AADSTS90102：'redirect_uri'的值必須是絕對有效的Uri

Question

我遵循this頁面的指示。我已經創建了自己的Windows服務，並且我一直在向Azure AD請求訪問令牌。 我設法獲得一個授權碼，但是當我POST時，我得到了redirect_uri錯誤。這是我的代碼看起來像：

var dictionary = new Dictionary<string, string> 
      { 
       { "resource", "https%3A%2F%2Foutlook.office365.com"}, 
       {"client_id","Application ID from azure AD portal" }, //-is this ok? 
       {"client_secret","Object ID from azure AD portal" }, //-is this ok? 
       {"grant_type","authorization_code" }, 
       {"redirect_uri",HttpUtility.UrlEncode("https://haw.trustteam.be/") }, 
       { "code","AQABAAIAAAAB..1AiAA"} 
      }; 
      var content = new FormUrlEncodedContent(dictionary); 

      string requestUrl = "https://login.windows.net/common/oauth2/token"; // also tried with login.microsoftonline.com 
      using (HttpClient client = new HttpClient()) 
      { 
       HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, requestUrl); 
       request.Content = content; 

       using (HttpResponseMessage response = await client.SendAsync(request)) 
       { 
        string responseString = await response.Content.ReadAsStringAsync(); 

        return response.Content.ToString(); 
       } 
      } 

我在做什麼錯？

Answer 1

FormUrlEncodedContent函數還可以幫助在HttpMessage正文中發佈數據作爲url編碼的鍵/值對。所以，只是刪除HttpUtility.UrlEncode功能：

  var dictionary = new Dictionary<string, string> 
      { 
       { "resource", "https://outlook.office365.com"}, 
       {"client_id","Application ID from azure AD portal" }, 
       {"client_secret","Application key from azure portal" }, 
       {"grant_type","authorization_code" }, 
       {"redirect_uri","https://haw.trustteam.be/" }, 
       { "code","AQABAAIAAAAB..1AiAA"} 
      }; 
      var content = new FormUrlEncodedContent(dictionary); 

此外，您可以在Keys刀片的蔚藍廣告應用程序的添加客戶端密鑰。請參閱this document。