使用VS 2017 15.7.2+
可以轻松创建Azure AD B2C Web或API App。
所以我创建了一个兼具两者的解决方案,但我试图从Web App获取访问令牌并使用它来调用API而我找不到办法。
我尝试了选项1(无效):
private async Task<string> GetAccessTokenCacheAsync()
{
string authority = $"{AzureAdOptions.Instance}{AzureAdOptions.ClientId}/{AzureAdOptions.SignUpSignInPolicyId}/";
string clientId = AzureAdOptions.ClientId;
Uri redirectUri = new Uri("https://localhost:12345/");
string resource = targetApplicationID;
AuthenticationContext ac = new AuthenticationContext(authority);
AuthenticationResult result = null;
try
{
result = await ac.AcquireTokenSilentAsync(resource, clientId);
}
catch (AdalException adalException)
{
if (adalException.ErrorCode == AdalError.FailedToAcquireTokenSilently
|| adalException.ErrorCode == AdalError.InteractionRequired)
{
result = await ac.AcquireTokenAsync(resource, clientId, redirectUri,
new PlatformParameters()); //PromptBehavior.Auto
}
}
return result.AccessToken;
}
我得到了:
System.NotImplementedException: 'The method or operation is not implemented.'
我尝试了选项2(无效),MSAL(Microsoft.Identity.Client):
private async Task<string> GetAccessTokenCacheAsync() {
string authority = $"{AzureAdOptions.Instance}{AzureAdOptions.ClientId}/{AzureAdOptions.SignUpSignInPolicyId}/";
PublicClientApplication myApp = new PublicClientApplication(AzureAdOptions.ClientId, authority);
AuthenticationResult authenticationResult = await myApp.AcquireTokenAsync(
new[] { $"{ApiScopeUrl}/read", $"{ApiScopeUrl}/write" }
,
myApp.Users.FirstOrDefault()
,
UIBehavior.ForceLogin
,null,null
,authority
).ConfigureAwait(false);
return authenticationResult.AccessToken;
}
我得到了:
System.NotImplementedException: 'The method or operation is not implemented.'
我还尝试调整Azure样本中的代码,例如https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-and-webapi(Framework 4.5.1)或https://github.com/Azure-Samples/active-directory-dotnet-webapp-webapi-openidconnect-aspnetcore(Core 2.0和OpenID,没有B2C)并且失败。
此https://github.com/Azure-Samples/active-directory-b2c-dotnetcore-webapp也提及实施OnAuthorizationCodeReceived
,但Core 2.1似乎已实现AddAzureADB2C
(黑盒子)。关于这个新库的文档似乎缺失或正在进行中,因为我找不到它。
我想知道,如何使用.NET Core 2.1中的内置功能获取Access Token?
我相信如果我知道如何实施OnAuthorizationCodeReceived
,我将更接近找到答案。这里我创建的代码源和票证与此相关:https://github.com/aspnet/AADIntegration/issues/21