我正在尝试在C#客户端中获取ActiveDirectoryClient,如下所示:
Uri servicePointUri = new Uri("https://graph.microsoft.com/v1.0/me/messages");
Uri serviceRoot = new Uri(servicePointUri, <OUR-AZURE-TENANT-ID>);
ActiveDirectoryClient activeDirectoryClient = new ActiveDirectoryClient(serviceRoot,
async () => await AcquireTokenAsyncForUser());
使用此AcquireTokenAsyncForUser()方法:
public static async Task<string> AcquireTokenAsyncForUser()
{
return await GetTokenForUser();
}
public static async Task<string> GetTokenForUser()
{
if (TokenForUser == null)
{
AuthenticationContext authenticationContext = new AuthenticationContext("https://login.microsoftonline.com/common/v2.0");
UserPasswordCredential userCredential = new UserPasswordCredential("<USERNAME>@outlook.com", <PASSWORD>);
AuthenticationResult userAuthnResult = await authenticationContext.AcquireTokenAsync("https://graph.microsoft.com/v1.0/me/messages",
<AZURE AD APP CLIENT ID>, userCredential);
TokenForUser = userAuthnResult.AccessToken;
Console.WriteLine("\n Welcome " + userAuthnResult.UserInfo.GivenName + " " +
userAuthnResult.UserInfo.FamilyName);
}
return TokenForUser;
}
我一直收到这个错误:
登录用户时出错 access_ws_metadata_exchange_failed:访问WS元数据交换失败 -
响应状态代码不表示成功:406(NotAcceptable).-
如果我使用正确或不正确的凭据并不重要。
答案 0 :(得分:2)
AAD不支持为MSA帐户登录WS-Trust。您必须通过调用
通过webview登录用户AcquireTokenAsync("https://graph.microsoft.com/v1.0/me/messages",
<AZURE AD APP CLIENT ID>, new Uri("<your redirect uri>", new PlatformParameters(PromptBehavior.Auto{or whatever you want}, null));