记住登录凭据/权限 UWP/C# (Microsoft云 API)

本文关键字:Microsoft API 权限 登录 UWP | 更新日期: 2023-09-27 18:34:27

我正在创建一个访问Microsoft云API以获取健康数据的应用程序。当您点击登录按钮时,它使用 OAuth 登录

 private void signinButton_Click(object sender, RoutedEventArgs e)
    {
        UriBuilder uri = new UriBuilder("https://login.live.com/oauth20_authorize.srf");
        var query = new StringBuilder();
        query.AppendFormat("redirect_uri={0}", Uri.EscapeDataString(RedirectUri));
        query.AppendFormat("&client_id={0}", Uri.EscapeDataString(ClientId));
        query.AppendFormat("&scope={0}", Uri.EscapeDataString(Scopes));
        query.Append("&response_type=code");
        uri.Query = query.ToString();
        this.webView.Visibility = Visibility.Visible;
        this.webView.Navigate(uri.Uri);
    }

这将打开一个 webView,其中包含使用Microsoft凭据登录的页面。完成后,它会导致:

 private async void WebView_NavigationCompleted(WebView sender, WebViewNavigationCompletedEventArgs args)
    {
        //
        // When the web view navigates to our redirect URI, extract the authorization code from
        // the URI and use it to fetch our access token. If no authorization code is present,
        // we're completing a sign-out flow.
        //
        if (args.Uri.LocalPath.StartsWith("/oauth20_desktop.srf", StringComparison.OrdinalIgnoreCase))
        {
            WwwFormUrlDecoder decoder = new WwwFormUrlDecoder(args.Uri.Query);
            var code = decoder.FirstOrDefault((entry) => entry.Name.Equals("code", StringComparison.OrdinalIgnoreCase));
            var error = decoder.FirstOrDefault((entry) => entry.Name.Equals("error", StringComparison.OrdinalIgnoreCase));
            var errorDesc = decoder.FirstOrDefault((entry) => entry.Name.Equals("error_description", StringComparison.OrdinalIgnoreCase));
            // Check the code to see if this is sign-in or sign-out
            if (code != null)
            {
                // Hide the browser again, no matter what happened...
                sender.Visibility = Visibility.Collapsed;
                if (error != null)
                {
                    this.responseText.Text = string.Format("{0}'r'n{1}", error.Value, errorDesc.Value);
                    return;
                }
                var tokenError = await this.GetToken(code.Value, false);
                if (string.IsNullOrEmpty(tokenError))
                {
                    this.responseText.Text = "Successful sign-in!";
                    this.signoutButton.IsEnabled = true;
                    this.signinButton.IsEnabled = false;
                    this.getProfileButton.IsEnabled = true;
                    this.getDevicesButton.IsEnabled = true;
                    this.getActivitiesButton.IsEnabled = true;
                    this.getDailySummaryButton.IsEnabled = true;
                    this.getHourlySummaryButton.IsEnabled = true;
                }
                else
                {
                    this.responseText.Text = tokenError;
                }
            }
            else
            {
                this.responseText.Text = "Successful sign-out!";
                this.signoutButton.IsEnabled = false;
                this.signinButton.IsEnabled = true;
                this.getProfileButton.IsEnabled = false;
                this.getDevicesButton.IsEnabled = false;
                this.getActivitiesButton.IsEnabled = false;
                this.getDailySummaryButton.IsEnabled = true;
                this.getHourlySummaryButton.IsEnabled = false;
            }
        }
    }
    private async Task<string> GetToken(string code, bool isRefresh)
    {
        UriBuilder uri = new UriBuilder("https://login.live.com/oauth20_token.srf");
        var query = new StringBuilder();
        query.AppendFormat("redirect_uri={0}", Uri.EscapeDataString(RedirectUri));
        query.AppendFormat("&client_id={0}", Uri.EscapeDataString(ClientId));
        query.AppendFormat("&client_secret={0}", Uri.EscapeDataString(ClientSecret));
        if (isRefresh)
        {
            query.AppendFormat("&refresh_token={0}", Uri.EscapeDataString(code));
            query.Append("&grant_type=refresh_token");
        }
        else
        {
            query.AppendFormat("&code={0}", Uri.EscapeDataString(code));
            query.Append("&grant_type=authorization_code");
        }
        uri.Query = query.ToString();
        var request = WebRequest.Create(uri.Uri);
        try
        {
            using (var response = await request.GetResponseAsync())
            {
                using (var stream = response.GetResponseStream())
                {
                    using (var streamReader = new StreamReader(stream))
                    {
                        var responseString = streamReader.ReadToEnd();
                        var jsonResponse = JObject.Parse(responseString);
                        this.creds.AccessToken = (string)jsonResponse["access_token"];
                        this.creds.ExpiresIn = (long)jsonResponse["expires_in"];
                        this.creds.RefreshToken = (string)jsonResponse["refresh_token"];
                        string error = (string)jsonResponse["error"];
                        return error;
                    }
                }
            }
        }
        catch (Exception ex)
        {
            return ex.Message;
        }
    }

我不希望用户每次启动应用程序时都必须接受权限。有没有办法在本地保存凭据,以便在启动时自动进行身份验证?谢谢!

记住登录凭据/权限 UWP/C# (Microsoft云 API)

您可以使用 

Windows.Storage.ApplicationData.Current.LocalSettings

这个答案很好地描述了这个过程 保留 WinRT 应用设置的最佳方法?

链接到 UWP 的标识中的代码

将所需的 oauth 部分存储在凭据保险箱 API 中。切勿在正常设置 API 中存储此类信息。

在开始时,读取 oauth 信息并使用刷新令牌获取新的访问令牌。

更多信息在这里。https://msdn.microsoft.com/en-us/library/windows/apps/mt270189.aspx

相关文章: