Azure ad b2c Graph API未通过项目代码工作,但相同的URL通过AD Graph Explorer工作
我已经从Git下载了一个用于AAD图形API的MVC应用程序。我运行了这个应用程序,但每次都没有得到预期的结果 为了找到错误,我使用postman运行了相同的api,下面生成的令牌就是响应Azure ad b2c Graph API未通过项目代码工作,但相同的URL通过AD Graph Explorer工作,azure-ad-b2c,azure-active-directory,azure-ad-graph-api,Azure Ad B2c,Azure Active Directory,Azure Ad Graph Api,我已经从Git下载了一个用于AAD图形API的MVC应用程序。我运行了这个应用程序,但每次都没有得到预期的结果 为了找到错误,我使用postman运行了相同的api,下面生成的令牌就是响应 { "odata.error": { "code": "Request_ResourceNotFound", "message": { "lang": "en", "value": "Resource not found for the segment 'me
{
"odata.error": {
"code": "Request_ResourceNotFound",
"message": {
"lang": "en",
"value": "Resource not found for the segment 'me'."
}
}
}
https://graph.windows.net/XXXXX/me?api-version=1.6
// Get the access token from the cache
string userObjectID =
ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier")
.Value;
string authority = String.Format(CultureInfo.InvariantCulture, aadInstance, tenant);
//AuthenticationContext authContext = new AuthenticationContext(authority,
// new NaiveSessionCache(userObjectID));
ClientCredential credential = new ClientCredential(clientId, appKey);
AuthenticationContext authContext = new AuthenticationContext(authority, true);
result = await authContext.AcquireTokenAsync(graphResourceId.ToString(), credential);
var Token = result.AccessToken;
//// AcquireTokenSilentAsync
//result = await authContext.AcquireTokenSilentAsync(graphResourceId, credential,
// new UserIdentifier(userObjectID, UserIdentifierType.UniqueId));
// Call the Graph API manually and retrieve the user's profile.
string requestUrl = String.Format(
CultureInfo.InvariantCulture,
graphUserUrl,
HttpUtility.UrlEncode(tenantId));
HttpClient client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, requestUrl);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
HttpResponseMessage response = await client.SendAsync(request);
// Return the user's profile in the view.
if (response.IsSuccessStatusCode)
{
string responseString = await response.Content.ReadAsStringAsync();
profile = JsonConvert.DeserializeObject<UserProfile>(responseString);
}
//从缓存中获取访问令牌
字符串userObjectID=
ClaimsPrincipal.Current.FindFirst(“http://schemas.microsoft.com/identity/claims/objectidentifier")
价值
string authority=string.Format(CultureInfo.InvariantCulture,aadInstance,tenant);
//AuthenticationContext authContext=新的AuthenticationContext(授权,
//新的NaiveSessionCache(userObjectID));
ClientCredential=新的ClientCredential(clientId,appKey);
AuthenticationContext authContext=新的AuthenticationContext(authority,true);
结果=等待authContext.AcquireTokenAsync(graphResourceId.ToString(),凭证);
var Token=result.AccessToken;
////AcquireTokenSilentAsync
//结果=等待authContext.AcquireTokenSilentAsync(graphResourceId,凭证,
//新的UserIdentifier(userObjectID,UserIdentifierType.UniqueId));
//手动调用Graph API并检索用户的配置文件。
string requestUrl=string.Format(
CultureInfo.InvariantCulture,
Graphuserul,
HttpUtility.UrlEncode(tenantId));
HttpClient=新的HttpClient();
HttpRequestMessage请求=新的HttpRequestMessage(HttpMethod.Get,requestUrl);
request.Headers.Authorization=新的AuthenticationHeaderValue(“承载者”,result.AccessToken);
HttpResponseMessage response=等待客户端.SendAsync(请求);
//在视图中返回用户的配置文件。
if(响应。IsSuccessStatusCode)
{
string responseString=wait response.Content.ReadAsStringAsync();
profile=JsonConvert.DeserializeObject(responseString);
}
你们能告诉我我的代码有什么问题吗。为什么它在AAD资源管理器上工作而不是在本地主机上工作 要请求Azure AD Graph REST的
me您能否共享您的访问令牌(混淆敏感信息后)?您希望确保使用带有用户上下文的访问令牌,否则Graph API将不知道“我”是谁。感谢Fei的回复,我也尝试了此代码,但使用此代码我无法生成令牌。当我使用上述代码时,我得到了异常。少了什么吗。另外,我已经从git下载了相同的项目,并按照我们的AAD进行了配置。我已经为这个问题创建了不同的线程,您可以找到您得到的错误消息是什么?当用户登录
AuthorizationCodeReceivedStartupresult = await authContext.AcquireTokenSilentAsync(graphResourceId, credential,
new UserIdentifier(userObjectID, UserIdentifierType.UniqueId));