尝试从Azure Fn项目连接到MS Graph API。

huangapple
go评论96阅读模式
英文:

Trying to connect to MS Graph API from an Azure Fn Project

问题

我正在尝试在现有项目中创建一个新的 Azure 函数(az fn)... 我需要这个新函数在底层查询 Graph API。

以下代码不起作用,因为找不到 DelegateAuthenticationProvider 类的包/库:

  1. string[] scopes = new[] { "https://graph.microsoft.com/.default" };
  3. var confidentialClientApplication = ConfidentialClientApplicationBuilder
  4.             .Create(ApplicationClientID)
  5.             .WithTenantId(AzureTenantID)
  6.             .WithClientSecret(ApplicationClientSecret)
  7.             .Build();
  9. // Build the Microsoft Graph client. As the authentication provider, set an async lambda
  10. // which uses the MSAL client to obtain an app-only access token to Microsoft Graph,
  11. // and inserts this access token in the Authorization header of each API request. 
  12. GraphServiceClient graphServiceClient =
  13.     new GraphServiceClient(new Microsoft.Graph.DelegateAuthenticationProvider(async (requestMessage) => {
  15.             // Retrieve an access token for Microsoft Graph (gets a fresh token if needed).
  16.             var authResult = await confidentialClient
  17.                 .AcquireTokenForClient(scopes)
  18.                 .ExecuteAsync();
  20.             // Add the access token in the Authorization header of the API request.
  21.             requestMessage.Headers.Authorization = 
  22.                 new AuthenticationHeaderValue("Bearer", authResult.AccessToken);
  23.         })
  24.     );

以下是项目文件的内容:

  1. <Project Sdk="Microsoft.NET.Sdk">
  2.   <PropertyGroup>
  3.     <TargetFramework>net6.0</TargetFramework>
  4.     <AzureFunctionsVersion>v4</AzureFunctionsVersion>
  5.     <RootNamespace>widgets</RootNamespace>
  6.   </PropertyGroup>
  7.   <ItemGroup>
  8.     <PackageReference Include="Azure.Identity" Version="1.9.0" />
  9.     <PackageReference Include="Azure.Security.KeyVault.Secrets" Version="4.5.0" />
  10.     <PackageReference Include="Microsoft.Azure.KeyVault" Version="3.0.5" />
  11.     <PackageReference Include="Microsoft.Graph" Version="5.18.0" />
  12.     <PackageReference Include="Microsoft.Graph.Core" Version="3.0.9" />
  13.     <PackageReference Include="Microsoft.Identity.Client" Version="4.54.1" />
  14.     <PackageReference Include="Microsoft.NET.Sdk.Functions" Version="4.1.1" />
  15.     <PackageReference Include="Microsoft.Azure.Services.AppAuthentication" Version="1.6.0" />
  16.   </ItemGroup>
  17.   <ItemGroup>
  18.     <None Update="host.json">
  19.       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
  20.     </None>
  21.     <None Update="local.settings.json">
  22.       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
  23.       <CopyToPublishDirectory>Never</CopyToPublishDirectory>
  24.     </None>
  25.   </ItemGroup>
  26. </Project>

我添加了以下依赖项以支持对 Graph 的调用:

  1. <PackageReference Include="Microsoft.Graph" Version="5.18.0" />
  2. <PackageReference Include="Microsoft.Graph.Core" Version="3.0.9" />
  3. <PackageReference Include="Microsoft.Identity.Client" Version="4.54.1" />

我理解 DelegateAuthenticationProvider 类是 Graph.Core 的一部分。

希望这只是一个非常简单的遗漏。任何提示将不胜感激。

英文:

I'm trying to create a new az fn in an existing project.... I need this new fn to query Graph Api under the hood.

The following code is not working because it can't find the package / library for DelegateAuthenticationProvider class:

  1.        string[] scopes = new[] { &quot;https://graph.microsoft.com/.default&quot; };
  3.         var confidentialClientApplication = ConfidentialClientApplicationBuilder
  4.                     .Create(ApplicationClientID)
  5.                     .WithTenantId(AzureTenantID)
  6.                     .WithClientSecret(ApplicationClientSecret)
  7.                     .Build();
  9.         // Build the Microsoft Graph client. As the authentication provider, set an async lambda
  10.         // which uses the MSAL client to obtain an app-only access token to Microsoft Graph,
  11.         // and inserts this access token in the Authorization header of each API request. 
  12.         GraphServiceClient graphServiceClient =
  13.             new GraphServiceClient(new Microsoft.Graph.DelegateAuthenticationProvider(async (requestMessage) =&gt; {
  15.                     // Retrieve an access token for Microsoft Graph (gets a fresh token if needed).
  16.                     var authResult = await confidentialClient
  17.                         .AcquireTokenForClient(scopes)
  18.                         .ExecuteAsync();
  20.                     // Add the access token in the Authorization header of the API request.
  21.                     requestMessage.Headers.Authorization = 
  22.                         new AuthenticationHeaderValue(&quot;Bearer&quot;, authResult.AccessToken);
  23.                 })
  24.             );

Here's the project file contents:

