我尝试过使用 ASP.NET Core,以下是我使用过的两个代码 sn-ps。根据注册应用程序的类型(本机或 Web),有两种不同的方法可以从 Azure Active Directory(AAD)上的注册应用程序获取访问令牌。不同之处在于 Web 应用程序中有一个客户端密码,我们可以使用 azure 门户创建它。您需要从 azure 门户中找到客户端 ID、AAD 租户 ID、应用程序密码才能使用以下代码。
原生:
[HttpGet]
[Route("GetAccessTokenNative")]
public async Task<string> GetAccessTokenNative()
{
string token = await GetTokenNative();
return token;
}
private static async Task<string> GetTokenNative()
{
var oauthEndpoint = new Uri("https://login.microsoftonline.com/<your directory ID>/oauth2/token");
using (var client = new HttpClient())
{
var result = await client.PostAsync(oauthEndpoint, new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("resource", "https://analysis.windows.net/powerbi/api"),
new KeyValuePair<string, string>("client_id", "client ID"),
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", "username"),//PoweBI username
new KeyValuePair<string, string>("password", "password"),//PowerBI password
new KeyValuePair<string, string>("scope", "openid"),
}));
var content = await result.Content.ReadAsStringAsync();
return JsonConvert.DeserializeObject<OAuthResult>(content).AccessToken;
}
}
OAuthResult.cs
public class OAuthResult
{
[JsonProperty("token_type")]
public string TokenType { get; set; }
[JsonProperty("scope")]
public string Scope { get; set; }
[JsonProperty("experies_in")]
public int ExpiresIn { get; set; }
[JsonProperty("ext_experies_in")]
public int ExtExpiresIn { get; set; }
[JsonProperty("experies_on")]
public int ExpiresOn { get; set; }
[JsonProperty("not_before")]
public int NotBefore { get; set; }
[JsonProperty("resource")]
public Uri Resource { get; set; }
[JsonProperty("access_token")]
public string AccessToken { get; set; }
[JsonProperty("refresh_token")]
public string RefreshToken { get; set; }
}
网络:
[HttpGet]
[Route("GetAccessTokenWeb")]
public async Task<string> GetAccessTokenWeb()
{
string token = await GetTokenWeb();
return token;
}
public static async Task<string> GetTokenWeb()
{
HttpClient client = new HttpClient();
var content = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", "username"),//PowerBI username
new KeyValuePair<string, string>("password", "password"),//PowerBI password
new KeyValuePair<string, string>("client_id", "client ID"),
new KeyValuePair<string, string>("scope", "openid"),
new KeyValuePair<string, string>("client_secret", "client secret")
new KeyValuePair<string, string>("resource", "https://analysis.windows.net/powerbi/api")
});
HttpResponseMessage res = client.PostAsync("https://login.microsoftonline.com/<your directory ID>/oauth2/token", content).Result;
string json = await res.Content.ReadAsStringAsync();
AzureAdTokenResponseDto tokenRes = JsonConvert.DeserializeObject<AzureAdTokenResponseDto>(json);
return tokenRes.AccessToken;
}
AzureAdTokenResponseDto.cs
public class AzureAdTokenResponseDto
{
[JsonProperty("access_token")]
public string AccessToken { get; set; }
}