获取 Azure 区块链项目的不记名令牌

Get bearer Token for Azure Blockchain project

我正在尝试创建一个应用程序,自动将数据发送到我的 Azure 区块链上的智能合约 Workbench。

问题是,我不明白如何获取不记名令牌。有一个在线示例,我可以了解如何使用 GET 和 POST 请求调用 API。但我必须提交一个客户端应用程序 ID、一个客户端密码和一个资源 ID。我从哪里得到它们?

非常感谢您的帮助和想法!!

class Program
{
    public static readonly string AUTHORITY = "https://login.microsoftonline.com/XXX";
    public static readonly string WORKBENCH_API_URL = "https://XXX-api.azurewebsites.net";
    public static readonly string RESOURCE = "XXX";
    public static readonly string CLIENT_APP_Id = "XXX";
    public static readonly string CLIENT_SECRET = "XXX";

    static async Task Main(string[] args)
    {
        AuthenticationContext authenticationContext = new AuthenticationContext(AUTHORITY);
        ClientCredential clientCredential = new ClientCredential(CLIENT_APP_Id, CLIENT_SECRET);

        // Sample API Call
        try
        {
            // Getting the token, it is recommended to call AcquireTokenAsync before every Workbench API call
            // The library takes care of refreshing the token when it expires
            var result = await authenticationContext.AcquireTokenAsync(RESOURCE, clientCredential).ConfigureAwait(false);

            Console.WriteLine(result.AccessToken);

            // Using token to call Workbench's API
            //HttpClient client = new HttpClient();
            //client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
            //client.DefaultRequestHeaders
            //                .Accept
            //                .Add(new MediaTypeWithQualityHeaderValue("application/json"));

            //// Get Users
            //var response = await client.GetAsync($"{WORKBENCH_API_URL}/api/v1/contracts");
            //var users = await response.Content.ReadAsStringAsync();


            var client = new HttpClient();
            client.DefaultRequestHeaders.Accept.Add(
                new MediaTypeWithQualityHeaderValue("application/json"));
            client.DefaultRequestHeaders.Add("Bearer", result.AccessToken);
            var content = await client.GetStringAsync($"{WORKBENCH_API_URL}/api/v1/contracts");


            Console.WriteLine(content);
        }
        catch (Exception e)
        {
            Console.WriteLine(e);
        }
    }
}

}

根据我的测试,当我们成功创建Azure区块链workbench时,我们需要在第一次访问Azure区块链workbench时配置Azure AD,我们将在以下位置创建Azure AD应用程序同一时间。资源是 Azure AD 应用程序的应用程序 ID 或应用程序 url。更多详情,请参考document

例如

  1. Access Azure Blockchain workbench

  2. 配置 Azure AD

  3. Create a Service Principal to Access Workbench API

cd; Invoke-WebRequest -Uri https://aka.ms/createWorkbenchServicePrincipalScript -OutFile createWorkbenchServicePrincipal.ps1
./createWorkbenchServicePrincipal.ps1 -TenantName <the tenant you use above> -WorkbenchAppId <the appid you copy> -MakeAdmin (optional)

  1. 获取令牌
Method: POST
URL: https://login.microsoftonline.com/<tenant id>/oauth2/token
Headers: Content-Type: application/x-www-form-urlencoded

Body:
     grant_type: client_credentials 
     client_id: <sp client id>
     client_secret:<sp client secret>
     resource: <the app id>

  1. 呼叫休息api
URL: {WORKBENCH_API_URL}/api/v1/users
Headers: Authorization Bearer <access_token>