受Azure AD B2C保护的自动化终结点测试 [英] Automated endpoint testing protected by Azure AD B2C

问题描述

我有一个WebAPI应用程序，该应用程序使用通过使用凭据登录获得的Azure B2C令牌对用户进行身份验证.

I have a WebAPI application which authenticates users with their Azure B2C token they have acquired from signing in with their credentials.

我现在需要针对WebAPI编写一些测试，但是由于需要登录 https://login.microsoftonline.com ，因此我不确定如何自动获取令牌...

I need to write some tests against my WebAPI now but I'm not sure how I can automate acquiring a token given that I need to sign in on https://login.microsoftonline.com...

使用硒或某些东西登录的时间很短-是否有另一种替代方法来获取要使用的令牌?

Short of using selenium or something to sign in - is there another alternative for acquiring a token to use?

推荐答案

我假设您要获取非交互式令牌.

I assume that you want to get token with non-interactive.

我认为您可以使用 资源所有者密码凭据在AAD B2C中流动 .

I think you can use resource owner password credentials flow in AAD B2C.

注意:在Azure Active Directory(Azure AD)B2C中，支持以下选项:

• 本地客户端:当代码在用户端设备上运行时，身份验证期间的用户交互就会发生.该设备可以是移动设备在本机操作系统中运行的应用程序，例如Android，或在JavaScript等浏览器中运行.

• Native Client: User interaction during authentication happens when code runs on a user-side device. The device can be a mobile application that's running in a native operating system, such as Android, or running in a browser, such as JavaScript.

公共客户端流:在API调用中仅发送由应用程序收集的用户凭据.的凭证申请未发送.

Public client flow: Only user credentials, gathered by an application, are sent in the API call. The credentials of the application are not sent.

添加新声明:可以更改ID令牌的内容以添加新声明.

Add new claims: The ID token contents can be changed to add new claims.

此流程可以让您在没有UI的情况下获取令牌.

This flow can let you obtain token without UI.

此外，AAD B2C当前不支持客户端凭证流和OAuth 2.0 JWT承载凭证授予，也称为代收流程.您可以看到限制在本文档中.

Also, client credentials flow and OAuth 2.0 JWT bearer credential grant, also known as the on-behalf-of flow are not supported in AAD B2C currently. You can see the limitations in this documentation.

这篇关于受Azure AD B2C保护的自动化终结点测试的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！