.NET Core 2.1 Azure AD B2C Web和API

时间:2018-06-04 04:10:15

标签: azure-ad-b2c asp.net-core-2.1 .net-core-2.1

使用VS 2017 15.7.2+可以轻松创建Azure AD B2C Web或API App。

所以我创建了一个兼具两者的解决方案,但我试图从Web App获取访问令牌并使用它来调用API而我找不到办法。

我尝试了选项1(无效):

private async Task<string> GetAccessTokenCacheAsync()
{
    string authority = $"{AzureAdOptions.Instance}{AzureAdOptions.ClientId}/{AzureAdOptions.SignUpSignInPolicyId}/";
    string clientId = AzureAdOptions.ClientId;
    Uri redirectUri = new Uri("https://localhost:12345/");
    string resource = targetApplicationID;
    AuthenticationContext ac = new AuthenticationContext(authority);
    AuthenticationResult result = null;
    try
    {
        result = await ac.AcquireTokenSilentAsync(resource, clientId);
    }
    catch (AdalException adalException)
    {
        if (adalException.ErrorCode == AdalError.FailedToAcquireTokenSilently
            || adalException.ErrorCode == AdalError.InteractionRequired)
        {
            result = await ac.AcquireTokenAsync(resource, clientId, redirectUri,
                                                new PlatformParameters()); //PromptBehavior.Auto
        }
    }
    return result.AccessToken;
}

我得到了:

System.NotImplementedException: 'The method or operation is not implemented.'

我尝试了选项2(无效),MSAL(Microsoft.Identity.Client):

private async Task<string> GetAccessTokenCacheAsync() {
    string authority = $"{AzureAdOptions.Instance}{AzureAdOptions.ClientId}/{AzureAdOptions.SignUpSignInPolicyId}/";
    PublicClientApplication myApp = new PublicClientApplication(AzureAdOptions.ClientId, authority);
    AuthenticationResult authenticationResult = await myApp.AcquireTokenAsync(
        new[] { $"{ApiScopeUrl}/read", $"{ApiScopeUrl}/write" }
        ,
        myApp.Users.FirstOrDefault()
        ,
        UIBehavior.ForceLogin
        ,null,null
        ,authority
        ).ConfigureAwait(false);
    return authenticationResult.AccessToken;
}

我得到了:

System.NotImplementedException: 'The method or operation is not implemented.'

我还尝试调整Azure样本中的代码,例如https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-and-webapi(Framework 4.5.1)或https://github.com/Azure-Samples/active-directory-dotnet-webapp-webapi-openidconnect-aspnetcore(Core 2.0和OpenID,没有B2C)并且失败。

https://github.com/Azure-Samples/active-directory-b2c-dotnetcore-webapp也提及实施OnAuthorizationCodeReceived,但Core 2.1似乎已实现AddAzureADB2C(黑盒子)。关于这个新库的文档似乎缺失或正在进行中,因为我找不到它。

我想知道,如何使用.NET Core 2.1中的内置功能获取Access Token?

我相信如果我知道如何实施OnAuthorizationCodeReceived,我将更接近找到答案。这里我创建的代码源和票证与此相关:https://github.com/aspnet/AADIntegration/issues/21

0 个答案:

没有答案