使用 509 证书进行身份验证时未生成令牌
Token not being generated when using a 509 certificate for authentication
我在尝试启动试图联系 Microsoft outlook 的控制台应用程序时收到身份验证错误 api。我使用控制台日志创建了这个应用程序,我将在这个问题中显示它。似乎我在尝试静默获取令牌时遇到此错误,但从我看到的每个示例来看,我似乎都在正确地做这件事。
这是我看到的导致错误的两个函数。
用于身份验证的令牌获取功能:
private static string EMAIL_SERVICE_ACCOUNT = "********@dell.com";
private static string EMAIL_SERVICE_PWD = "*******";
private static string ClientID = "************************";
private static string ClientSecret ="**********************";
private static Uri ReturnUri = new Uri("https://localhost:44300/");
private static string CommonAuthority = "https://login.windows.net/Common";
public static AuthenticationContext AuthContext { get; set; }
private static async Task<AuthenticationResult> AcquireTokenAsync(string authContextUrl, string resourceId)
{
AuthenticationResult ar = null;
try
{
AuthContext = new AuthenticationContext(authContextUrl);
if (AuthContext.TokenCache.ReadItems().Count() > 0)
{
string cachedAuthority =
AuthContext.TokenCache.ReadItems().First().Authority;
AuthContext = new AuthenticationContext(cachedAuthority);
}
//ClientCredential clientCredential = new ClientCredential(ClientID, ClientSecret); << not invoking this
ar = (await AuthContext.AcquireTokenSilentAsync(resourceId, ClientID));
}
catch (Exception e)
{
//not in cache; we'll get it with the full oauth flow
if (e.InnerException != null)
Console.WriteLine("Inner exception: {0}", e.InnerException);
}
if (ar == null)
{
try
{
UserCredential uc = new UserCredential(EMAIL_SERVICE_ACCOUNT, EMAIL_SERVICE_PWD);
ar = AuthContext .AcquireToken(resourceId, ClientID, uc);
}
catch (Exception acquireEx)
{
//utter failure here, we need let the user know we just can't do it
Console.WriteLine("Error trying to acquire authentication result: " + acquireEx.Message);
if (acquireEx.InnerException != null)
Console.WriteLine("Inner exception: {0}", acquireEx.InnerException);
}
}
return ar;
}
这是我创建 OutLook 客户端的函数
private static async Task<OutlookServicesClient> GetOutlookClient()
{
OutlookServicesClient oc = null;
try
{
string MAIL_RESOURCE_ID = "https://outlook.office365.com";
AuthenticationResult ar = await AcquireTokenAsync(CommonAuthority, MAIL_RESOURCE_ID);
if (ar != null)
{
oc = new OutlookServicesClient(new Uri("https://outlook.office365.com/api/v1.0"), () =>
Task.Run(() =>
{
return ar.AccessToken;
}));
}
}
catch (Exception ex)
{
Console.WriteLine("Error getting Outlook client: " + ex.Message);
if (ex.InnerException != null)
Console.WriteLine("Inner exception: {0}", ex.InnerException);
}
return oc;
}
这是我遇到的错误
好的,我找到了解决我想做的事情的方法,我决定继续使用 x509 证书 v2 来解决这个问题,我还发现这对我的项目来说效果更好因为它将成为一个控制台应用程序。这是我的代码片段,可以有效地获取令牌以便针对 Azure 进行身份验证。
509 证书以获取身份验证令牌:
public static string Aquire_Token()
{
AuthenticationResult authenticationResult = null;
try
{
string authority = ConfigurationManager.AppSettings["Authority"];
AuthenticationContext authenticationContext = new AuthenticationContext(authority, false);
string certfile = ConfigurationManager.AppSettings["ClientCertificatePfx"];
X509Certificate2 cert = new X509Certificate2(certfile, ConfigurationManager.AppSettings["ClientCertificatePfxPassword"], X509KeyStorageFlags.MachineKeySet);
ClientAssertionCertificate cac = new ClientAssertionCertificate(CLIENTID, cert);
authenticationResult = authenticationContext.AcquireToken(RESOURCEID, cac);
}
catch (Exception ex)
{
Console.WriteLine("Issue with Aquireing Token :" + ex.Message);
