我写了一个新的应用程序访问办公室数据通过REST API,所以我想用新的 认证模型(V2.0端点)ADAL - AcquireTokenSilentAsync失败(Azure的Active Directory验证库)
What's different about the v2.0 endpoit
我可以得到令牌通过调用
private static string[] scopes = { "https://outlook.office.com/mail.read", "https://outlook.office.com/calendars.read" };
public async Task<ActionResult> SignIn()
{
... SNIP
Uri authUri = await authContext.GetAuthorizationRequestUrlAsync(scopes, null, clientId, redirectUri, new UserIdentifier("[email protected]", UserIdentifierType.RequiredDisplayableId), null);
return Redirect(authUri.ToString());
}
authContext.AcquireTokenByAuthorizationCodeAsync(authCode, redirectUri, credential, scopes)
问题是
第二个电话3210public async Task<ActionResult> SignIn()
{
... SNIP
var authResult = authContext.AcquireTokenSilentAsync(scopes, clientId, new UserIdentifier("[email protected]", UserIdentifierType.RequiredDisplayableId))
}
返回的标记包含UniqueId,但该信息未存储在令牌对象中。令牌的UserInfo始终为空。由于此字段为空,令牌缓存无法找到该令牌。
谢谢你的提示和想法
返回的标记
{
"aud":"https://outlook.office.com",
"iss":"https://sts.windows.net/f2ac6f3f-3df0-4068-a677-e4dfdf924b2/",
"iat":146 dfdf21,
"nbf":146 dfdf4621,
"exp":1463 dfdf38521,
"acr":"1",
"amr":[
"pwd"
],
"appid":"b13dfdf9-0561-4dfdff5-945c-778dfdf0de5cd",
"appidacr":"1",
"family_name":"Pan",
"given_name":"Peter",
"ipaddr":"12.12.12.17",
"name":"Peter Pan",
"oid":"4b83dfdfdb-f6db-433e-b70a-2f9a6dbbeb48",
"puid":"100dfdfdfF5FBC",
"scp":"Calendars.Read Mail.Read Mail.ReadWrite",
"sub":"Z-chdfdsfnWqduUkCGZpsIdp-fdhpMMqqtwcHGs",
"tid":"f2ac6f3f-3560-4068-a677-e4bfe0c924b2",
"unique_name":"[email protected]",
"upn":"[email protected]",
"ver":"1.0"
}
类似的问题: Here
目前,我已经使用此解决方法,但是这种方式不能使用内置于ADAL库的令牌缓存 –