如何在WinForms应用程序中使用Salesforce OAuth 2.0隐式流身份验证? [英] How can I use Salesforce OAuth 2.0 implicit flow authentication in a WinForms application?
问题描述
我编写了一个Web应用程序,该应用程序使用OAuth 2.0 Web服务器流连接到Salesforce API,并且一切正常.
I wrote a web application which connects to the Salesforce API using the OAuth 2.0 web server flow, and that all works fine.
但是现在需要从WinForms桌面应用程序访问Salesforce API,这很困难.Salesforce建议对桌面应用程序使用User-Agent或隐式流程.
But now there is a requirement to access the Salesforce API from a WinForms desktop application and I'm stuck. Salesforce suggest using the User-Agent, or implict, flow for desktop applications.
Salesforce在此处描述了流程- https://help.salesforce.com/articleView?id = remoteaccess_oauth_user_agent_flow.htm& type = 5
The flow is described by Salesforce here - https://help.salesforce.com/articleView?id=remoteaccess_oauth_user_agent_flow.htm&type=5
我创建了WinForms应用程序,并使用CefSharp库嵌入了浏览器.我可以使用文章中显示的URL语法在嵌入式浏览器中打开网页,例如
I've created a WinForms application and used the CefSharp library to embed a browser. I can open a web page in the embedded browser using the URL syntax shown in the article, e.g.
https://login.salesforce.com/services/oauth2/authorize?response_type=token& client_id = 客户ID & redirect_uri = REDIRECT_URI
https://login.salesforce.com/services/oauth2/authorize?response_type=token& client_id=CLIENT_ID&redirect_uri=REDIRECT_URI
但是我不知道从这里去哪里.
But I don't know where to go from here.
我猜想重定向URI必须是一个公共端点,但是Salesforce返回到URI的令牌如何找到它回到我的桌面应用程序的方式,因此可以在WebRequests的标头中使用它来访问API
I'm guessing the redirect URI has to be a public endpoint, but how would the token returned by Salesforce to the URI finds it's way back to my desktop application so it can be used in the headers of WebRequests to access the API.
对于任何帮助,指针,示例代码等,我将不胜感激.
I would be grateful for any help, pointers, sample code, etc.
谢谢.
推荐答案
重定向uri不必是公共的.它可以是 localhost:somePort ,并且您的应用程序必须监听该端口上的流量.
redirect uri doesn't have to be public. It can be localhost:somePort and your application would have to be listening to traffic on that port.
例如,如果您想使用SFDX CLI + Visual Studio Code开发SF代码-有一种不错的授权访问SF org的方法,您可以在网站上键入凭据,但是一切都很好-OAuth会发送到 localhost:1717 .只要在此端口上没有其他监听,就可以了.与Salesforce Data Loader相似-您可以键入用户名并将其传递给它,但是它也具有基于Web的流程.有时,这实际上是唯一的选择,如果您的SF管理员启用了单一登录",并且可以通过Active Directory/Google/Facebook/...进行身份验证-您可能无法使用SF用户名和密码.
For example if you want to develop SF code using SFDX CLI + Visual Studio Code - there's a nice way to authorise access to SF org where you type your credentials on the website but when all is good - the OAuth piece gets sent to localhost:1717. As long as nothing else is listening on this port you're fine. Similar with Salesforce Data Loader - you can type username and pass to it but it also has this web-based flow. And sometimes it's the only option really, if your SF admin enabled Single Sign-On that authenticates against Active Directory/Google/Facebook/... - you might not be able to use SF username and password.
我的C#日子已经一去不复返了,但是在本地计算机上的端口上监听应该不是世界末日吗?您不需要与应用程序捆绑在一起的功能完善的Web服务器...
My C# days are long gone but listening on a port on local machine shouldn't be the end of the world? You shouldn't need a full-blown web server bundled with your app...
https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow 有一些很好的理论
这篇关于如何在WinForms应用程序中使用Salesforce OAuth 2.0隐式流身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
