使用 ADAL v3 使用 ClientID 对 Dynamics 365 进行身份验证答案

【问题标题】：Authenticate to Dynamics 365 using ADAL v3 using ClientID使用 ADAL v3 使用 ClientID 对 Dynamics 365 进行身份验证
【发布时间】：2018-11-20 13:44:18
【问题描述】：

我正在尝试对我们的在线 Dynamics CRM 进行身份验证以使用可用的 API。

我能找到的唯一官方文档是：https://docs.microsoft.com/en-us/dynamics365/customer-engagement/developer/connect-customer-engagement-web-services-using-oauth 但它使用了 ADAL V3 中不再存在的“AquireToken”，它已被“AcquireTokenAsync”取代。

这是我第一次处理 ADAL 并尝试进行身份验证，之前只处理过“HttpWebRequest”自定义 API。

我目前只是尝试使用 docs.microsoft.com 上的内容让代码运行没有任何错误，我尝试将“AcquireToken”更改为“AcquireTokenAsync”。

public void authenticateToCRM()
        {
            // TODO Substitute your correct CRM root service address,   
            string resource = "https://qqqqqqqqq.crm4.dynamics.com";

            // TODO Substitute your app registration values that can be obtained after you  
            // register the app in Active Directory on the Microsoft Azure portal.  
            string clientId = "******-****-*******-*****-****";
            string redirectUrl = "https://qqqqqqqqq.azurewebsites.net";

            // Authenticate the registered application with Azure Active Directory.  
            AuthenticationContext authContext = new AuthenticationContext("https://login.windows.net/common", false);
            AuthenticationResult result = authContext.AcquireTokenAsync(resource, clientId, new Uri(redirectUrl));
        }

这会导致 'AcquireToken' 中的 'clientId' 字符串变量出错...

"参数 2：无法从 'string' 转换为 'Microsoft.IdentityModel.Clients.ActiveDirectory.ClientCredentials"

第三个变量“new Uri(redirectUrl)”的错误，...

"参数 3：无法从 'System.Uri' 转换为 'Microsoft.IdentityModel.Clients.ActiveDirectory.UserAssertion"

查看“AuthenticationContext”类的文档和“AcquireTokenAsync”的用法，许多都将字符串作为第二个参数：https://docs.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.clients.activedirectory.authenticationcontext?view=azure-dotnet

我不知道如何将 ms 文档中显示的使用“AcquireToken”进行身份验证的用法与“AcquireTokenAsync”一起使用

【问题讨论】：

CRM SDK 示例使用允许传递用户名和密码凭据的 ADAL 2.x。这已在 ADAL 3.x 中删除。继续使用2.x代库就好了。下面的答案要求您在应用注册中指定客户端密码，并且是更适用于服务器到服务器方案的示例。此处描述：docs.microsoft.com/en-us/dynamics365/customer-engagement/…

标签： c# asp.net-mvc azure oauth adal

【解决方案1】：

using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Web;
using System.Web.Mvc;
using System.Data;
using System.Data.SqlClient;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System.Net.Http.Headers;
using System.Threading.Tasks;

namespace MYFORM_Form.Controllers
{
    public class MYController : Controller
    {
        string organizationUrl = "https://yourcrm.dynamics.com";
        string appKey = "*****";
        string aadInstance = "https://login.microsoftonline.com/";
        string tenantID = "myTenant.onmicrosoft.com";
        string clientId = "UserGUID****";
        public Task<String> SendData()
        {
            return AuthenticateWithCRM();
        }

        public async Task<String> AuthenticateWithCRM()
        {
            ClientCredential clientcred = new ClientCredential(clientId, appKey);
            AuthenticationContext authenticationContext = new AuthenticationContext(aadInstance + tenantID);
            AuthenticationResult authenticationResult = await authenticationContext.AcquireTokenAsync(organizationUrl, clientcred);
            using (HttpClient httpClient = new HttpClient())
                {
                    httpClient.BaseAddress = new Uri(organizationUrl);
                    httpClient.Timeout = new TimeSpan(0, 2, 0);  // 2 minutes  
                    httpClient.DefaultRequestHeaders.Add("OData-MaxVersion", "4.0");
                    httpClient.DefaultRequestHeaders.Add("OData-Version", "4.0");
                    httpClient.DefaultRequestHeaders.Accept.Add(
                    new MediaTypeWithQualityHeaderValue("application/json"));
                    httpClient.DefaultRequestHeaders.Authorization =
                    new AuthenticationHeaderValue("Bearer", authenticationResult.AccessToken);
                    JObject myContact = new JObject
                        {
                            {"[EntityFieldname]", "[ValueToBeAdded]"}
                        };

                        HttpResponseMessage CreateResponse = await SendAsJsonAsync(httpClient, HttpMethod.Post, "api/data/v8.2/[EntityName]", myContact);

                        Guid applicationID = new Guid();
                        if (CreateResponse.IsSuccessStatusCode)
                        {
                            string applicationUri = CreateResponse.Headers.GetValues("OData-EntityId").FirstOrDefault();
                            if (applicationUri != null)
                                applicationID = Guid.Parse(applicationUri.Split('(', ')')[1]);
                            Console.WriteLine("Account created Id=", applicationID);
                            return applicationID.ToString();
                        }
                        else
                            return null;
                }

        }

        public static Task<HttpResponseMessage> SendAsJsonAsync<T>(HttpClient client, HttpMethod method, string requestUri, T value)
        {
            var content = value.GetType().Name.Equals("JObject") ?
                value.ToString() :
                JsonConvert.SerializeObject(value, new JsonSerializerSettings() { DefaultValueHandling = DefaultValueHandling.Ignore });

            HttpRequestMessage request = new HttpRequestMessage(method, requestUri) { Content = new StringContent(content) };
            request.Content.Headers.ContentType = MediaTypeHeaderValue.Parse("application/json");
            request.Headers.Add("User-Agent", "User-Agent-Here");
            return  client.SendAsync(request);
        }
    }
}

【讨论】：