代码之家 › 专栏 › 技术社区 › Tassisto Nidheesh

如何在Azure AD中验证用户名和密码?

bearer-token jwt azure-active-directory c#

Tassisto Nidheesh · 技术社区 · 4 年前

        // POST api/values
        [HttpPost, Route("login")]
        public IActionResult Login([FromBody] LoginModel user)
        {
            if (user == null)
            {
                return BadRequest("Invalid client request");
            }
            if (user.UserName == "JO3434" && user.Password == "defDDMKJM")
            {
                var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("superSMKLJMKey@345"));
                var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);

                var claims = new List<Claim>
                {
                    new Claim(ClaimTypes.Name, user.UserName)
                };
                
                var token = new JwtSecurityToken(
                    audience: "http://site.azurewebsites.net",
                    issuer: "http://site.azurewebsites.net",
                    claims: claims,
                    expires: DateTime.Now.AddMinutes(60),
                    signingCredentials: signinCredentials
                );

                var results = new
                {
                    token = new JwtSecurityTokenHandler().WriteToken(token),
                    expiration = token.ValidTo
                };
                return Ok(results);
            }
            else
            {
                return Unauthorized();
            }
        }
    }

0 回复 | 直到 4 年前

Joy Wang 4 年前

如果没有与Azure广告的连接,你就无法验证用户,而且我认为如果你用它获得令牌,那么也没有必要这样做 AcquireTokenByUsernamePassword 方法,它基本上使用 Azure AD ROPC flow ,它将自动为您验证用户,如果用户无效,它将给出一个错误 Error validating credentials due to invalid username or password