ex = {"AADSTS70002:请求正文必须包含以下参数:"client_secret或client_assertion" [英] ex = {"AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'

问题描述

这就是我编写代码并尝试获取输出的方式.

This is how I have written code and trying to get the output.

请求正文必须包含以下参数:client_secret或client_assertion

 static async Task<AuthenticationResult> getAccessToken()
 {
     string hardcodedUsername = "";
     string hardcodedPassword = "";
     string tenantName = "projectwidgets.com";
     string authString = "https://login.microsoftonline.com/" + tenantName;
     AuthenticationContext authenticationContext = new AuthenticationContext(authString, false);
     //Config for OAuth client credentials
     string clientId = "as";
     string key = "kk";
     string authority = String.Format(CultureInfo.InvariantCulture, aadInstance, tenantName);
     var authContext = new AuthenticationContext(authority);
     AuthenticationResult result = null;
     try
     {
         result = await authContext.AcquireTokenAsync("https://pwsnapitazure.azurewebsites.net", clientId, new UserPasswordCredential(hardcodedUsername, hardcodedPassword));
     }
     catch (Exception ex)
     {
          Console.WriteLine(ex.StackTrace);
          System.Diagnostics.Debug.WriteLine(ex.Message);
     }                        
     return result;
 }

推荐答案

根据您的代码，看来您正在使用使用用户名和密码进行身份验证的Web应用程序/API.

According to your code , that seems you are using a web app/API that uses username and password to authenticate .

我们只能使用来自本机客户端的资源所有者流.诸如网站之类的机密客户端不能使用直接用户凭据.

we can only use the resource owner flow from a native client. A confidential client, such as a web site, cannot use direct user credentials.

您需要将其作为公共客户端(本机客户端应用程序)而不是作为机密客户端(Web应用程序/API)来调用.请参阅此文档，详细了解如何使用ADAL .NET通过用户名/密码对用户进行身份验证.尤其是Constraints & Limitations部分.

You would need to invoke it as a public client (native client app), not as a confidential client (web app/API). Please refer to this document for more about how to use ADAL .NET to authenticate users via username/password .Especially the Constraints & Limitations section .

在守护程序或服务器应用程序中，您可以考虑使用此处有关客户端凭据流的更多详细信息，以及

In daemon or server application , you may consider using client credential flow , but with this flow, the application presents its client credentials to the OAuth2 token issuing endpoint, and in return gets an access token that represents the application itself without any user information. Please click here for more details about client credential flow , and here are code samples.

这篇关于ex = {"AADSTS70002:请求正文必须包含以下参数:"client_secret或client_assertion"的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！