如何使用“Microsoft.Graph”而不是“Microsoft.Azure.ActiveDirectory.GraphClient”来使用Azure广告SSO B2B

Question

我正在为我的网络应用程序创建一个应用程序，但我想只使用Microsoft.Graph而不是ActiveDirectory.GraphClient，如果是，那么如何？

services.Configure<CookiePolicyOptions>(options =>
            {
                options.CheckConsentNeeded = context => true;
                options.MinimumSameSitePolicy = SameSiteMode.None;
            });

            services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
                .AddAzureAD(options => Configuration.Bind("AzureAd", options));

            services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
            {
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer = false,
                    NameClaimType = ClaimTypes.Name,
                    RoleClaimType = ClaimTypes.Role,
                };

                options.Scope.Add("openid profile User.ReadWrite User.ReadBasic.All Sites.ReadWrite.All Contacts.ReadWrite People.Read Notes.ReadWrite.All Tasks.ReadWrite Mail.ReadWrite Files.ReadWrite.All Calendars.ReadWrite");
                options.Events = new OpenIdConnectEvents
                {
                    OnTicketReceived = context =>
                    {
                        return Task.CompletedTask;
                    },
                    OnAuthenticationFailed = context =>
                    {
                        context.Response.Redirect("/Error");
                        context.HandleResponse(); // Suppress the exception
                        return Task.CompletedTask;
                    },
                };
            });

Answer 1

最简单的答案是遵循“Get Started of ASPNET”，然后根据您的要求更改逻辑。

自己动手：使用Nuget安装“Microsoft.Graph”，然后修改项目配置文件中的GraphScopes（NETset的appsettings.json）。

"AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "CallbackPath": "/signin-oidc",
    "BaseUrl": "https://localhost:44334",
    "ClientId": "your client id",
    "ClientSecret": "your secret", // This sample uses a password (secret) to authenticate. Production apps should use a certificate.
    "Scopes": "openid email profile offline_access",
    "GraphResourceId": "https://graph.microsoft.com/",
    "GraphScopes": "User.Read User.ReadBasic.All Mail.Send 
  }

修改配置服务代码如下：

 services.AddAuthentication(sharedOptions =>
            {
                sharedOptions.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
            })
            .AddAzureAd(options => Configuration.Bind("AzureAd", options))
            .AddCookie();

如何使用“Microsoft.Graph”而不是“Microsoft.Azure.ActiveDirectory.GraphClient”来使用Azure广告SSO B2B

问题描述投票：0回答：1

1个回答

最新问题

如何使用“Microsoft.Graph”而不是“Microsoft.Azure.ActiveDirectory.GraphClient”来使用Azure广告SSO B2B

问题描述 投票：0回答：1

1个回答

最新问题

问题描述投票：0回答：1