Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
243 views
in Technique[技术] by (71.8m points)

c# - Get the access token in asp.net web forms

I want to get the access token to call some apis in my web form application , but I want to say that application already is a big project , and I don't want to use any library, I only want to click a button, enter name/password, and get access token , all I want to do is inside a page code , not anything other may affect the whole project , such as install a library .

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Getting an access token to Azure Active Directory on behalf of a user only requires that you follow the Authorization Code Grant Flow.

While our libraries make this REALLY simple to accomplish (see here), they are absolutely not required.

Learn about the OAuth 2 Protocol here: Authorize access to web applications using OAuth 2.0 and Azure Active Directory

The short summary of the content is:

  1. Register an AAD Application
  2. Have a user login to your application using a specific login url which contains information about your application identity.

    https://login.microsoftonline.com/{tenant}/oauth2/authorize? client_id=6731de76-14a6-49ae-97bc-6eba6914391e &response_type=code &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F &response_mode=query &resource=https%3A%2F%2Fservice.contoso.com%2F &state=12345

  3. This will return an Authorization Code to the Redirect URI, which you will need to exchange for an access token:

    POST /{tenant}/oauth2/token HTTP/1.1 Host: https://login.microsoftonline.com Content-Type: application/x-www-form-urlencoded grant_type=authorization_code &client_id=2d4d11a2-f814-46a7-890a-274a72a7309e &code=AwABAAAA... &redirect_uri=https%3A%2F%2Flocalhost%2Fmyapp%2F &resource=https%3A%2F%2Fservice.contoso.com%2F &client_secret=p@ssw0rd

  4. If you did everything successfully, you should now be in possession of an Access Token. Feel free to call your APIs now. :)


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...