在没有 PublicClientApplicationBuilder 和 AcquireTokenInteractive 的情况下获取 EWS 的 MSAL 委托权限
Get delegate permission in MSAL for EWS without PublicClientApplicationBuilder and AcquireTokenInteractive
在 EWS OAuth 流程中,我们可以通过以下方式获得委托权限:
var pcaOptions = new PublicClientApplicationOptions
{
ClientId = ConfigurationManager.AppSettings["appId"],
TenantId = ConfigurationManager.AppSettings["tenantId"]
};
var pca = PublicClientApplicationBuilder
.CreateWithApplicationOptions(pcaOptions).Build();
// The permission scope required for EWS access
var ewsScopes = new string[] { "https://outlook.office.com/EWS.AccessAsUser.All" };
// Make the interactive token request
var authResult = await pca.AcquireTokenInteractive(ewsScopes).ExecuteAsync();
以上代码打开用于输入 Username/Password.
的对话框
有什么方法可以通过在代码本身中提供凭据来绕过对话框和请求令牌,但仅具有委派权限
是的,你说的是 ROPC https://docs.microsoft.com/en-us/azure/active-directory//develop/v2-oauth-ropc。由于围绕直接处理凭据的信任问题,通常不鼓励以这种方式使用凭据。您需要确保的一件事是,在您的申请注册中,您有
Treat application as a public client.
Select 在身份验证标签中(在最底部)
NetworkCredential Credentials = new NetworkCredential(UserName,Password);
pca.AcquireTokenByUsernamePassword(ewsScopes,Credentials.UserName, Credentials.SecurePassword).ExecuteAsync();
如果您正在寻找更安全的方式,请考虑使用托管身份 https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
在 EWS OAuth 流程中,我们可以通过以下方式获得委托权限:
var pcaOptions = new PublicClientApplicationOptions
{
ClientId = ConfigurationManager.AppSettings["appId"],
TenantId = ConfigurationManager.AppSettings["tenantId"]
};
var pca = PublicClientApplicationBuilder
.CreateWithApplicationOptions(pcaOptions).Build();
// The permission scope required for EWS access
var ewsScopes = new string[] { "https://outlook.office.com/EWS.AccessAsUser.All" };
// Make the interactive token request
var authResult = await pca.AcquireTokenInteractive(ewsScopes).ExecuteAsync();
以上代码打开用于输入 Username/Password.
的对话框有什么方法可以通过在代码本身中提供凭据来绕过对话框和请求令牌,但仅具有委派权限
是的,你说的是 ROPC https://docs.microsoft.com/en-us/azure/active-directory//develop/v2-oauth-ropc。由于围绕直接处理凭据的信任问题,通常不鼓励以这种方式使用凭据。您需要确保的一件事是,在您的申请注册中,您有
Treat application as a public client.
Select 在身份验证标签中(在最底部)
NetworkCredential Credentials = new NetworkCredential(UserName,Password);
pca.AcquireTokenByUsernamePassword(ewsScopes,Credentials.UserName, Credentials.SecurePassword).ExecuteAsync();
如果您正在寻找更安全的方式,请考虑使用托管身份 https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview