C#如何做一个授权方法
C# How to do an authorization method
我需要从 dynamics finance and operations 中检索实体记录,我在 Postman 中完成了它,但现在我需要使用代码进行同样的操作。我正在使用 asp.net 核心,当我尝试检索实体时,响应给了我 HTML。我发现是因为授权需要与 postman 相同,后者是 post 操作,其中包含 grant_type、clientId、客户端密码和资源。
如何使用 grant_type、clientId、客户端密码和资源参数在 C# 中执行 post 操作以获取访问令牌?
你有2个选项。在任何一种情况下,您都可以快速阅读 Microsoft identity platform and the OAuth 2.0 client credentials flow.
- 使用 MSAL client library (note ADAL is deprecated now). Below is a quick code snippet. Full example can be found here. Also, read more here.
var app = ConfidentialClientApplicationBuilder.Create("<client id>")
.WithClientSecret("<client secret>")
.WithAuthority(new Uri("<authority>")) // authority = https://login.microsoftonline.com/{tenant}
.Build();
// With client credentials flows the scopes is ALWAYS of the shape "resource/.default", as the
// application permissions need to be set statically (in the portal or by PowerShell), and then granted by a tenant administrator
var scopes = new string[] { "<scope>" };
var result = await app.AcquireTokenForClient(scopes)
.ExecuteAsync();
var accessToken = result.AccessToken;
// call api with http authorization header
// Authorization: Bearer <Access Token>
- 使用 REST API 直接从 C# 代码使用 httpClient。
var client = new HttpClient(); // just for example I am creating the client inline
var result = await client.PostAsync(
"https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token",
new FormUrlEncodedContent(new[]
{
{"client_id", "<client id>"},
{"grant_type", "client_credentials"},
{"client_secret", "<client secret>"},
{"scope", "<scope>"},
}));
var responseBody = await result.Content.ReadAsStringAsync();
// response would be a JSON, just extract token from it
var accessToken = (string)JToken.Parse(responseBody)["access_token"];
// call api with http authorization header
// Authorization: Bearer <Access Token>
我需要从 dynamics finance and operations 中检索实体记录,我在 Postman 中完成了它,但现在我需要使用代码进行同样的操作。我正在使用 asp.net 核心,当我尝试检索实体时,响应给了我 HTML。我发现是因为授权需要与 postman 相同,后者是 post 操作,其中包含 grant_type、clientId、客户端密码和资源。
如何使用 grant_type、clientId、客户端密码和资源参数在 C# 中执行 post 操作以获取访问令牌?
你有2个选项。在任何一种情况下,您都可以快速阅读 Microsoft identity platform and the OAuth 2.0 client credentials flow.
- 使用 MSAL client library (note ADAL is deprecated now). Below is a quick code snippet. Full example can be found here. Also, read more here.
var app = ConfidentialClientApplicationBuilder.Create("<client id>")
.WithClientSecret("<client secret>")
.WithAuthority(new Uri("<authority>")) // authority = https://login.microsoftonline.com/{tenant}
.Build();
// With client credentials flows the scopes is ALWAYS of the shape "resource/.default", as the
// application permissions need to be set statically (in the portal or by PowerShell), and then granted by a tenant administrator
var scopes = new string[] { "<scope>" };
var result = await app.AcquireTokenForClient(scopes)
.ExecuteAsync();
var accessToken = result.AccessToken;
// call api with http authorization header
// Authorization: Bearer <Access Token>
- 使用 REST API 直接从 C# 代码使用 httpClient。
var client = new HttpClient(); // just for example I am creating the client inline
var result = await client.PostAsync(
"https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token",
new FormUrlEncodedContent(new[]
{
{"client_id", "<client id>"},
{"grant_type", "client_credentials"},
{"client_secret", "<client secret>"},
{"scope", "<scope>"},
}));
var responseBody = await result.Content.ReadAsStringAsync();
// response would be a JSON, just extract token from it
var accessToken = (string)JToken.Parse(responseBody)["access_token"];
// call api with http authorization header
// Authorization: Bearer <Access Token>