使用 ConfidentialClientApplicationBuilder 时出现范围无效错误

问题描述 投票:0回答:1

我正在使用 ConfidentialClientApplicationBuilder 获取令牌,然后发送电子邮件

var pca = ConfidentialClientApplicationBuilder
                     .Create(ClientId)
                     .WithClientSecret(clientSecret)
                     .WithAuthority(AzureCloudInstance.AzurePublic, Tenant)
                     .WithRedirectUri(RedirectUrl)
                     .Build();




            var outlookScope = new string[] { "https://outlook.office365.com/SMTP.Send" };   // for graph use "https://graph.microsoft.com/.default"

            AuthenticationResult result = null;

            try
            {
                result = await pca.AcquireTokenForClient(outlookScope)
                    .ExecuteAsync();
            }
            catch (MsalException ex)
            {
                Console.WriteLine($"Error acquiring access token: {ex}");
            }

但是我在得到结果时收到此错误 Microsoft.Identity.Client.MsalServiceException:'AADSTS1002012:为范围https://outlook.office365.com/SMTP.Send提供的值无效。客户端凭证流必须具有一个范围值,其后缀为 /.default 到资源标识符(应用程序 ID URI)。

我应该使用什么范围才能成功获取令牌,此外我使用这个 smpt 发送电子邮件

using (var emailClient = new MailKit.Net.Smtp.SmtpClient())
                {
                    var oauth2 = new SaslMechanismOAuth2(result.Account.Username, result.AccessToken);
                    await emailClient.ConnectAsync(SMPTServerName, SMPTServerPort, SecureSocketOptions.StartTls);  //google smtp.gmail.com
                    await emailClient.AuthenticateAsync(oauth2);

// Message Body 

await emailClient.SendAsync(message);

``
azure smtp
1个回答
0
投票

我在我的环境中尝试了相同的代码,并得到了相同的错误,如下所示:

enter image description here

enter image description here

注意:如果您使用客户端凭证流生成访问令牌,则范围必须以 /.default 作为后缀 资源。在您的情况下,范围必须是 

 https://outlook.office365.com/SMTP.Send

我修改了如下代码以获取 Outlook 资源的访问令牌:

using Microsoft.Identity.Client;
using System;

namespace ConsoleApp1
{
    class Program
    {
        static async System.Threading.Tasks.Task Main(string[] args)
        {
            string ClientId = "ClientID";
            string clientSecret = "ClientSecret";
            string Tenant = "TenantID";
            string RedirectUrl = "https://jwt.ms";

            var pca = ConfidentialClientApplicationBuilder
                .Create(ClientId)
                .WithClientSecret(clientSecret)
                .WithAuthority(AzureCloudInstance.AzurePublic, Tenant)
                .WithRedirectUri(RedirectUrl)
                .Build();

            var outlookScope = new string[] { "https://outlook.office365.com/.default" };

            AuthenticationResult result = null;

            try
            {
                result = await pca.AcquireTokenForClient(outlookScope)
                    .ExecuteAsync();
            }
            catch (MsalException ex)
            {
                Console.WriteLine($"Error acquiring access token: {ex}");
            }

            if (result != null)
            {
                Console.WriteLine($"Access token: {result.AccessToken}");
            }
        }
    }
}

enter image description here

解码后的令牌:

enter image description here

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.