}
return authenticationResult.AccessToken;
}
}
我在尝试启动试图联系 Microsoft outlook 的控制台应用程序时收到身份验证错误 api。我使用控制台日志创建了这个应用程序,我将在这个问题中显示它。似乎我在尝试静默获取令牌时遇到此错误,但从我看到的每个示例来看,我似乎都在正确地做这件事。 这是我看到的导致错误的两个函数。
用于身份验证的令牌获取功能:
private static string EMAIL_SERVICE_ACCOUNT = "********@dell.com";
private static string EMAIL_SERVICE_PWD = "*******";
private static string ClientID = "************************";
private static string ClientSecret ="**********************";
private static Uri ReturnUri = new Uri("https://localhost:44300/");
private static string CommonAuthority = "https://login.windows.net/Common";
public static AuthenticationContext AuthContext { get; set; }
private static async Task<AuthenticationResult> AcquireTokenAsync(string authContextUrl, string resourceId)
{
AuthenticationResult ar = null;
try
{
AuthContext = new AuthenticationContext(authContextUrl);
if (AuthContext.TokenCache.ReadItems().Count() > 0)
{
string cachedAuthority =
AuthContext.TokenCache.ReadItems().First().Authority;
AuthContext = new AuthenticationContext(cachedAuthority);
}
//ClientCredential clientCredential = new ClientCredential(ClientID, ClientSecret); << not invoking this
ar = (await AuthContext.AcquireTokenSilentAsync(resourceId, ClientID));
}
catch (Exception e)
{
//not in cache; we'll get it with the full oauth flow
if (e.InnerException != null)
Console.WriteLine("Inner exception: {0}", e.InnerException);
}
if (ar == null)
{
try
{
UserCredential uc = new UserCredential(EMAIL_SERVICE_ACCOUNT, EMAIL_SERVICE_PWD);
ar = AuthContext .AcquireToken(resourceId, ClientID, uc);
}
catch (Exception acquireEx)
{
//utter failure here, we need let the user know we just can't do it
Console.WriteLine("Error trying to acquire authentication result: " + acquireEx.Message);
if (acquireEx.InnerException != null)
Console.WriteLine("Inner exception: {0}", acquireEx.InnerException);
}
}
return ar;
}
这是我创建 OutLook 客户端的函数
private static async Task<OutlookServicesClient> GetOutlookClient()
{
OutlookServicesClient oc = null;
try
{
string MAIL_RESOURCE_ID = "https://outlook.office365.com";
AuthenticationResult ar = await AcquireTokenAsync(CommonAuthority, MAIL_RESOURCE_ID);
if (ar != null)
{
oc = new OutlookServicesClient(new Uri("https://outlook.office365.com/api/v1.0"), () =>
Task.Run(() =>
{
return ar.AccessToken;
}));
}
}
catch (Exception ex)
{
Console.WriteLine("Error getting Outlook client: " + ex.Message);
if (ex.InnerException != null)
Console.WriteLine("Inner exception: {0}", ex.InnerException);
}
return oc;
}
这是我遇到的错误
好的,我找到了解决我想做的事情的方法,我决定继续使用 x509 证书 v2 来解决这个问题,我还发现这对我的项目来说效果更好因为它将成为一个控制台应用程序。这是我的代码片段,可以有效地获取令牌以便针对 Azure 进行身份验证。 509 证书以获取身份验证令牌:
public static string Aquire_Token()
{
AuthenticationResult authenticationResult = null;
try
{
string authority = ConfigurationManager.AppSettings["Authority"];
AuthenticationContext authenticationContext = new AuthenticationContext(authority, false);
string certfile = ConfigurationManager.AppSettings["ClientCertificatePfx"];
X509Certificate2 cert = new X509Certificate2(certfile, ConfigurationManager.AppSettings["ClientCertificatePfxPassword"], X509KeyStorageFlags.MachineKeySet);
ClientAssertionCertificate cac = new ClientAssertionCertificate(CLIENTID, cert);
authenticationResult = authenticationContext.AcquireToken(RESOURCEID, cac);
}
catch (Exception ex)
{
Console.WriteLine("Issue with Aquireing Token :" + ex.Message);
}
return authenticationResult.AccessToken;
}
}