带有 azure return 登录页面的安全 Web API
Secured Web API with azure return a sign-in page
我使用 .net core 3.1 构建了一个网络 API,并使用 Azure Active Directory 对其进行了保护。
当我尝试使用访问令牌从 Postman 连接到它时,我收到登录 html 作为响应。在这两种情况下,我都从 https://developer.microsoft.com/en-us/graph/graph-explorer or by connecting to https://login.microsoftonline.com/tenant-id/oauth2/v2.0/token 生成了令牌 我得到了相同的结果
我在 appsetting.json 文件中的 Azure 设置
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"ClientId": "my-client-id",
"ClientSecret": "my-client-secret",
"Domain": "mydomain.com",
"TenantId": "my-Tenant-id"
}
Startup.cs
public class Startup
{
public Startup(IWebHostEnvironment environment)
{
var builder = new ConfigurationBuilder()
.SetBasePath(environment.ContentRootPath)
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddEnvironmentVariables();
Configuration = builder.Build();
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers();
services.AddMicrosoftIdentityWebApiAuthentication(Configuration);
services.AddTransient(typeof(IService<>), typeof(Service<>));
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
我的控制器
[Authorize]
[Route("api/[controller]")]
[ApiController]
public class ValuesController : ControllerBase
{
[HttpGet]
public IActionResult Get()
{
return Ok("value");
}
}
这里有详细的sample on how you can make this flow work. Have you created a scope as mentioned in Step 2> step 6 and used it while hitting the token endpoint? I am not sure how you can get a valid token for this scenario from MS graph explorer as this is your own API. Use the azure ad's token endpoint获取有效令牌。希望这可以帮助。如果这能解决您的问题,请标记为已验证。
我使用 .net core 3.1 构建了一个网络 API,并使用 Azure Active Directory 对其进行了保护。 当我尝试使用访问令牌从 Postman 连接到它时,我收到登录 html 作为响应。在这两种情况下,我都从 https://developer.microsoft.com/en-us/graph/graph-explorer or by connecting to https://login.microsoftonline.com/tenant-id/oauth2/v2.0/token 生成了令牌 我得到了相同的结果
我在 appsetting.json 文件中的 Azure 设置
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"ClientId": "my-client-id",
"ClientSecret": "my-client-secret",
"Domain": "mydomain.com",
"TenantId": "my-Tenant-id"
}
Startup.cs
public class Startup
{
public Startup(IWebHostEnvironment environment)
{
var builder = new ConfigurationBuilder()
.SetBasePath(environment.ContentRootPath)
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddEnvironmentVariables();
Configuration = builder.Build();
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddControllers();
services.AddMicrosoftIdentityWebApiAuthentication(Configuration);
services.AddTransient(typeof(IService<>), typeof(Service<>));
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
我的控制器
[Authorize]
[Route("api/[controller]")]
[ApiController]
public class ValuesController : ControllerBase
{
[HttpGet]
public IActionResult Get()
{
return Ok("value");
}
}
这里有详细的sample on how you can make this flow work. Have you created a scope as mentioned in Step 2> step 6 and used it while hitting the token endpoint? I am not sure how you can get a valid token for this scenario from MS graph explorer as this is your own API. Use the azure ad's token endpoint获取有效令牌。希望这可以帮助。如果这能解决您的问题,请标记为已验证。