我一直在尝试生成嵌入式访问令牌,以便我可以在React.JS Web应用程序中嵌入我在Power BI上创建的报告。我按照以下步骤操作https://community.powerbi.com/t5/Developer/How-To-Get-embed-token-using-Get-Post-only/td-p/294475。但我收到状态码403(禁止)的错误。是否有其他方法来生成嵌入访问令牌?
我尝试过使用ASP.NET Core,以下是我使用过的两个代码片段。根据已注册应用程序(Native或Web)的类型,有两种单独的方法可以从Azure Active Directory(AAD)上的已注册应用程序获取访问令牌。不同之处在于我们可以使用azure门户创建Web应用程序中的客户端密钥。您需要从azure门户网站找到客户端ID,AAD租户ID,应用程序密钥才能使用以下代码。
原生:
[HttpGet]
[Route("GetAccessTokenNative")]
public async Task<string> GetAccessTokenNative()
{
string token = await GetTokenNative();
return token;
}
private static async Task<string> GetTokenNative()
{
var oauthEndpoint = new Uri("https://login.microsoftonline.com/<your directory ID>/oauth2/token");
using (var client = new HttpClient())
{
var result = await client.PostAsync(oauthEndpoint, new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("resource", "https://analysis.windows.net/powerbi/api"),
new KeyValuePair<string, string>("client_id", "client ID"),
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", "username"),//PoweBI username
new KeyValuePair<string, string>("password", "password"),//PowerBI password
new KeyValuePair<string, string>("scope", "openid"),
}));
var content = await result.Content.ReadAsStringAsync();
return JsonConvert.DeserializeObject<OAuthResult>(content).AccessToken;
}
}
OAuthResult.cs
public class OAuthResult
{
[JsonProperty("token_type")]
public string TokenType { get; set; }
[JsonProperty("scope")]
public string Scope { get; set; }
[JsonProperty("experies_in")]
public int ExpiresIn { get; set; }
[JsonProperty("ext_experies_in")]
public int ExtExpiresIn { get; set; }
[JsonProperty("experies_on")]
public int ExpiresOn { get; set; }
[JsonProperty("not_before")]
public int NotBefore { get; set; }
[JsonProperty("resource")]
public Uri Resource { get; set; }
[JsonProperty("access_token")]
public string AccessToken { get; set; }
[JsonProperty("refresh_token")]
public string RefreshToken { get; set; }
}
网站:
[HttpGet]
[Route("GetAccessTokenWeb")]
public async Task<string> GetAccessTokenWeb()
{
string token = await GetTokenWeb();
return token;
}
public static async Task<string> GetTokenWeb()
{
HttpClient client = new HttpClient();
var content = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", "username"),//PowerBI username
new KeyValuePair<string, string>("password", "password"),//PowerBI password
new KeyValuePair<string, string>("client_id", "client ID"),
new KeyValuePair<string, string>("scope", "openid"),
new KeyValuePair<string, string>("client_secret", "client secret")
new KeyValuePair<string, string>("resource", "https://analysis.windows.net/powerbi/api")
});
HttpResponseMessage res = client.PostAsync("https://login.microsoftonline.com/<your directory ID>/oauth2/token", content).Result;
string json = await res.Content.ReadAsStringAsync();
AzureAdTokenResponseDto tokenRes = JsonConvert.DeserializeObject<AzureAdTokenResponseDto>(json);
return tokenRes.AccessToken;
}
AzureAdTokenResponseDto.cs
public class AzureAdTokenResponseDto
{
[JsonProperty("access_token")]
public string AccessToken { get; set; }
}