コード例 #1
0
        public async Task <TokenResultModel> GetTokenForAsync(string resource, IEnumerable <string> scopes = null)
        {
            ClientCredential clientCred = new ClientCredential(_aadClientId, _appSecret);
            ClaimsPrincipal  current    = ClaimsPrincipal.Current;

            if (current == null)
            {
                throw new AuthenticationException("Missing claims principal.");
            }

            System.IdentityModel.Tokens.BootstrapContext bootstrapContext = new System.IdentityModel.Tokens.BootstrapContext(current.Identities.First().BootstrapContext.ToString());

            if (bootstrapContext == null)
            {
                throw new AuthenticationException("bootstrapContext is null.");
            }

            string userName = current.FindFirst(ClaimTypes.Upn) != null
                ? current.FindFirst(ClaimTypes.Upn).Value
                : current.FindFirst(ClaimTypes.Email).Value;

            string        userAccessToken = bootstrapContext.Token;
            UserAssertion userAssertion   = new UserAssertion(userAccessToken, kGrantType, userName);

            string authority = String.Format(CultureInfo.InvariantCulture, _aadInstance, _aadTenant);
            string userId    = ClaimsPrincipal.Current.FindFirst(ClaimTypes.NameIdentifier).Value;
            AuthenticationContext authContext = new AuthenticationContext(authority);

            string userObjectID = (ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier"))?.Value;
            var    user         = new UserIdentifier(userObjectID, UserIdentifierType.UniqueId);

            try
            {
                _result = await authContext.AcquireTokenAsync(resource, clientCred, userAssertion);

                return(_result.ToTokenResult());
            }
            catch (AdalException ex)
            {
                throw new AuthenticationException(
                          $"Failed to authenticate on behalf of {userName}", ex);
            }
        }