【发布时间】:2016-11-11 08:04:14
【问题描述】:
我正在关注 Microsoft Graph repository on github 提供的示例。在其中,它描述了使用需要访问令牌的 DelegateAuthenticationProvider。 Marc LaFleur 的primer on auth flow 指定了一种获取访问令牌的方法,我结合guidance 使服务-服务身份验证工作。
即使我收到了似乎是有效的访问令牌,当我通过图形客户端发出命令时,我从 Microsoft Graph 中得到一个 ServiceException 声明,
"{ 代码:InvalidAuthenticationToken 消息:访问令牌验证失败。 内在错误 }"
我没有看到任何其他内部错误。
我做错了什么?
这是我想出的代码:
var clientId = "[app-guid]";
var clientSecret = "[secret-from-app-dashboard]";
var resource = "[app-guid]";
var baseUrl = "https://login.microsoftonline.com";
var loginUrl = "/[tenant guid]/oauth2/token";
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(baseUrl);
var content = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("grant_type", "client_credentials"),
new KeyValuePair<string, string>("client_id", clientId),
new KeyValuePair<string, string>("client_secret", clientSecret),
new KeyValuePair<string, string>("resource", resource)
});
var result = client.PostAsync(loginUrl, content).Result;
string resultContent = result.Content.ReadAsStringAsync().Result;
var json = JObject.Parse(resultContent);
accessToken = (string)json["access_token"];
}
var header = new AuthenticationHeaderValue("Bearer", accessToken);
var graphserviceClient = new GraphServiceClient(
new DelegateAuthenticationProvider(
(requestMessage) =>
{
requestMessage.Headers.Authorization = header;
return Task.FromResult(0);
}));
try
{
var users = await graphserviceClient.Users.Request().GetAsync();
var user = users.First();
}
catch (Microsoft.Graph.ServiceException servex)
{
Console.WriteLine(servex);
}
【问题讨论】: