ASP.NET Web App 的授權代碼流代碼示例 (Authorization Code Flow code examples for ASP.NET Web App)

問題描述

ASP.NET Web App 的授權代碼流代碼示例 (Authorization Code Flow code examples for ASP.NET Web App)

我正在嘗試使用 Azure Active Directory 和 OAuth2 OpenIDConnect 協議為我的 ASP.NET Web 應用程序實現單點登錄。該文檔建議僅將隱式授權流用於 SPA，但是，ASP.NET 的所有代碼示例都使用 idTokens 的 response_Type。為了使這種響應類型起作用，我需要允許隱式授權流。誰能指出我使用 MSAL 的代碼示例可以與授權代碼授權一起使用？

參考解法

方法 1:

The OAuth 2 authorization code grant can be used in apps that are installed on a device to gain access to protected resources like web APIs. This allows you to add sign‑in and API access to your mobile and desktop apps.

To redeem an authorization code and get a token, and cache it, the IConfidentialClientApplication contains a method called.

AcquireTokenByAuthorizationCode(
            IEnumerable<string> scopes,
            string authorizationCode)

Here is code sample you could refer to and this one.

(by Dassy、Joey Cai)

參考文件

1. Authorization Code Flow code examples for ASP.NET Web App (CC BY‑SA 2.5/3.0/4.0)