  1. &lt;Project Sdk=&quot;Microsoft.NET.Sdk&quot;&gt;
  2.   &lt;PropertyGroup&gt;
  3.     &lt;TargetFramework&gt;net6.0&lt;/TargetFramework&gt;
  4.     &lt;AzureFunctionsVersion&gt;v4&lt;/AzureFunctionsVersion&gt;
  5.     &lt;RootNamespace&gt;widgets&lt;/RootNamespace&gt;
  6.   &lt;/PropertyGroup&gt;
  7.   &lt;ItemGroup&gt;
  8.     &lt;PackageReference Include=&quot;Azure.Identity&quot; Version=&quot;1.9.0&quot; /&gt;
  9.     &lt;PackageReference Include=&quot;Azure.Security.KeyVault.Secrets&quot; Version=&quot;4.5.0&quot; /&gt;
  10.     &lt;PackageReference Include=&quot;Microsoft.Azure.KeyVault&quot; Version=&quot;3.0.5&quot; /&gt;
  11.     &lt;PackageReference Include=&quot;Microsoft.Graph&quot; Version=&quot;5.18.0&quot; /&gt;
  12.     &lt;PackageReference Include=&quot;Microsoft.Graph.Core&quot; Version=&quot;3.0.9&quot; /&gt;
  13.     &lt;PackageReference Include=&quot;Microsoft.Identity.Client&quot; Version=&quot;4.54.1&quot; /&gt;
  14.     &lt;PackageReference Include=&quot;Microsoft.NET.Sdk.Functions&quot; Version=&quot;4.1.1&quot; /&gt;
  15.     &lt;PackageReference Include=&quot;Microsoft.Azure.Services.AppAuthentication&quot; Version=&quot;1.6.0&quot; /&gt;
  16.   &lt;/ItemGroup&gt;
  17.   &lt;ItemGroup&gt;
  18.     &lt;None Update=&quot;host.json&quot;&gt;
  19.       &lt;CopyToOutputDirectory&gt;PreserveNewest&lt;/CopyToOutputDirectory&gt;
  20.     &lt;/None&gt;
  21.     &lt;None Update=&quot;local.settings.json&quot;&gt;
  22.       &lt;CopyToOutputDirectory&gt;PreserveNewest&lt;/CopyToOutputDirectory&gt;
  23.       &lt;CopyToPublishDirectory&gt;Never&lt;/CopyToPublishDirectory&gt;
  24.     &lt;/None&gt;
  25.   &lt;/ItemGroup&gt;
  26. &lt;/Project&gt;

I added the following dependencies to support this call to graph:

  1. &lt;PackageReference Include=&quot;Microsoft.Graph&quot; Version=&quot;5.18.0&quot; /&gt;
  2. &lt;PackageReference Include=&quot;Microsoft.Graph.Core&quot; Version=&quot;3.0.9&quot; /&gt;
  3. &lt;PackageReference Include=&quot;Microsoft.Identity.Client&quot; Version=&quot;4.54.1&quot; /&gt;

It's my understanding that DelegateAuthenticationProvider class is a part of Graph.Core.

Hopefully it's something super simple I've missed. Any tips would be appreciated.

答案1

得分: 1

你尝试的方法在 Microsoft.Graph.Core 包的第3个版本之后似乎已被弃用。这里 你可以找到迁移说明。

看起来你正尝试使用 ClientSecret 进行身份验证,我认为这是你在寻找的文档

文档中的代码:

  1. // 客户端凭据流需要你请求 /.default 范围,并在 Azure 的应用注册中预先配置权限。
  2. // 管理员必须事先同意这些权限。
  3. var scopes = new[] { "https://graph.microsoft.com/.default" };
  5. // 应用注册中的值
  6. var clientId = "YOUR_CLIENT_ID";
  7. var tenantId = "YOUR_TENANT_ID";
  8. var clientSecret = "YOUR_CLIENT_SECRET";
  10. // 使用 Azure.Identity;
  11. var options = new ClientSecretCredentialOptions
  12. {
  13.     AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
  14. };
  16. // https://learn.microsoft.com/dotnet/api/azure.identity.clientsecretcredential
  17. var clientSecretCredential = new ClientSecretCredential(
  18.     tenantId, clientId, clientSecret, options);
  20. var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
英文:

The way you are trying to do it seems deprecated since Version 3 of the Microsoft.Graph.Core package. Here you find the migration description.

As it seems you are trying to authenticate via ClientSecret, I think this is the documentation you are looking for.

Code from the documentation:

  1. // The client credentials flow requires that you request the
  2. // /.default scope, and pre-configure your permissions on the
  3. // app registration in Azure. An administrator must grant consent
  4. // to those permissions beforehand.
  5. var scopes = new[] { &quot;https://graph.microsoft.com/.default&quot; };
  7. // Values from app registration
  8. var clientId = &quot;YOUR_CLIENT_ID&quot;;
  9. var tenantId = &quot;YOUR_TENANT_ID&quot;;
  10. var clientSecret = &quot;YOUR_CLIENT_SECRET&quot;;
  12. // using Azure.Identity;
  13. var options = new ClientSecretCredentialOptions
  14. {
  15.     AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
  16. };
  18. // https://learn.microsoft.com/dotnet/api/azure.identity.clientsecretcredential
  19. var clientSecretCredential = new ClientSecretCredential(
  20.     tenantId, clientId, clientSecret, options);
  22. var graphClient = new GraphServiceClient(clientSecretCredential, scopes);

huangapple
  • 本文由 发表于 2023年7月12日 23:49:51
  • 转载请务必保留本文链接:https://go.coder-hub.com/76672402.html
  • .net
  • azure-functions
  • microsoft-graph-api
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定