向 Azure 管理发出请求
Making requests to Azure Management
我已完成此处的指南,将 Azure AD 身份验证添加到我的应用程序:
并且可以成功登录,有一个服务主体并且一切正常。
我现在想以用户身份发出 Web 请求,但看不到如何获取要在请求中发送的身份验证详细信息,我已尝试查看 ClaimsPrincipal.Current 对象,但没有我无法传递给 HTTP 客户端来发出请求。
您引用的示例 Web 应用仅让用户登录,但您需要代表该用户获取访问令牌才能访问 api。
你可以参考这个sample。这个例子调用了另外一个webapi,那部分你可以忽略,直接把resource改成https://management.core.windows.net/
public void Configure(string name, OpenIdConnectOptions options)
{
options.ClientId = _azureOptions.ClientId;
options.Authority = _azureOptions.Authority;
options.UseTokenLifetime = true;
options.CallbackPath = _azureOptions.CallbackPath;
options.RequireHttpsMetadata = false;
options.ClientSecret = _azureOptions.ClientSecret;
options.Resource = "https://management.core.windows.net/"; // management api
options.ResponseType = "id_token code";
// Subscribing to the OIDC events
options.Events.OnAuthorizationCodeReceived = OnAuthorizationCodeReceived;
options.Events.OnAuthenticationFailed = OnAuthenticationFailed;
}
private async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedContext context)
{
// Acquire a Token for the management API
string userObjectId = (context.Principal.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier"))?.Value;
var authContext = new AuthenticationContext(context.Options.Authority, new NaiveSessionCache(userObjectId, context.HttpContext.Session));
var credential = new ClientCredential(context.Options.ClientId, context.Options.ClientSecret);
var authResult = await authContext.AcquireTokenAsync(context.Options.Resource,credential);
// Notify the OIDC middleware that we already took care of code redemption.
context.HandleCodeRedemption(authResult.AccessToken, context.ProtocolMessage.IdToken);
}
我已完成此处的指南,将 Azure AD 身份验证添加到我的应用程序:
并且可以成功登录,有一个服务主体并且一切正常。
我现在想以用户身份发出 Web 请求,但看不到如何获取要在请求中发送的身份验证详细信息,我已尝试查看 ClaimsPrincipal.Current 对象,但没有我无法传递给 HTTP 客户端来发出请求。
您引用的示例 Web 应用仅让用户登录,但您需要代表该用户获取访问令牌才能访问 api。
你可以参考这个sample。这个例子调用了另外一个webapi,那部分你可以忽略,直接把resource改成https://management.core.windows.net/
public void Configure(string name, OpenIdConnectOptions options)
{
options.ClientId = _azureOptions.ClientId;
options.Authority = _azureOptions.Authority;
options.UseTokenLifetime = true;
options.CallbackPath = _azureOptions.CallbackPath;
options.RequireHttpsMetadata = false;
options.ClientSecret = _azureOptions.ClientSecret;
options.Resource = "https://management.core.windows.net/"; // management api
options.ResponseType = "id_token code";
// Subscribing to the OIDC events
options.Events.OnAuthorizationCodeReceived = OnAuthorizationCodeReceived;
options.Events.OnAuthenticationFailed = OnAuthenticationFailed;
}
private async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedContext context)
{
// Acquire a Token for the management API
string userObjectId = (context.Principal.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier"))?.Value;
var authContext = new AuthenticationContext(context.Options.Authority, new NaiveSessionCache(userObjectId, context.HttpContext.Session));
var credential = new ClientCredential(context.Options.ClientId, context.Options.ClientSecret);
var authResult = await authContext.AcquireTokenAsync(context.Options.Resource,credential);
// Notify the OIDC middleware that we already took care of code redemption.
context.HandleCodeRedemption(authResult.AccessToken, context.ProtocolMessage.IdToken);
}