问题
I want to confirm ADFS
support oAuth 2.0
completely support all the flow of oAuth 2.0
i.e.,
3-legged oAuth
2-legged oAuht
Implicit flow
I am asking this because I try to use Resource Owner Password Flow(2-legged Oauth). Here is my code
using (HttpClient client = new HttpClient())
{
string creds = String.Format("{0}:{1}", "hello@ADFS FQDN", "christ");
byte[] bytes = Encoding.ASCII.GetBytes(creds);
var header = new AuthenticationHeaderValue("Basic",
Convert.ToBase64String(bytes));
client.DefaultRequestHeaders.Authorization = header;
var postData = new List<KeyValuePair<string, string>>();
postData.Add(new KeyValuePair<string, string>
("grant_type", "password"));
HttpContent content = new FormUrlEncodedContent(postData);
token = client.PostAsync("http://adfs FQDN/adfs/oauth2/token/", content)
.Result.Content.ReadAsStringAsync().Result;
}
It gives me error grant_Type=password is not supported
.
When I looked on my ADFS 2012 R2 machine event viewer log it also gives error that
"The authorization server does not support the requested 'grant_type': 'password'. The authorization server currently only supports 'grant_type=authorization_code'."
Please help me how to achieve this flow?
回答1:
AD FS 3.0 (2012 R2) DOES NOT support grant_type=password for OAuth 2.0 but it supports grant_type=authorization_code and grant_type=refresh_token only. AD FS provides WS-Trust endpoints and you could use them instead of OAuth 2.0 endpoint for issuing and exchanging tokens. WS-Trust provides the endpoints for different types of authentication.
来源:https://stackoverflow.com/questions/20869778/does-adfs-2012-r2-support-auth2-resource-owner-password-credentials-flow