我有一个网站,用户可以在其中登录Azure AD。我需要将这个网站(作为iframe)嵌入到带有WebPart的Sharepoint内部网中。
如何从WebPart获取Sharepoint的访问令牌?
在Webpart中,我有这样的东西:
OAUTHOKEN = ¿?
<iframe src="https://myweb.org/oauthCallback.html?token=OAUTHTOKEN" width="250px" height="250px"/>
您能告诉我获取访问令牌的方式吗?
致谢!
答案 0 :(得分:-1)
由于您是根据Azure AD登录的,因此登录后应该具有令牌。
您可以代表流使用交换令牌来获取可用于SharePoint的令牌。您可以在下面的链接上获取有关如何代表流程使用的更多信息: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow
您可以使用以下功能:
public async Task<string> GetSPAccessToken(string access_token)
{
string token = "", refresh_token = "";
// This is to replace bearer if access_token is retrieved from HTTP Headers
access_token = access_token.Replace("bearer ", "").Replace("Bearer ", "");
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var keyValuePairs = new List<KeyValuePair<string, string>>();
// Make sure you have give proper API permission to Azure AD app
// in this case AllSites.Read
string SPScope = "{SiteUrl}" + "/AllSites.Read";
keyValuePairs.Add(new KeyValuePair<string, string>("scope", SPScope));
keyValuePairs.Add(new KeyValuePair<string, string>("client_id", Client_id));
keyValuePairs.Add(new KeyValuePair<string, string>("client_secret", Client_secret));
keyValuePairs.Add(new KeyValuePair<string, string>("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer"));
keyValuePairs.Add(new KeyValuePair<string, string>("requested_token_use", "on_behalf_of"));
keyValuePairs.Add(new KeyValuePair<string, string>("assertion", access_token));
var client1 = new HttpClient();
var req = new HttpRequestMessage(HttpMethod.Post, "https://login.microsoftonline.com/{YOURDOMAIN}/oauth2/v2.0/token") { Content = new FormUrlEncodedContent(keyValuePairs) };
using (var res = client1.SendAsync(req).Result)
{
if (res.IsSuccessStatusCode)
{
var jsonresult = JObject.Parse(await res.Content.ReadAsStringAsync());
token = (string)jsonresult["access_token"];
refresh_token = (string)jsonresult["refresh_token"];
}
}
return token;
}
我希望这会有所帮助!