localhost"), PromptBehavior.Always);
        var token = result.AccessToken;
        var tokenCredentials = new TokenCredentials(token);
        var azureCredentials = new AzureCredentials(
            tokenCredentials,
            tokenCredentials,
            tenantId,
            AzureEnvironment.AzureGlobalCloud);
        var client = RestClient
            .Configure()
            .WithEnvironment(AzureEnvironment.AzureGlobalCloud)
            .WithLogLevel(HttpLoggingDelegatingHandler.Level.Basic)
            .WithCredentials(azureCredentials)
            .Build();
        var azure = Azure
            .Authenticate(client, tenantId)
            .WithSubscription(subscriptionId);

这篇关于在Azure SDK Fluent中使用身份验证令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！