我已将应用程序注册为本机客户端,并显式调用令牌端点以获取承载令牌。但是,它可以与我测试的Active Directory和应用程序注册一起使用,但是为实际的Active Directory提供了无效的凭据。
var client = new HttpClient();
var tokenEndpoint = $"https://login.microsoftonline.com/{_tenantId}/oauth2/token";
var body =
$"resource={_clientId}&client_id={_clientId}&grant_type=password&username={userCredential.UserId}&password={userCredential.Password}";
var stringContent = new StringContent(body, Encoding.UTF8, "application/x-www-form-urlencoded");
var result = await client.PostAsync(tokenEndpoint, stringContent).ContinueWith<string>((response) => response.Result.Content.ReadAsStringAsync().Result);
var jobject = JObject.Parse(result);
var error = jobject.GetValue("error_description");
if (error != null)
{
return BadRequest(error);
}
var token = jobject.GetValue("access_token");
return Ok(token);