gpt4 book ai didi

asp.net-mvc - 在 MVC 应用程序中获取访问 token

转载 作者:行者123 更新时间:2023-12-02 04:08:09 36 4
gpt4 key购买 nike

我正在尝试检索访问 token ,以便可以存储它,并稍后将其传递给 ExchangeService。Startup.Auth 看起来像这样:

 app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
UseTokenLifetime = false,
/*
* Skipping the Home Realm Discovery Page in Azure AD
* http://www.cloudidentity.com/blog/2014/11/17/skipping-the-home-realm-discovery-page-in-azure-ad/
*/
Notifications = new OpenIdConnectAuthenticationNotifications
{
RedirectToIdentityProvider = OpenIdConnectNotification.RedirectToIdentityProvider,
MessageReceived = OpenIdConnectNotification.MessageReceived,
SecurityTokenReceived = OpenIdConnectNotification.SecurityTokenReceived,
SecurityTokenValidated = OpenIdConnectNotification.SecurityTokenValidated,
AuthorizationCodeReceived = OpenIdConnectNotification.AuthorizationCodeReceived,
AuthenticationFailed = OpenIdConnectNotification.AuthenticationFailed
},

});

然后在 SecurityTokenValidated 中我这样做了:

public static async Task<Task>  SecurityTokenValidated(SecurityTokenValidatedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
{
string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
var authContext = new AuthenticationContext(aadInstance + "/oauth2/token", false);
var authResult =await authContext.AcquireTokenByAuthorizationCodeAsync(context.ProtocolMessage.Code,
new Uri(aadInstance), new ClientAssertion(clientId, "‎5a95f1c6be7bf3c61f6392ec84ddd044acef61d9"));
var accessToken = authResult.Result.AccessToken;
context.AuthenticationTicket.Identity.AddClaim(new Claim("access_token", accessToken));
return Task.FromResult(0);
}

我没有收到任何错误,但应用程序卡在这一行:

 var accessToken = authResult.Result.AccessToken;

ClientAssertion 是使用我在 IIS 中安装的 SSL 证书的指纹构建的,不确定证书类型是否错误...

更新:我更新了 SecurityTokenValidated 以反射(reflect) Saca 的评论,但我收到“AADSTS50027:无效的 JWT token 。 token 格式无效”错误。我也尝试过这段代码:

   string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
var authContext = new AuthenticationContext(aadInstance, false);
var cert = new X509Certificate2("...", "...");
var cacert = new ClientAssertionCertificate(clientId, cert);
var authResult = await authContext.AcquireTokenByAuthorizationCodeAsync(context.ProtocolMessage.Code, new Uri(aadInstance), cacert);
var accessToken = authResult.AccessToken;
context.AuthenticationTicket.Identity.AddClaim(new Claim("access_token", accessToken));
return Task.FromResult(0);

但这样我得到“AADSTS70002:验证凭据时出错。AADSTS50012:客户端断言包含无效签名。”

最佳答案

应用程序挂起,因为您通过访问 authResult 的 .Result 来阻止异步任务的结果。

您应该将其更改为:

public static async Task SecurityTokenValidated(SecurityTokenValidatedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> context)
{
string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
var authContext = new AuthenticationContext(aadInstance + "/oauth2/token", false);
var authResult = await authContext.AcquireTokenByAuthorizationCodeAsync(context.ProtocolMessage.Code,
new Uri(aadInstance), new ClientAssertion(clientId, "‎5a95f1c6be7bf3c61f6392ec84ddd044acef61d9"));
var accessToken = authResult.AccessToken;
context.AuthenticationTicket.Identity.AddClaim(new Claim("access_token", accessToken));
}

关于asp.net-mvc - 在 MVC 应用程序中获取访问 token ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/38338892/

36 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com