无法使用 PowerShell 获取 https://management.azure.com/ 的刷新令牌
Unable to get refresh token of https://management.azure.com/ using PowerShell
我正在尝试使用 PowerShell 获取“https://management.azure.com/”资源的访问令牌和刷新令牌,但我得到的是唯一的访问令牌。我也需要一个刷新令牌。我分享我的代码如下。
$clientID = '1xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
$secretKey = 'kdfudifkldfliKASDFKkdfjd-ddkjfidysikd'
$tenantID = 'fxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
$password = ConvertTo-SecureString -String $secretKey -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential($ClientID,$password)
Connect-AzureRmAccount -ServicePrincipal -Credential $credential -Tenant $tenantID
$authUrl = "https://login.windows.net/" + $tenantID + "/oauth2/token/"
$body = @{
"resource" = "https://management.azure.com/";
"grant_type" = "client_credentials";
"client_id" = $ClientID
"client_secret" = $secretKey
}
Write-Output "Getting Authentication-Token ..."
$adlsToken = Invoke-RestMethod -Uri $authUrl –Method POST -Body $body
Write-Output $adlsToken
------------输出-------------
Getting Authentication-Token ...
token_type : Bearer
expires_in : 3599
ext_expires_in : 3599
expires_on : 1597999269
not_before : 1597995369
resource : https://management.azure.com/
access_token : J0uYFoioURT4CdISuUrRrr...
规范规定 客户端凭据 授权类型不得允许颁发刷新令牌。所以答案是,您必须使用不同的授权类型来接收带有访问令牌的刷新令牌。
因此,建议您使用auth code flow,它会在您请求令牌时return向您刷新令牌。
更新:
我正在尝试使用 PowerShell 获取“https://management.azure.com/”资源的访问令牌和刷新令牌,但我得到的是唯一的访问令牌。我也需要一个刷新令牌。我分享我的代码如下。
$clientID = '1xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
$secretKey = 'kdfudifkldfliKASDFKkdfjd-ddkjfidysikd'
$tenantID = 'fxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
$password = ConvertTo-SecureString -String $secretKey -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential($ClientID,$password)
Connect-AzureRmAccount -ServicePrincipal -Credential $credential -Tenant $tenantID
$authUrl = "https://login.windows.net/" + $tenantID + "/oauth2/token/"
$body = @{
"resource" = "https://management.azure.com/";
"grant_type" = "client_credentials";
"client_id" = $ClientID
"client_secret" = $secretKey
}
Write-Output "Getting Authentication-Token ..."
$adlsToken = Invoke-RestMethod -Uri $authUrl –Method POST -Body $body
Write-Output $adlsToken
------------输出-------------
Getting Authentication-Token ...
token_type : Bearer
expires_in : 3599
ext_expires_in : 3599
expires_on : 1597999269
not_before : 1597995369
resource : https://management.azure.com/
access_token : J0uYFoioURT4CdISuUrRrr...
规范规定 客户端凭据 授权类型不得允许颁发刷新令牌。所以答案是,您必须使用不同的授权类型来接收带有访问令牌的刷新令牌。
因此,建议您使用auth code flow,它会在您请求令牌时return向您刷新令牌。
更新: