Rau*_*han 6 .net microsoft-graph-api
这是代码。我获得一个访问令牌,并使用该访问令牌创建一个客户端。如果访问令牌过期会发生什么?我需要创建另一个客户端吗?只创建一个客户端?或者每次我需要用户时,我应该调用 GetGraphServiceClient()?这将解决令牌因需要新令牌而过期的问题。如果不是,我如何验证令牌是否过期?
public async Task<GraphServiceClient> GetGraphServiceClient()
{
var token = await GetAccessToken();
var client = new GraphServiceClient(new DelegateAuthenticationProvider(
(requestMessage) =>
{
requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
return Task.FromResult(0);
}));
return client;
}
private async Task<string> GetAccessToken()
{
var app = ConfidentialClientApplicationBuilder.Create(_connectionData.ClientId)
.WithAuthority(AzureCloudInstance.AzurePublic, _connectionData.TenantId)
.WithClientSecret(_connectionData.ClientSecret)
.Build();
AuthenticationResult result = null;
try
{
result = await app.AcquireTokenForClient(scopes)
.ExecuteAsync();
}
catch (MsalServiceException ex)
{
// Case when ex.Message contains: invalid scope
}
return result?.AccessToken;
}
这取决于您是根据 Graph SDK 还是 Graph REST API 进行身份验证。如果您要针对 SDK 进行身份验证,正如一位评论者已经提到的那样,只要您正确设置,SDK 就会为您处理好这一问题。如果您使用 REST API,那么您必须自己处理。
SDK认证:
GraphSDK.cs
public class GraphSDK
{
public static GraphServiceClient Initialize(IConfiguration config)
{
return new GraphServiceClient
(
new ClientSecretCredential
(
config.GetValue<string>("TenantID"),
config.GetValue<string>("ClientID"), Environment.GetEnvironmentVariable("CLIENT_SECRET"),
new TokenCredentialOptions { AuthorityHost = AzureAuthorityHosts.AzurePublicCloud }
),
new[] { "https://graph.microsoft.com/.default" }
);
}
}
启动.cs
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
...
services.AddScoped(svc => GraphSDK.Initialize(Configuration));
...
}
}
| 归档时间: |
|
| 查看次数: |
946 次 |
| 最近记录: |