Azure UWP应用中的认证
我们计划实施Windows10UWP应用程序。我们希望在访问云中托管的API服务时对用户进行身份验证 以前,我们使用Azure UWP应用中的认证,azure,uwp,Azure,Uwp,我们计划实施Windows10UWP应用程序。我们希望在访问云中托管的API服务时对用户进行身份验证 以前,我们使用Microsoft.IdentityModel.Clients.ActiveDirectoryNuGet包在windows store 8.1中进行身份验证。如何在Windows UWP应用程序中对用户进行身份验证?我认为Windows应用商店和Windows Phone的AAD代码不同,我们如何利用AAD库实现Windows 10 UWP应用程序。我听说过令牌代理身份验证体系结构
Microsoft.IdentityModel.Clients.ActiveDirectory
NuGet包在windows store 8.1中进行身份验证。如何在Windows UWP应用程序中对用户进行身份验证?我认为Windows应用商店和Windows Phone的AAD代码不同,我们如何利用AAD库实现Windows 10 UWP应用程序。我听说过令牌代理身份验证体系结构。除了Facebook等,这对Azure Active Directory有效吗
请告诉我是否有AAD库在电话和商店(即Universal App)中工作的变通方法。如果您有一个本机应用程序希望访问Azure上的API并通过oAuth验证,您需要使用“oAuth 2.0授权代码流”,如中所述 这要求您在Azure目录中同时安装本机应用程序和api 在示例中,给出了一个访问graph.microsoft.com API的UWP应用程序,但您可以用自己的API替换它 桑德 如果这回答了您的问题,请标记为这样,以便我们可以帮助他人。让我解释一下步骤。 你仍然可以使用 在UWP应用程序中 要做到这一点,您必须添加NuGet包(我粘贴了上面的链接)。完成此操作后,在应用程序中实施身份验证的步骤很少: 1) 存储身份验证所需的信息(例如在App.xaml.cs构造函数中):
var localSettings=ApplicationData.Current.localSettings;
localSettings.Values[“ida:AADInstance”]=”https://login.windows.net/{0}";
localSettings.Values[“ida:Tenant”]=”;
localSettings.Values[“ida:ClientId”]=”;
localSettings.Values[“ida:RedirectUri”]=”;
localSettings.Values[“ApiBaseAddress”]=“”;
localSettings.Values[“ServiceAddress”]=“”;
现在编写身份验证代码(这是helper类):
类ADContextHelper
{
ApplicationDataContainer\u localSettings;
AuthenticationContext\u authContext;
弦乐;
字符串\u租户;
字符串_clientId;
Uri(u)Uri ;;
字符串(u)权限;;
字符串_apiResourceId;
字符串apiBaseAddress;
公共ADContext()
{
_localSettings=ApplicationData.Current.localSettings;
配置设置();
_authContext=新的AuthenticationContext(\u authority);
}
专用void配置设置()
{
_aadInstance=_localSettings.Values[“ida:aadInstance”].ToString();
_租户=_localSettings.Values[“ida:tenant”].ToString();
_clientId=_localSettings.Values[“ida:clientId”].ToString();
_redirectUri=新Uri(_localSettings.Values[“ida:redirectUri”].ToString());
_authority=String.Format(_aadInstance,_tenant);
_apiResourceId=_localSettings.Values[“apiResourceId”].ToString();
_apiBaseAddress=_localSettings.Values[“apiBaseAddress”].ToString();
}
公共异步任务身份验证()
{
AuthenticationResult authResult=await\u authContext.AcquireTokenAsync(\u apiResourceId,\u clientId,\u redirectUri);
//在此检索令牌:
var token=authResult.AccessToken;
返回令牌;
}
}
最后,我还包括注销代码-也许您希望包括:
public async Task<bool> Logout()
{
string requestUrl = "https://login.microsoftonline.com/" + _tenant + "/oauth2/logout?post_logout_redirect_uri=" + _redirectUri;
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, requestUrl);
var response = await client.SendAsync(request);
}
public异步任务注销()
{
字符串requestUrl=”https://login.microsoftonline.com/“+_tenant+”/oauth2/logout?注销后重定向_uri=“+_redirectUri;
var client=新的HttpClient();
var request=newhttprequestmessage(HttpMethod.Get,requestUrl);
var response=wait client.sendaync(请求);
}
我希望这将对您有所帮助。我的UWP应用程序不适用于AAD,我可以像这样使用浏览器和端点登录,但当我尝试使用UWP应用程序登录时,在弹出提示窗口并输入电子邮件地址并按enter键后,我发现资源找不到错误。这是否意味着我还没有在Azure广告中设置我的本机应用程序?我只设置了Azure移动应用程序端点?
class ADContextHelper
{
ApplicationDataContainer _localSettings;
AuthenticationContext _authContext;
string _aadInstance;
string _tenant;
string _clientId;
Uri _redirectUri;
string _authority;
string _apiResourceId;
string _apiBaseAddress;
public ADContext()
{
_localSettings = ApplicationData.Current.LocalSettings;
configureSettings();
_authContext = new AuthenticationContext(_authority);
}
private void configureSettings()
{
_aadInstance = _localSettings.Values["ida:AADInstance"].ToString();
_tenant = _localSettings.Values["ida:Tenant"].ToString();
_clientId = _localSettings.Values["ida:ClientId"].ToString();
_redirectUri = new Uri(_localSettings.Values["ida:RedirectUri"].ToString());
_authority = String.Format(_aadInstance, _tenant);
_apiResourceId = _localSettings.Values["ApiResourceId"].ToString();
_apiBaseAddress = _localSettings.Values["ApiBaseAddress"].ToString();
}
public async Task<string> Authenticate()
{
AuthenticationResult authResult = await _authContext.AcquireTokenAsync(_apiResourceId, _clientId, _redirectUri);
//Here you retrieve the token:
var token = authResult.AccessToken;
return token;
}
}
public async Task<bool> Logout()
{
string requestUrl = "https://login.microsoftonline.com/" + _tenant + "/oauth2/logout?post_logout_redirect_uri=" + _redirectUri;
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, requestUrl);
var response = await client.SendAsync(request);
}