没有登录重定向的Office365身份验证 [英] Office365 authentication without login redirection

问题描述

我正在尝试从Office365电子邮件中加载数据，而不需要用户交互.我已经创建了Azure应用，并且具有客户端ID和客户端密码. 我也有用户信息(电子邮件+密码).

I'm trying to load data from Office365 email without need for user interaction. I've created Azure App and I have Client ID and Client secret. I also have user information (email + password).

我需要调用Office365 API从邮箱下载电子邮件.但是我需要应用程序在没有用户交互的情况下在后台下载它们(重定向到MS/Office365登录页面)以进行身份​​验证/登录到邮箱.

I need to call Office365 API to download emails from mailbox. But I need application to download them in background without user interaction (redirecting to MS/Office365 login page) to get authenticated/logged into mailbox.

有什么方法只能通过Office API来执行此操作，而无需重定向吗?

Is there any way how to do this only through Office API, without need of redirection?

感谢您提供任何信息.

Thanks for any info.

推荐答案

是的，您可以使用客户端凭据流来创建守护程序服务应用程序，以对应用程序进行身份验证.

Yes, you are able to create a daemon service app using the Client Credential flow to authenticate the app.

以下是使用此流程使用Microsoft Graph SDK检索邮件的代码示例:

Here is a code sample to retrieve the mails using Microsoft Graph SDK with this flow:

string clientId = "";
string clientsecret = "";
string tenant = "";
string resourceURL = "https://graph.microsoft.com";
string authority = "https://login.microsoftonline.com/" + tenant + "/oauth2/token";
string userMail = "user1@yourdomain.onmicrosoft.com";

var credential = new ClientCredential(clientId, clientsecret);
AuthenticationContext authContext =new AuthenticationContext(authority);
var authResult = await authContext.AcquireTokenAsync(resourceURL, credential);
var graphserviceClient = new GraphServiceClient(
new DelegateAuthenticationProvider(
   (requestMessage) =>
   {
       requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", authResult.AccessToken);

       return Task.FromResult(0);
   }));

var items = await graphserviceClient.Users[userMail].Messages.Request().OrderBy("receivedDateTime desc").GetAsync();

foreach (var item in items)
{
        Console.WriteLine(item.Subject);
}

我们需要在Azure AD门户上注册应用程序并授予应用程序 Mail.Read 作用域，如下图所示:

And we need to register the app on the Azure AD portal and grant the app Mail.Read scope like figure below:

有关在其中调用Microsoft Graph的更多详细信息，请参考此处.服务或守护程序应用

Refer to here for more detail about calling Microsoft Graph in a service or daemon app

这篇关于没有登录重定向的Office365身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！