Asp.net mvc 如何在不使用对话框的情况下在Azure Active Directory中进行授权?
我的应用程序为所有用户显示我的power bi帐户的仪表板,我通过对话框授权Azure Active Directory以获取访问令牌。我可以在不使用授权对话框的情况下硬编码凭据并获取访问令牌吗。 代码。它可以工作,但正在使用授权对话框Asp.net mvc 如何在不使用对话框的情况下在Azure Active Directory中进行授权?,asp.net-mvc,azure,azure-active-directory,powerbi,powerbi-embedded,Asp.net Mvc,Azure,Azure Active Directory,Powerbi,Powerbi Embedded,我的应用程序为所有用户显示我的power bi帐户的仪表板,我通过对话框授权Azure Active Directory以获取访问令牌。我可以在不使用授权对话框的情况下硬编码凭据并获取访问令牌吗。 代码。它可以工作,但正在使用授权对话框 var @params = new NameValueCollection { {"response_type", "code"}, {"client_id", Propert
var @params = new NameValueCollection
{
{"response_type", "code"},
{"client_id", Properties.Settings.Default.ClientID},
{"resource", "https://analysis.windows.net/powerbi/api"},
{"redirect_uri", "http://localhost:13526/Redirect"}
};
var queryString = HttpUtility.ParseQueryString(string.Empty);
queryString.Add(@params);
string authorityUri = "https://login.windows.net/common/oauth2/authorize/";
var authUri = String.Format("{0}?{1}", authorityUri, queryString);
Response.Redirect(authUri);
Redirect.aspx
string redirectUri = "http://localhost:13526/Redirect";
string authorityUri = "https://login.windows.net/common/oauth2/authorize/";
string code = Request.Params.GetValues(0)[0];
TokenCache TC = new TokenCache();
AuthenticationContext AC = new AuthenticationContext(authorityUri, TC);
ClientCredential cc = new ClientCredential
(Properties.Settings.Default.ClientID,
Properties.Settings.Default.ClientSecret);
AuthenticationResult AR = AC.AcquireTokenByAuthorizationCode(code, new Uri(redirectUri), cc);
Session[_Default.authResultString] = AR;
Response.Redirect("/Default.aspx");
Default.aspx
string responseContent = string.Empty;
System.Net.WebRequest request = System.Net.WebRequest.Create(String.Format("{0}dashboards", baseUri)) as System.Net.HttpWebRequest;
request.Method = "GET";
request.ContentLength = 0;
request.Headers.Add("Authorization", String.Format("Bearer {0}", authResult.AccessToken));
using (var response = request.GetResponse() as System.Net.HttpWebResponse)
{
using (var reader = new System.IO.StreamReader(response.GetResponseStream()))
{
responseContent = reader.ReadToEnd();
PBIDashboards PBIDashboards = JsonConvert.DeserializeObject<PBIDashboards>(responseContent);
}
}
var@params=新名称值集合
{
{“响应类型”,“代码”},
{“client_id”,Properties.Settings.Default.ClientID},
{“资源”https://analysis.windows.net/powerbi/api"},
{“重定向uri”http://localhost:13526/Redirect"}
};
var queryString=HttpUtility.ParseQueryString(string.Empty);
queryString.Add(@params);
字符串authorityUri=”https://login.windows.net/common/oauth2/authorize/";
var authUri=String.Format(“{0}?{1}”,authorityUri,queryString);
重定向(authUri);
重定向.aspx
字符串重定向URI=”http://localhost:13526/Redirect";
字符串authorityUri=”https://login.windows.net/common/oauth2/authorize/";
字符串代码=Request.Params.GetValues(0)[0];
TokenCache TC=新的TokenCache();
AuthenticationContext AC=新的AuthenticationContext(authorityUri,TC);
ClientCredential cc=新的ClientCredential
(Properties.Settings.Default.ClientID,
Properties.Settings.Default.ClientSecret);
AuthenticationResult AR=AC.AcquireTokenByAuthorizationCode(代码,新Uri(重定向Uri),cc);
会话[\u Default.authResultString]=AR;
Response.Redirect(“/Default.aspx”);
Default.aspx
string responseContent=string.Empty;
System.Net.WebRequest request=System.Net.WebRequest.Create(String.Format(“{0}仪表盘”,baseUri))作为System.Net.HttpWebRequest;
request.Method=“GET”;
request.ContentLength=0;
Add(“Authorization”,String.Format(“Bearer{0}”,authResult.AccessToken));
