大家好,我在这个问题上有完全相同的问题:使用个人Microsoft帐户登录到Oauth2 v2失败
但是我不明白答案,我应该在清单中配置此链接的位置?https://login.microsoftonline.com/common/oauth2/v2.0/authorize
我的清单是:
{
"id": "0982f18d-116c-45c0-b1ee-59dd9fa3344b",
"acceptMappedClaims": null,
"accessTokenAcceptedVersion": 2,
"addIns": [],
"allowPublicClient": null,
"appId": "002543f2-87b6-43e4-91a3-cfdef655dc7a",
"appRoles": [],
"oauth2AllowUrlPathMatching": false,
"createdDateTime": "2021-02-04T10:09:11Z",
"disabledByMicrosoftStatus": null,
"groupMembershipClaims": null,
"identifierUris": [],
"informationalUrls": {
"termsOfService": null,
"support": null,
"privacy": null,
"marketing": null
},
"keyCredentials": [],
"knownClientApplications": [],
"logoUrl": null,
"logoutUrl": null,
"name": "AppBotTipBook",
"oauth2AllowIdTokenImplicitFlow": false,
"oauth2AllowImplicitFlow": false,
"oauth2Permissions": [],
"oauth2RequirePostResponse": false,
"optionalClaims": null,
"orgRestrictions": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [
{
"customKeyIdentifier": null,
"endDate": "2299-12-30T23:00:00Z",
"keyId": "86c3141b-02ac-4d47-9ecf-0cabb8ba2fc4",
"startDate": "2021-02-04T10:10:43.464Z",
"value": null,
"createdOn": "2021-02-04T10:10:44.3986206Z",
"hint": "_3D",
"displayName": "botlogin"
}
],
"preAuthorizedApplications": [],
"publisherDomain": "unisalerno.onmicrosoft.com",
"replyUrlsWithType": [
{
"url": "https://token.botframework.com/.auth/web/redirect",
"type": "Web"
}
],
"requiredResourceAccess": [
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "570282fd-fa5c-430d-a7fd-fc8dc98a9dca",
"type": "Scope"
},
{
"id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
"type": "Scope"
},
{
"id": "b340eb25-3456-403f-be2f-af7a0d370277",
"type": "Scope"
},
{
"id": "e383f46e-2787-4529-855e-0e479a3ffac0",
"type": "Scope"
},
{
"id": "37f7f235-527c-4136-accd-4a02d197296e",
"type": "Scope"
},
{
"id": "14dad69e-099b-42c9-810b-d002981feec1",
"type": "Scope"
}
]
}
],
"samlMetadataUrl": null,
"signInUrl": null,
"signInAudience": "AzureADandPersonalMicrosoftAccount",
"tags": [],
"tokenEncryptionKeyId": null
}
目前,身份验证仅适用于我的大学域,但是我想允许通过Microsoft个人电子邮件(例如[email protected])进行身份验证
在开发的代码中,您将使用端点进行授权并获取oauth令牌。
如果您使用的是MSAL(Microsoft身份验证库)
在代码中配置客户端应用程序的常用参数是
客户端ID重定向URI授权客户端机密在某些情况下
因此,在此过程中,您将必须配置授权网址。
https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-client-application-configuration#authority
因此,例如在您的代码中,如果您要构建客户端应用程序对象,则将如下所示:
string authority = "https://login.microsoftonline.com/common";
string[] scopes = new string[] { "user.read" };
IPublicClientApplication app = PublicClientApplicationBuilder
.Create(clientId)
.WithAuthority(authority)
.Build();
更新:
您将在代码中使用此连接名称。
这是要注意的事项:在tenantid下,将其填写为普通而非特定的租户ID。
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句