c# - 调试时身份验证成功,但在 Azure 应用服务上失败
问题描述
我只是通过以下方法使用 CSOM 从 SharePoint 获取一些用户。这一直对我有用,我没有任何问题。
突然之间,当我今天尝试调用此方法时,它失败并出现此错误
The sign-in name or password does not match one in the Microsoft account system.
at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String securityXml, String serviceTarget, String servicePolicy)
at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String username, String password, String serviceTarget, String servicePolicy)
at Microsoft.SharePoint.Client.Idcrl.SharePointOnlineAuthenticationProvider.GetAuthenticationCookie(Uri url, String username, SecureString password, Boolean alwaysThrowOnFailure, EventHandler`1 executingWebRequest)
at Microsoft.SharePoint.Client.SharePointOnlineCredentials.GetAuthenticationCookie(Uri url, Boolean refresh, Boolean alwaysThrowOnFailure)
at Microsoft.SharePoint.Client.ClientRuntimeContext.SetupRequestCredential(ClientRuntimeContext context, HttpWebRequest request)
at Microsoft.SharePoint.Client.SPWebRequestExecutor.GetRequestStream()
at Microsoft.SharePoint.Client.ClientContext.GetFormDigestInfoPrivate()
at Microsoft.SharePoint.Client.ClientContext.EnsureFormDigest()
at Microsoft.SharePoint.Client.ClientContext.ExecuteQuery()
at SharePointLibrary.SPClient.GetAllUsers() in C:\Users\bassie\source\repos\TFS\ADVWKSP\SharePointLibrary\SPClientUsers.cs:line 39
但它仅在发布到 Azure 后才会失败。
我已经记录了用于 Azure 应用程序流的用户名和密码,它们绝对正确,并且在我的机器上调试时使用的相同。
这怎么可能?我要疯了吗?
构造函数
public SPClient(string url)
{
baseUrl = url;
var userName = ConfigurationManager.ConnectionStrings["SPsvcUsername"].ConnectionString;
var password = ConfigurationManager.ConnectionStrings["SPsvcPassword"].ConnectionString;
Trace.TraceInformation(userName);
Trace.TraceInformation(password);
var securePassword = new SecureString();
foreach (var c in password)
{
securePassword.AppendChar(c);
}
credentials = new SharePointOnlineCredentials(userName, securePassword);
}
获取用户方法
public IEnumerable<SharePointUser> GetAllUsers()
{
var spUsers = new List<SharePointUser>();
using (var clientContext = new ClientContext(baseUrl))
{
clientContext.Credentials = credentials;
var web = clientContext.Web;
var list = clientContext.Web.SiteUserInfoList;
var users = list.GetItems(new CamlQuery());
clientContext.Load(users, includes => includes.Include(
f => f["GUID"],
f => f["FirstName"],
f => f["LastName"],
f => f["UserName"],
f => f["Picture"],
f => f.DisplayName));
clientContext.ExecuteQuery();
foreach (var user in users)
{
var imagePath = (FieldUrlValue)user.FieldValues["Picture"];
spUsers.Add(new SharePointUser()
{
FirstName = (user.FieldValues["FirstName"] is string firstName) ? firstName : string.Empty,
LastName = (user.FieldValues["LastName"] is string lastName) ? lastName : string.Empty,
UserName = (user.FieldValues["UserName"] is string userName) ? userName.ToLower() : string.Empty,
ImagePath = (user.FieldValues["Picture"] is FieldUrl pictureUrl) ? pictureUrl.ToString() : string.Empty,
DisplayName = user.DisplayName
});
}
}
return spUsers;
}
解决方案
由于凭据是正确的,因此可能启用了多重身份验证,并且策略可能正在为此帐户触发它。如果是这种情况,您可以为该特定帐户禁用 MFA。
此外,作为PnP 核心库一部分的 AuthenticationManager 类可能是有益的,因为它有助于各种身份验证方案。
推荐阅读
- python - