1. 首页
  2. 问答
  3. 如何在Azure Active Directory中授权而不使用对话框?

如何在Azure Active Directory中授权而不使用对话框?

2016-11-28 77 views
1

我的应用程序显示我所有用户的电源bi帐户的仪表板,我通过对话框授权Azure Active Directory以获取访问令牌。我可以在不使用授权对话框的情况下硬编码我的凭证并获取访问令牌。 代码。它可以工作,但它使用授权对话框。如何在Azure Active Directory中授权而不使用对话框?

  var @params = new NameValueCollection 
     { 
      {"response_type", "code"}, 
      {"client_id", Properties.Settings.Default.ClientID}, 
      {"resource", "https://analysis.windows.net/powerbi/api"}, 
      {"redirect_uri", "http://localhost:13526/Redirect"} 
     }; 


     var queryString = HttpUtility.ParseQueryString(string.Empty); 
     queryString.Add(@params); 

     string authorityUri = "https://login.windows.net/common/oauth2/authorize/"; 
     var authUri = String.Format("{0}?{1}", authorityUri, queryString); 
     Response.Redirect(authUri); 


     Redirect.aspx 
     string redirectUri = "http://localhost:13526/Redirect"; 
     string authorityUri = "https://login.windows.net/common/oauth2/authorize/"; 

     string code = Request.Params.GetValues(0)[0]; 

     TokenCache TC = new TokenCache(); 

     AuthenticationContext AC = new AuthenticationContext(authorityUri, TC); 
     ClientCredential cc = new ClientCredential 
      (Properties.Settings.Default.ClientID, 
      Properties.Settings.Default.ClientSecret); 

     AuthenticationResult AR = AC.AcquireTokenByAuthorizationCode(code, new Uri(redirectUri), cc); 

     Session[_Default.authResultString] = AR; 

     Response.Redirect("/Default.aspx"); 
     Default.aspx 
     string responseContent = string.Empty; 

     System.Net.WebRequest request = System.Net.WebRequest.Create(String.Format("{0}dashboards", baseUri)) as System.Net.HttpWebRequest; 
     request.Method = "GET"; 
     request.ContentLength = 0; 
     request.Headers.Add("Authorization", String.Format("Bearer {0}", authResult.AccessToken)); 

     using (var response = request.GetResponse() as System.Net.HttpWebResponse) 
     { 
      using (var reader = new System.IO.StreamReader(response.GetResponseStream())) 
      { 
       responseContent = reader.ReadToEnd(); 
       PBIDashboards PBIDashboards = JsonConvert.DeserializeObject<PBIDashboards>(responseContent); 
      } 
     }

来源

2016-11-28 Jhon Milan

+0

你能分享一些代码,你已经尝试执行相同的,也有一些可能出现的错误或异常 – Rishabh

+0

我希望它应该可以帮助你把这个答案在https://community.powerbi.com/t5/Developer/How-to-use-Power-BI-Rest-API-without-GUI-authentication-redirect/td-p/6030 –

回答

3

我这样做了一次,没有使用ADAL。对于Power BI,由于它们不提供应用程序权限,只能委托。

您需要的是用grant_type=password调用AAD令牌端点。您将在表单参数中指定用户名和密码,以及客户端ID,客户端密钥和资源URI。

这里是我写的函数:这​​里

private async Task<string> GetAccessToken() 
{ 
    string tokenEndpointUri = Authority + "oauth2/token"; 

    var content = new FormUrlEncodedContent(new [] 
     { 
      new KeyValuePair<string, string>("grant_type", "password"), 
      new KeyValuePair<string, string>("username", Username), 
      new KeyValuePair<string, string>("password", Password), 
      new KeyValuePair<string, string>("client_id", ClientId), 
      new KeyValuePair<string, string>("client_secret", ClientSecret), 
      new KeyValuePair<string, string>("resource", PowerBiResourceUri) 
     } 
    ); 

    using (var client = new HttpClient()) 
    { 
     HttpResponseMessage res = await client.PostAsync(tokenEndpointUri, content); 

     string json = await res.Content.ReadAsStringAsync(); 

     AzureAdTokenResponse tokenRes = JsonConvert.DeserializeObject<AzureAdTokenResponse>(json); 

     return tokenRes.AccessToken; 
    } 
}

管理局https://login.microsoftonline.com/tenant-id/。下面是我使用的响应类:

class AzureAdTokenResponse 
{ 
    [JsonProperty("access_token")] 
    public string AccessToken { get; set; } 
}

来源

2016-11-28 13:00:58 juunas

+0

你是天才。我没有想到,一个web应用程序可以用于非交互式获取访问令牌的方式。 – sam

0

我希望使用UserCreadential你必须给用户名和Azure订阅的密码,你可以得到的accessToken并调用您的API。我希望它能帮助你。

string ResourceUrl="https://analysis.windows.net/powerbi/api"; 
string ClientId=Properties.Settings.Default.ClientID;//as per your code 
AuthenticationContext authenticationContext = new AuthenticationContext(Constants.AuthString, false); 
UserCredential csr = new UserCredential("your-username", "password"); 
AuthenticationResult authenticationResult = authenticationContext.AcquireToken(ResourceUrl,ClientId, usr); 
string token = authenticationResult.AccessToken;

来源

2016-11-28 13:12:20

+0

获取例外附加信息:AADSTS70002:请求主体必须包含以下参数:'client_secret或client_assertion'。 Constants.AuthString = https://login.windows.net/common/oauth2/authorize/ 如果我将client_id更改为client_secret,我将得到异常未找到的应用程序 –

相关问题

 相关问题