Microsoft Graph 客户端错误:需要身份验证质询错误
我正在开发 Blazor 服务器端 .Net 5.0 应用程序,该应用程序允许用户在登录后从 Azure AD B2C 中删除用户。我正在使用 this article 中包含的信息。我收到了 Message: Authentication challenge is required. 错误。
我会遗漏什么?
使用 Azure AD B2C 删除用户的代码:
using Microsoft.Graph;
using Microsoft.Graph.Auth;
using Microsoft.Identity.Client;
public async Task DeleteUser(string id)
{
var confidentialClientApplication = ConfidentialClientApplicationBuilder
.Create(this.azureADB2C.ClientId)
.WithRedirectUri(this.azureADB2C.RedirectUri)
.WithClientSecret(this.azureADB2C.ClientSecret)
.Build();
var authorizationCodeProvider = new AuthorizationCodeProvider(confidentialClientApplication);
var graphClient = new GraphServiceClient( authorizationCodeProvider );
await graphClient.Users[id].Request().DeleteAsync();
}
AppSettings.json:
"AzureADB2C": {
"Instance": "https://InstaTranscribe.b2clogin.com/",
"Domain": "InstaTranscribe.onmicrosoft.com",
"ClientId": "<ClientId>",
"SignUpSignInPolicyId": "B2C_1_SignUpSignInUserFlow",
"ResetPasswordPolicyId": "B2C_1_PasswordResetUserFlow",
"EditProfilePolicyId": "B2C_1_ProfileEditingUserFlow",
"CallbackPath": "/signin-oidc",
"RedirectUri": "http://localhost:20000/signin-oidc",
"ClientSecret": "<ClientSecret>"
},
异常堆栈:
Status Code: 0
Microsoft.Graph.ServiceException: Code: generalException
Message: An error occurred sending the request.
---> Microsoft.Graph.Auth.AuthenticationException: Code: authenticationChallengeRequired
Message: Authentication challenge is required.
at Microsoft.Graph.Auth.AuthorizationCodeProvider.AuthenticateRequestAsync(HttpRequestMessage httpRequestMessage)
at Microsoft.Graph.AuthenticationHandler.SendAsync(HttpRequestMessage httpRequestMessage, CancellationToken cancellationToken)
at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken)
at Microsoft.Graph.HttpProvider.SendRequestAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at Microsoft.Graph.HttpProvider.SendRequestAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)
at Microsoft.Graph.HttpProvider.SendAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)
at Microsoft.Graph.BaseRequest.SendRequestAsync(Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)
at Microsoft.Graph.BaseRequest.SendAsync[T](Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)
at Microsoft.Graph.UserRequest.DeleteAsync(CancellationToken cancellationToken)
at Services.SecurityService.DeleteUser(String id) in C:\temp\InstaTranscribeServerSide\Services\SecurityService.cs:line 109
at InstaTranscribeServerSide.Pages.DeleteAccountComponent.EditForm_OnValidSubmit() in C:\temp\InstaTranscribeServerSide\server\Pages\DeleteAccount.razor.designer.cs:line 62
更新 1:
堆栈跟踪:
Status Code: Unauthorized
Microsoft.Graph.ServiceException: Code: Authorization_IdentityNotFound
Message: The identity of the calling application could not be established.
Inner error:
AdditionalData:
date: 2021-04-12T04:15:43
request-id: 758804d0-075b-4946-94cb-af7241feedd1
client-request-id: 758804d0-075b-4946-94cb-af7241feedd1
ClientRequestId: 758804d0-075b-4946-94cb-af7241feedd1
at Microsoft.Graph.HttpProvider.SendAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)
at Microsoft.Graph.BaseRequest.SendRequestAsync(Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)
at Microsoft.Graph.BaseRequest.SendAsync[T](Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)
at Microsoft.Graph.UserRequest.DeleteAsync(CancellationToken cancellationToken)
at Services.SecurityService.DeleteUser(String id) in C:\temp\InstaTranscribeServerSide\Services\SecurityService.cs:line 109
at InstaTranscribeServerSide.Pages.DeleteAccountComponent.EditForm_OnValidSubmit() in C:\temp\InstaTranscribeServerSide\server\Pages\DeleteAccount.razor.designer.cs:line 62
1 个答案:
答案 0 :(得分:1)
您似乎想使用应用程序令牌(您在应用注册中分配应用程序权限)删除用户。
在这种情况下,您应该使用 ClientCredentialProvider 而不是 AuthorizationCodeProvider。
IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithTenantId(tenantID)
.WithClientSecret(clientSecret)
.Build();
ClientCredentialProvider authenticationProvider = new ClientCredentialProvider(confidentialClientApplication);
var graphClient = new GraphServiceClient(authenticationProvider);
不要忘记在 Azure 门户上单击“授予{您的租户}的管理员同意”。
相关问题
- msxml3.dll错误'80072f0c'需要证书才能完成客户端身份验证
- 需要证书才能完成客户端身份验证
- NSURLSessionTask身份验证质询completionHandler和NSURLAuthenticationChallenge客户端
- ServerXMLHTTP - msxml3.dll错误'80072f0c' - 需要证书才能完成客户端身份验证
- TLS客户端身份验证错误
- 设置IIS客户端证书映射身份验证(客户端需要私钥)
- C#身份验证客户端PSE身份验证
- Tomcat 8.5客户端身份验证-错误证书错误
- Azure Microsoft Graph - 身份验证错误
- Microsoft Graph 客户端错误:需要身份验证质询错误
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?