我有一个.net Web API,其中为SPA提供了一个终结点,以获取Azure oAuth 2访问令牌。当我在本地运行Web API时,该服务运行正常。但是,当我将服务发布到MS Azure时,终结点向我返回{“ Message”:“发生错误。”}。仅当我要验证用户身份时才引发错误。如果我对具有客户端机密的客户端身份验证运行相同的代码,则会正确返回访问令牌。
我的问题是,为什么仅在天蓝色时会发生这种情况,我该如何解决?
用户身份验证(不适用于Azure)
资源例如:“ https://graph.microsoft.com”
public string Get([FromUri] String resource)
{
var token = GetAuthenticatedUserAsync(resource).Result;
return token.AccessToken;
}
//Authentication of an user
[DisableCors()]
private static async Task<Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationResult> GetAuthenticatedUserAsync(String resource)
{
AuthenticationContext authContext = new AuthenticationContext("https://login.microsoftonline.com/{tenant}/oauth2/authorize");
return await authContext.AcquireTokenAsync(resource, ConfigurationManager.AppSettings["UserClientId"], new Uri("{redirect url}"), new PlatformParameters(PromptBehavior.Auto)).ConfigureAwait(false);
}
客户端身份验证(在Azure上运行)
//Authentication of a client
[DisableCors()]
public static async Task<Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationResult> GetAuthenticatedAppAsync()
{
AuthenticationContext authContext = new AuthenticationContext("https://login.microsoftonline.com/{tenant}/oauth2/authorize");
var credentials = new Microsoft.IdentityModel.Clients.ActiveDirectory.ClientCredential(ConfigurationManager.AppSettings["AppClientId"], ConfigurationManager.AppSettings["AppClientSecret"]);
return await authContext.AcquireTokenAsync(ConfigurationManager.AppSettings["GraphResource"], credentials).ConfigureAwait(false);
}