无法在PostMan中获得Azure AD令牌 [英] Unable to get Azure AD token in PostMan
问题描述
我正在研究.Net核心Azure AD身份验证.我创建了示例.Net核心应用程序.下面是我的代码.
I am working on .Net core Azure AD authentication. I have created sample .Net core Application. Below is my code.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
});
services.AddMvc(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "My API", Version = "v1" });
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseSwagger();
app.UseSwaggerUI(c =>
{
c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1");
});
app.UseAuthentication();
app.UseMvc();
}
下面是我的配置文件.
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "[Enter the domain of your tenant, e.g. contoso.onmicrosoft.com]",
"TenantId": "organizations",
"ClientId": "",
"CallbackPath": "/signin-oidc"
}
下面是我的控制器代码.
Below is my Controller code.
[Authorize]
[Route("api/[controller]")]
[ApiController]
public class ValuesController : ControllerBase
{
// GET api/values
[HttpGet]
public ActionResult<IEnumerable<string>> Get()
{
return new string[] { "value1", "value2" };
}
}
上面的代码可以正常工作.我能够击中api并获得价值.所以我假设我的身份验证工作正常.我试图从邮递员那里使用此API,所以我试图在邮递员中获取令牌.
Above code works fine. I am able to hit api and get value. So I am assuming my authentication is working fine. I am trying to hit this API from postman so I am trying to get token in Postman.
我遇到错误无法完成OAuth 2.0登录.有人可以帮我解决此问题吗?任何帮助,将不胜感激.谢谢
I am getting error Could not complete OAuth 2.0 login. Can someone help me to fix this issue? Any help would be appreciated. Thanks
推荐答案
Here is an complete sample which calling a web API in an ASP.NET Core web application using Azure AD.
尽管您现在没有客户端应用程序,但是仍然需要在Azure门户中注册两个应用程序.一种用于客户端,另一种用于服务器api.
Though you don't have a client application now, you still need to register two applications in Azure portal. One is for client and the other one is for server api.
对于服务器应用程序,您需要公开一个API并将客户端应用程序添加到其中.
For your server application, you need to expose an API and add your client application to it.
然后,您可以使用客户端应用程序请求访问令牌以访问服务器api.范围应为api://{server_client_id}/.default.
Then you can use your client application to request the access token to access server api. The scope should be api://{server_client_id}/.default.
这篇关于无法在PostMan中获得Azure AD令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
