最后,AcquireToken只是向您的STS发送https请求。你可以很容易地自己模拟这个。该请求是这样的(对于AAD):
POST https://login.microsoftonline.com/your-tenant-id/oauth2/token HTTP/1.1
Accept: application/json
x-client-Ver: 3.13.5.907
x-client-CPU: x64
x-client-OS: Microsoft Windows NT 6.2.9200.0
x-ms-PKeyAuth: 1.0
client-request-id: 10a9f6d3-1247-493e-874f-fab04e1427c7
return-client-request-id: true
Content-Type: application/x-www-form-urlencoded
Host: login.microsoftonline.com
Content-Length: 183
Expect: 100-continue
Connection: Keep-Alive
resource=your-resource-guid&client_id=your-lcient-guid&client_secret=***** CREDENTIALS REMOVED HERE *****&grant_type=client_credentials
这是很容易与Web客户端(体育专业; How to fill forms and submit with Webclient in C#)做。服务器的响应通常是这样的:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
...
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
client-request-id: 10a9f6d3-1247-493e-874f-fab04e1427c7
x-ms-request-id: bla-bla
…
X-Powered-By: ASP.NET
Date: Thu, 23 Feb 2017 08:35:26 GMT
Content-Length: 1278
{"token_type":"Bearer","expires_in":"3599","ext_expires_in":"10800","expires_on":"1487842528","not_before":"1487838628","resource":"your-resource-id","access_token":"your-access-token"}
结果是JSON和令牌处于“ACCESS_TOKEN”字段。您可以使用Fiddler这样的工具来获得您的请求,但这基本上就是这样。 (您可能会使用Newtonsoft来正确地反序列化json。)
不要让我这么说,那是所有ADAL都会为您做的。此外,ADAL还可以执行令牌缓存等任务,因此不必在每次调用时都请求令牌,并自动处理到期等。但是,使用一些代码,您也可以自行滚动该令牌。 希望这有助于。