我正在尝试使用Microsoft.Azure.Management.ApiManagement
4.0.4-preview实现Azure API Management API。
不,我在哪里看到实施文件。我试过下面的代码。但我收到身份验证错误。
Microsoft.Rest.Azure.CloudException:'身份验证失败。 “授权”标题以无效格式提供。
BasicAuthenticationCredentials basicAuthenticationCredentials = new BasicAuthenticationCredentials();
basicAuthenticationCredentials.UserName = "**********";
basicAuthenticationCredentials.Password = "*******";
var token = "Bearer **********"; // copied bear token from https://docs.microsoft.com/en-us/rest/api/apimanagement/user/get by logging proper user name and password
ApiManagementClient apiManagementClient = new ApiManagementClient(basicAuthenticationCredentials);
apiManagementClient.SubscriptionId = "*************************************";
apiManagementClient.HttpClient.DefaultRequestHeaders.TryAddWithoutValidation("Authorization", token);
apiManagementClient.ApiManagementService.Get("resourcegroupname", "POCAPIManagementService"); // error happening from this line
var user = apiManagementClient.User.Get("resourcegroupname", "POCAPIManagementService", "1");
经过两周的奋斗,我们找到了通往Microsoft.Azure.Management.ApiManagement dll实现的方法。
1)在azure ad中创建应用程序2)转到您的APIM =>访问控制(IAM)选项卡3)添加上面创建的应用程序(在APIM中需要权限)4)现在您应该能够看到Azure AD应用程序在APIM访问控制(IAM)选项卡中
这将为您在Azure AD中创建的应用程序提供委派权限
我们可以使用客户端凭据流来获取Azure AD的委派访问令牌。使用范围为https://management.azure.com
下面给出了用于实现Microsoft.Azure.Management.ApiManagement dll的客户端凭据流的示例代码。
public class myServiceCredentials : ServiceClientCredentials{
private string AuthenticationToken { get; set; }
public override void InitializeServiceClient<T>(ServiceClient<T> client)
{
var authenticationContext = new
AuthenticationContext("https://login.windows.net/{tenantID}");
var credential = new ClientCredential(clientId: "xxxxx-xxxx-xx-xxxx-xxx",
clientSecret: "{clientSecret}");
var result = authenticationContext.AcquireToken(resource:
"https://management.core.windows.net/", clientCredential: credential);
if (result == null)
{
throw new InvalidOperationException("Failed to obtain the JWT token");
}
AuthenticationToken = result.AccessToken;
}
}
通过记录适当的用户名和密码从https://docs.microsoft.com/en-us/rest/api/apimanagement/user/get复制熊令牌
看来你生成的方式有问题。
授权标头应该是您从Azure Active Directory获得的JSON Web令牌,但是直接来自Azure门户。有关更多详细信息,请参阅此article。
你可以参考这个document,了解如何从AAD和protect an API by using OAuth 2.0 with Azure Active Directory以及API Management获得JWT。