如何在 Azure AD 中验证用户名和密码?
How do I validate a username and password in Azure AD?
我想要一个示例代码来允许用户在 Azure AD 中使用他们的用户名和密码登录。登录成功后,我想获取一个Access Token
目前我与 Azure AD 没有任何联系,我硬编码了一个用户。
// POST api/values
[HttpPost, Route("login")]
public IActionResult Login([FromBody] LoginModel user)
{
if (user == null)
{
return BadRequest("Invalid client request");
}
if (user.UserName == "JO3434" && user.Password == "defDDMKJM")
{
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("superSMKLJMKey@345"));
var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, user.UserName)
};
var token = new JwtSecurityToken(
audience: "http://site.azurewebsites.net",
issuer: "http://site.azurewebsites.net",
claims: claims,
expires: DateTime.Now.AddMinutes(60),
signingCredentials: signinCredentials
);
var results = new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
};
return Ok(results);
}
else
{
return Unauthorized();
}
}
}
没有与 Azure AD 连接,您无法验证用户,而且我认为没有必要这样做,如果您使用 AcquireTokenByUsernamePassword
methond, it essentially uses the Azure AD ROPC flow 获得令牌,它会自动为您验证用户,如果用户无效,会报错Error validating credentials due to invalid username or password
.
我想要一个示例代码来允许用户在 Azure AD 中使用他们的用户名和密码登录。登录成功后,我想获取一个Access Token
目前我与 Azure AD 没有任何联系,我硬编码了一个用户。
// POST api/values
[HttpPost, Route("login")]
public IActionResult Login([FromBody] LoginModel user)
{
if (user == null)
{
return BadRequest("Invalid client request");
}
if (user.UserName == "JO3434" && user.Password == "defDDMKJM")
{
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("superSMKLJMKey@345"));
var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, user.UserName)
};
var token = new JwtSecurityToken(
audience: "http://site.azurewebsites.net",
issuer: "http://site.azurewebsites.net",
claims: claims,
expires: DateTime.Now.AddMinutes(60),
signingCredentials: signinCredentials
);
var results = new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
};
return Ok(results);
}
else
{
return Unauthorized();
}
}
}
没有与 Azure AD 连接,您无法验证用户,而且我认为没有必要这样做,如果您使用 AcquireTokenByUsernamePassword
methond, it essentially uses the Azure AD ROPC flow 获得令牌,它会自动为您验证用户,如果用户无效,会报错Error validating credentials due to invalid username or password
.