我一直在尝试生成嵌入式访问令牌,以便在React.JS Web应用程序中嵌入我在Power BI上制作的报告。我遵循了以下步骤https://community.powerbi.com/t5/Developer/How-To-Get-embed-token-using-Get-Post-only/td-p/294475。但是我收到了403(Forbidden)状态代码的错误。是否有其他方法可以生成嵌入式访问令牌?
我已经尝试了ASP.NET Core,并使用了以下两个代码片段。根据注册应用程序的类型(本地或Web),有两种不同的方法可以从Azure Active Directory(AAD)上的注册应用程序获取访问令牌。区别在于Web应用程序中有一个客户端密钥,我们可以使用Azure门户创建它。您需要从Azure门户中查找客户端ID、AAD租户ID、应用程序密钥才能使用以下代码。
本地:
[HttpGet]
[Route("GetAccessTokenNative")]
public async Task<string> GetAccessTokenNative()
{
string token = await GetTokenNative();
return token;
}
private static async Task<string> GetTokenNative()
{
var oauthEndpoint = new Uri("https://login.microsoftonline.com/<your directory ID>/oauth2/token");
using (var client = new HttpClient())
{
var result = await client.PostAsync(oauthEndpoint, new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("resource", "https://analysis.windows.net/powerbi/api"),
new KeyValuePair<string, string>("client_id", "client ID"),
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", "username"),//PoweBI username
new KeyValuePair<string, string>("password", "password"),//PowerBI password
new KeyValuePair<string, string>("scope", "openid"),
}));
var content = await result.Content.ReadAsStringAsync();
return JsonConvert.DeserializeObject<OAuthResult>(content).AccessToken;
}
}
OAuthResult.cs
public class OAuthResult
{
[JsonProperty("token_type")]
public string TokenType { get; set; }
[JsonProperty("scope")]
public string Scope { get; set; }
[JsonProperty("experies_in")]
public int ExpiresIn { get; set; }
[JsonProperty("ext_experies_in")]
public int ExtExpiresIn { get; set; }
[JsonProperty("experies_on")]
public int ExpiresOn { get; set; }
[JsonProperty("not_before")]
public int NotBefore { get; set; }
[JsonProperty("resource")]
public Uri Resource { get; set; }
[JsonProperty("access_token")]
public string AccessToken { get; set; }
[JsonProperty("refresh_token")]
public string RefreshToken { get; set; }
}
网站:
[HttpGet]
[Route("GetAccessTokenWeb")]
public async Task<string> GetAccessTokenWeb()
{
string token = await GetTokenWeb();
return token;
}
public static async Task<string> GetTokenWeb()
{
HttpClient client = new HttpClient();
var content = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("grant_type", "password"),
new KeyValuePair<string, string>("username", "username"),//PowerBI username
new KeyValuePair<string, string>("password", "password"),//PowerBI password
new KeyValuePair<string, string>("client_id", "client ID"),
new KeyValuePair<string, string>("scope", "openid"),
new KeyValuePair<string, string>("client_secret", "client secret")
new KeyValuePair<string, string>("resource", "https://analysis.windows.net/powerbi/api")
});
HttpResponseMessage res = client.PostAsync("https://login.microsoftonline.com/<your directory ID>/oauth2/token", content).Result;
string json = await res.Content.ReadAsStringAsync();
AzureAdTokenResponseDto tokenRes = JsonConvert.DeserializeObject<AzureAdTokenResponseDto>(json);
return tokenRes.AccessToken;
}
AzureAdTokenResponseDto.cs
public class AzureAdTokenResponseDto
{
[JsonProperty("access_token")]
public string AccessToken { get; set; }
}