Azure API认证
我在C#代码中使用Azure,并使用以下库:
using Microsoft.Rest; using Microsoft.Rest.Azure.Authentication;
using Microsoft.Azure.Management.DataLake.Store;
using Microsoft.Azure.Management.DataLake.StoreUploader;
using Microsoft.Azure.Management.DataLake.Analytics;
using Microsoft.Azure.Management.DataLake.Analytics.Models;
using Microsoft.WindowsAzure.Storage.Blob;要创建与Azure的连接:
private static ServiceClientCredentials AuthenticateAzure(string domainName, string nativeClientAppCLIENTID)
{
// User login via interactive popup
SynchronizationContext.SetSynchronizationContext(new SynchronizationContext());
// Use the client ID of an existing AAD "Native Client" application.
var activeDirectoryClientSettings = ActiveDirectoryClientSettings.UsePromptOnly(nativeClientAppCLIENTID, new Uri("urn:ietf:wg:oauth:2.0:oob"));
return UserTokenProvider.LoginWithPromptAsync(domainName, activeDirectoryClientSettings).Result;
}当我打电话给LoginWithPromptAsync时,我得到了一个弹出窗口,它询问我的证书。我不希望每次我运行代码时都会出现这个弹出。除了创建Azure应用程序之外,还有什么方法可以想出这个东西吗?
我有一个ApplicationId,TenantId,CertificateThumbprint和SubscriptionId (下面)。我可以使用这些字段在没有提示的情况下验证是否为天蓝色?
回答 1
Stack Overflow用户
发布于 2016-12-22 06:03:59
我们可以使用函数UserTokenProvider.LoginSilentAsync(nativeClientAppClientid, domainName, userName, password)获得凭据,而无需弹出。它对我很好,下面是我的测试代码。如何注册WebApp请参阅文档。
static void Main(string[] args)
{
var certificate = AuthenticateAzure("your domain name", "Ad App client ID", "username", "password");
}
/// <summary>
/// Log in to azure active directory in non-interactive mode using organizational
// id credentials and the default token cache. Default service settings (authority,
// audience) for logging in to azure resource manager are used.
/// </summary>
/// <param name="domainName"> The active directory domain or tenant id to authenticate with</param>
/// <param name="nativeClientAppClientid"> The active directory client id for this application </param>
/// <param name="userName"> The organizational account user name, given in the form of a user principal name (e.g. user1@contoso.org).</param>
/// <param name="password"> The organizational account password.</param>
/// <returns>A ServiceClientCredentials object that can be used to authenticate http requests using the given credentials.</returns>
private static ServiceClientCredentials AuthenticateAzure(string domainName, string nativeClientAppClientid,string userName,string password)
{
return UserTokenProvider.LoginSilentAsync(nativeClientAppClientid, domainName, userName, password).Result;
}
更新:
有关如何注册AD应用程序和为应用程序分配角色的详细步骤,请参阅文档。在此之后,我们可以从Azure门户获得tenantId, appId, secretKey。然后,我们可以使用Microsoft.IdentityModel.Clients.ActiveDirectory SDK来获取用于api身份验证的令牌。
演示代码:
var subscriptionId = "Your subscrption";
var appId = "Registried Azure Application Id";
var secretKey = "Secret Key";
var tenantId = "tenant Id";
var context = new AuthenticationContext("https://login.windows.net/" + tenantId);
ClientCredential clientCredential = new ClientCredential(appId, secretKey );
var tokenResponse = context.AcquireTokenAsync("https://management.azure.com/", clientCredential).Result;
var accessToken = tokenResponse.AccessToken;
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + accessToken);
client.BaseAddress = new Uri("https://management.azure.com/");
// Now we can party with our HttpClient!
}
https://stackoverflow.com/questions/41260442
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号