3

我正在尝试在 C# 客户端中获取 ActiveDirectoryClient,如下所示:

 Uri servicePointUri = new Uri("https://graph.microsoft.com/v1.0/me/messages");
 Uri serviceRoot = new Uri(servicePointUri, <OUR-AZURE-TENANT-ID>);
ActiveDirectoryClient activeDirectoryClient = new ActiveDirectoryClient(serviceRoot,
                    async () => await AcquireTokenAsyncForUser());

使用此 AcquireTokenAsyncForUser() 方法:

public static async Task<string> AcquireTokenAsyncForUser()
    {
        return await GetTokenForUser();
    }


    public static async Task<string> GetTokenForUser()
    {
        if (TokenForUser == null)
        {

            AuthenticationContext authenticationContext = new AuthenticationContext("https://login.microsoftonline.com/common/v2.0");
            UserPasswordCredential userCredential = new UserPasswordCredential("<USERNAME>@outlook.com", <PASSWORD>);

            AuthenticationResult userAuthnResult = await authenticationContext.AcquireTokenAsync("https://graph.microsoft.com/v1.0/me/messages",
                <AZURE AD APP CLIENT ID>, userCredential);

            TokenForUser = userAuthnResult.AccessToken;
            Console.WriteLine("\n Welcome " + userAuthnResult.UserInfo.GivenName + " " +
                              userAuthnResult.UserInfo.FamilyName);
        }
        return TokenForUser;
    }

我不断收到此错误:

登录用户时出错 access_ws_metadata_exchange_failed:访问 WS 元数据交换失败-

响应状态码不表示成功:406 (NotAcceptable).-

我使用正确或不正确的凭据都没有关系。

4

1 回答 1

2

AAD 不支持 MSA 帐户的 WS-Trust 登录。您必须通过调用 webview 登录用户

AcquireTokenAsync("https://graph.microsoft.com/v1.0/me/messages",
                <AZURE AD APP CLIENT ID>, new Uri("<your redirect uri>", new PlatformParameters(PromptBehavior.Auto{or whatever you want}, null));
于 2016-11-01T16:48:25.813 回答