3

我想确认ADFS支持oAuth 2.0完全支持oAuth 2.0
ie的所有流程,

  1. 三足oAuth

  2. 2 腿 oAuth

  3. 隐式流

我问这个是因为我尝试使用资源所有者密码流(2-legged Oauth)。这是我的代码

                using (HttpClient client = new HttpClient())
                {
                    string creds = String.Format("{0}:{1}", "hello@ADFS FQDN", "christ");
                    byte[] bytes = Encoding.ASCII.GetBytes(creds);
                    var header = new AuthenticationHeaderValue("Basic",
                                               Convert.ToBase64String(bytes));


                    client.DefaultRequestHeaders.Authorization = header;

                    var postData = new List<KeyValuePair<string, string>>();

                    postData.Add(new KeyValuePair<string, string>
                                       ("grant_type", "password"));


                    HttpContent content = new FormUrlEncodedContent(postData);

                    token = client.PostAsync("http://adfs FQDN/adfs/oauth2/token/", content)
                                     .Result.Content.ReadAsStringAsync().Result;
                }

它给了我错误grant_Type=password is not supported
当我查看我的 ADFS 2012 R2 机器事件查看器日志时,它也给出了错误

“授权服务器不支持请求的'grant_type':'password'。授权服务器目前只支持'grant_type=authorization_code'。”

请帮我如何实现这个流程?

4

1 回答 1

8

AD FS 3.0 (2012 R2) DOES NOT support grant_type=password for OAuth 2.0 but it supports grant_type=authorization_code and grant_type=refresh_token only. AD FS provides WS-Trust endpoints and you could use them instead of OAuth 2.0 endpoint for issuing and exchanging tokens. WS-Trust provides the endpoints for different types of authentication.

于 2014-04-07T11:34:10.717 回答