使用Azure AD B2C登录Xamarin Android应用程序

时间:2017-07-17 14:36:09

标签: c# azure xamarin.android openid azure-ad-b2c

经过一周的研究认证原则,可以使用Xamarin定位Android平台(不是Xamarin.Forms)与Azure AD B2C一起使用,我终于要求一些建议了。

我有一个带有“登录”按钮的活动,我想通过按钮的触摸事件登录Azure。理想情况下,我希望在登录步骤完成后收到令牌。

以下是我目前的代码: 

public class MainActivity : Activity
{
    public TaskCompletionSource<bool> ActivityResult { get; set; }
    public const int LocationActivityResult = 110;
    private static string AadInstance = "https://login.microsoftonline.com/{0}.onmicrosoft.com/";

    private PublicClientApplication _publicClientApplication;
    private string _authority;
    protected override void OnCreate(Bundle bundle)
    {
        base.OnCreate(bundle);

        // Set our view from the "main" layout resource
        SetContentView(Resource.Layout.Main);

        //partie pour le sign in 

        EditText editTextEmail = FindViewById<EditText>(Resource.Id.editTextEmail);
        EditText editTextPassword = FindViewById<EditText>(Resource.Id.editTextPassword);
        Button signIn = FindViewById<Button>(Resource.Id.buttonSignIn);

        signIn.Click += async (sender, e) =>
        {

            ConnectivityManager connectivityManager = (ConnectivityManager)GetSystemService(ConnectivityService);
            NetworkInfo networkInfo = connectivityManager.ActiveNetworkInfo;
            if (networkInfo == null)
            {
                Toast.MakeText(this, "Aucune connexion internet", ToastLength.Short).Show();
                Intent intent = new Intent(this.ApplicationContext, typeof(NotInternetActivity));
                intent.SetFlags(ActivityFlags.NewTask);
                StartActivity(intent);
            }
            else
            {

                /////essai pour la connexion
                _authority = string.Format(AadInstance, _azureSettings.Tenant);
                _publicClientApplication = new PublicClientApplication(
                    _authority,
                    _azureSettings.ClientId

                );
                await AcquireTokenAsync();

                /////passe sur la nouvelle actvité

                Intent intent = new Intent(this.ApplicationContext, typeof(PlantsActivity));
                intent.SetFlags(ActivityFlags.NewTask);
                StartActivity(intent);

            }

        };

    }
    Authentication _azureSettings = new Authentication
    {
        ClientId = "ClientId",
        ForgotPasswordPolicy = "ForgotPasswordPolicy",
        SignInOrSignUpPolicy = "SignInOrSignUpPolicy",
        Tenant = "Tenant"

    };

    protected override void OnActivityResult(int requestCode, [GeneratedEnum] Result resultCode, Intent data)
    {
        base.OnActivityResult(requestCode, resultCode, data);
        if (requestCode.Equals(LocationActivityResult))
        {
            if (CrossGeolocator.Current.IsGeolocationEnabled)
                this.ActivityResult.TrySetResult(true);
            else
                this.ActivityResult.TrySetResult(false);
        }
        else
        {
            AuthenticationAgentContinuationHelper.SetAuthenticationAgentContinuationEventArgs(requestCode, resultCode, data);
        }
    }

    public class Authentication
    {
        public string Tenant { get; set; }
        public string ClientId { get; set; }
        public string SignInOrSignUpPolicy { get; set; }
        public string ForgotPasswordPolicy { get; set; }
    }

    public Task<AuthenticationResult> AcquireTokenSilentAsync()
    {
        string[] scopes = { _azureSettings.ClientId };
        var res = _publicClientApplication.AcquireTokenSilentAsync(scopes, "", _authority, _azureSettings.SignInOrSignUpPolicy, false);
        return _publicClientApplication.AcquireTokenSilentAsync(scopes, "", _authority, _azureSettings.SignInOrSignUpPolicy, false);
    }

    public async Task<AuthenticationResult> AcquireTokenAsync()
    {
        string[] scopes = { _azureSettings.ClientId };
        return await _publicClientApplication.AcquireTokenAsync(scopes, "", UiOptions.SelectAccount, string.Empty, null, _authority, _azureSettings.SignInOrSignUpPolicy);
    }
}

我现在把所有东西放在同一个班级,只是为了测试结果。您可以给我的任何示例或者您可以指向我的Xamarin.Android上的任何文档都会非常有帮助。

提前致谢。

2 个答案:

答案 0 :(得分:0)

使用带有Azure AD B2C的MSAL .NET,该代码看起来正确。

值得一提的唯一(可能是有意的)是您使用AcquireTokenAsyncAcquireTokenSilentAsync的应用。通常,最好的模式是进行静默调用(将检查令牌缓存中的令牌,如果无法获得有效的访问令牌则会失败),然后在失败时调用正常的AcquireTokenAsync

这样,每次打开应用程序或您的应用程序需要令牌时,具有有效令牌的用户都不必反复登录。

Microsoft有一个代码示例,演示如何use MSAL .NET (Xamarin) with Azure AD B2C。与往常一样,B2C Developer Guide是寻找文档的好地方。

答案 1 :(得分:0)

所以在花了好几周之后,我终于能够做到了。

所以我的应用程序现在有一个Azure AD B2C后端,我可以从Xamarin Android(本机)应用程序进行身份验证,并从我的Easy Tables访问数据。

以下是它的工作原理:

您首先需要从Azure B2C获取令牌,因此一旦成功,authResult将保留新用户,您可以在其中访问令牌和用户名。

PublicClientApplication publicClientApplication = new PublicClientApplication(AuthParameters.Authority, AuthParameters.ClientId);
var authResult = await publicClientApplication.AcquireTokenSilentAsync(AuthParameters.Scopes, "", AuthParameters.Authority, AuthParameters.Policy, false);
//      await Navigation.PushAsync(new SecurePage());
var result = authResult.Token;

            textbox.Text = authResult.User.Name;

第二件事是通过loginasync将令牌发送到您的mobileservice客户端。

JObject payload = new JObject();
payload["access_token"] = authResult.Token;
try
{
    var user = await MobileService.LoginAsync(MobileServiceAuthenticationProvider.WindowsAzureActiveDirectory, payload);
}

这是AuthParameters类,用于存储所需的数据:

public class AuthParameters
{
    public const string Authority = "https://login.microsoftonline.com/YOURSITE.onmicrosoft.com/";
    public const string ClientId = "Client ID from B2C APP";
    public static readonly string[] Scopes = { ClientId };
    public const string Policy = "POLICY_NAME_FROM_B2CTenant";
}

现在,在azure门户网站上,您应该拥有一个活跃的Azure B2C应用程序和一个移动服务客户端。它们应该链接在一起,链接它们的方式是通过这个链接

https://developer.xamarin.com/guides/xamarin-forms/cloud-services/authentication/azure-ad-b2c-mobile-app/

现在,您应该可以通过MobileServiceClient

正常访问您的简易表
相关问题
最新问题