使用509证书进行身份验证时未生成令牌

Question

尝试启动试图与Microsoft Outlook API联系的控制台应用程序时出现身份验证错误。我用控制台日志创建了这个应用程序，我将在这个问题中显示。似乎我试图默默地获取令牌时出现此错误，但从我看到的每个示例看来，似乎我都在正确地执行此操作。这些是我看到的两个功能导致的错误。

认证

标记获取功能：

private static string EMAIL_SERVICE_ACCOUNT = "********@dell.com"; 
    private static string EMAIL_SERVICE_PWD = "*******";   
    private static string ClientID = "************************"; 
    private static string ClientSecret ="**********************"; 
    private static Uri ReturnUri = new Uri("https://localhost:44300/"); 
    private static string CommonAuthority = "https://login.windows.net/Common"; 
    public static AuthenticationContext AuthContext { get; set; } 
    private static async Task<AuthenticationResult> AcquireTokenAsync(string authContextUrl, string resourceId) 
    { 
     AuthenticationResult ar = null; 
     try 
     {    
      AuthContext = new AuthenticationContext(authContextUrl);    

      if (AuthContext.TokenCache.ReadItems().Count() > 0) 
      { 
       string cachedAuthority = 
        AuthContext.TokenCache.ReadItems().First().Authority; 
       AuthContext = new AuthenticationContext(cachedAuthority); 
      } 

      //ClientCredential clientCredential = new ClientCredential(ClientID, ClientSecret); << not invoking this 
      ar = (await AuthContext.AcquireTokenSilentAsync(resourceId, ClientID)); 
     } 
     catch (Exception e) 
     { 
      //not in cache; we'll get it with the full oauth flow 
      if (e.InnerException != null) 
       Console.WriteLine("Inner exception: {0}", e.InnerException); 
     } 

     if (ar == null) 
     { 
      try 
      { 
       UserCredential uc = new UserCredential(EMAIL_SERVICE_ACCOUNT, EMAIL_SERVICE_PWD); 
       ar = AuthContext .AcquireToken(resourceId, ClientID, uc); 
      } 
      catch (Exception acquireEx) 
      { 
       //utter failure here, we need let the user know we just can't do it 
       Console.WriteLine("Error trying to acquire authentication result: " + acquireEx.Message); 
       if (acquireEx.InnerException != null) 
        Console.WriteLine("Inner exception: {0}", acquireEx.InnerException); 
      } 
     } 
     return ar; 
    } 

这是我的函数创建Outlook客户端

  private static async Task<OutlookServicesClient> GetOutlookClient() 
    { 
     OutlookServicesClient oc = null; 

     try 
     { 
      string MAIL_RESOURCE_ID = "https://outlook.office365.com"; 

      AuthenticationResult ar = await AcquireTokenAsync(CommonAuthority, MAIL_RESOURCE_ID); 

      if (ar != null) 
      { 
       oc = new OutlookServicesClient(new Uri("https://outlook.office365.com/api/v1.0"),() => 
       Task.Run(() => 
       { 
        return ar.AccessToken; 
       })); 
      } 
     } 
     catch (Exception ex) 
     { 
      Console.WriteLine("Error getting Outlook client: " + ex.Message); 
      if (ex.InnerException != null) 
       Console.WriteLine("Inner exception: {0}", ex.InnerException); 
     } 

     return oc; 
    } 

这是我得到的错误

Answer 1

好我找到了我想做的工作，我为了解决这个问题，我决定继续使用x509 cert v2，我还发现这对我的项目来说会更好，因为它将成为一个控制台应用程序。这是我的代码的一个片段，有效地获取令牌以便对Azure进行身份验证。 509获得授权令牌的证书：

public static string Aquire_Token() 
    { 
     AuthenticationResult authenticationResult = null; 
     try 
     { 
      string authority = ConfigurationManager.AppSettings["Authority"]; 

      AuthenticationContext authenticationContext = new AuthenticationContext(authority, false); 

      string certfile = ConfigurationManager.AppSettings["ClientCertificatePfx"]; 

      X509Certificate2 cert = new X509Certificate2(certfile, ConfigurationManager.AppSettings["ClientCertificatePfxPassword"], X509KeyStorageFlags.MachineKeySet); 

      ClientAssertionCertificate cac = new ClientAssertionCertificate(CLIENTID, cert); 

      authenticationResult = authenticationContext.AcquireToken(RESOURCEID, cac); 
     } 

     catch (Exception ex) 
     { 
      Console.WriteLine("Issue with Aquireing Token :" + ex.Message); 
     } 
     return authenticationResult.AccessToken; 
    } 
}