使用(var response=request.GetResponse()作为System.Net.HttpWebResponse)
{
使用(var reader=new System.IO.StreamReader(response.GetResponseStream())
{
responseContent=reader.ReadToEnd();
PBIDashboards PBIDashboards=JsonConvert.DeserializeObject(responseContent);
}
}
我做过一次,没有使用ADAL。对于Power BI也是如此,因为它们不提供应用程序权限,只提供委派权限
您需要使用grant\u type=password
调用AAD令牌端点。您将在表单参数中指定用户名和密码,以及客户端id、客户端机密和资源URI
以下是我编写的函数:
private async Task<string> GetAccessToken()
{
string tokenEndpointUri = Authority + "oauth2/token";
var content = new FormUrlEncodedContent(new []
{
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", Username),
new KeyValuePair<string, string>("password", Password),
new KeyValuePair<string, string>("client_id", ClientId),
new KeyValuePair<string, string>("client_secret", ClientSecret),
new KeyValuePair<string, string>("resource", PowerBiResourceUri)
}
);
using (var client = new HttpClient())
{
HttpResponseMessage res = await client.PostAsync(tokenEndpointUri, content);
string json = await res.Content.ReadAsStringAsync();
AzureAdTokenResponse tokenRes = JsonConvert.DeserializeObject<AzureAdTokenResponse>(json);
return tokenRes.AccessToken;
}
}
我做过一次,没有使用ADAL。对于Power BI也是如此,因为它们不提供应用程序权限,只提供委派权限 您需要使用
grant\u type=password
调用AAD令牌端点。您将在表单参数中指定用户名和密码,以及客户端id、客户端机密和资源URI
以下是我编写的函数:
private async Task<string> GetAccessToken()
{
string tokenEndpointUri = Authority + "oauth2/token";
var content = new FormUrlEncodedContent(new []
{
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", Username),
new KeyValuePair<string, string>("password", Password),
new KeyValuePair<string, string>("client_id", ClientId),
new KeyValuePair<string, string>("client_secret", ClientSecret),
new KeyValuePair<string, string>("resource", PowerBiResourceUri)
}
);
using (var client = new HttpClient())
{
HttpResponseMessage res = await client.PostAsync(tokenEndpointUri, content);
string json = await res.Content.ReadAsStringAsync();
AzureAdTokenResponse tokenRes = JsonConvert.DeserializeObject<AzureAdTokenResponse>(json);
return tokenRes.AccessToken;
}
}
我希望使用UserCreadential,您可以提供azure订阅的用户名和密码,并且可以获取AccessToken并调用您的api。我希望它能帮助你
string ResourceUrl="https://analysis.windows.net/powerbi/api";
string ClientId=Properties.Settings.Default.ClientID;//as per your code
AuthenticationContext authenticationContext = new AuthenticationContext(Constants.AuthString, false);
UserCredential csr = new UserCredential("your-username", "password");
AuthenticationResult authenticationResult = authenticationContext.AcquireToken(ResourceUrl,ClientId, usr);
string token = authenticationResult.AccessToken;
我希望使用UserCreadential,您可以提供azure订阅的用户名和密码,并且可以获取AccessToken并调用您的api。我希望它能帮助你
string ResourceUrl="https://analysis.windows.net/powerbi/api";
string ClientId=Properties.Settings.Default.ClientID;//as per your code
AuthenticationContext authenticationContext = new AuthenticationContext(Constants.AuthString, false);
UserCredential csr = new UserCredential("your-username", "password");
AuthenticationResult authenticationResult = authenticationContext.AcquireToken(ResourceUrl,ClientId, usr);
string token = authenticationResult.AccessToken;
您是否可以在尝试执行相同操作的地方共享一些代码,以及一些可能的错误或例外我希望这会有助于您在上给出答案您是否可以在尝试执行相同操作的地方共享一些代码,还有一些可能的错误或异常我希望它能帮助您在获取异常附加信息时给出此答案:AADSTS70002:请求正文必须包含以下参数:“client_secret或client_assertion”。Constants.AuthString=如果我将客户机_id更改为客户机_secret,我将获得找不到异常的应用程序集异常附加信息:AADSTS70002:请求正文必须包含以下参数:“客户机_secret或客户机_断言”。Constants.AuthString=如果我将客户端\u id更改为客户端\u secret,我将获得未找到的异常应用程序您是genius。我没有想到web应用程序可以以非交互方式获得访问令牌。您是genius。我没有想到web应用程序可以以非交互方式获得访问令牌。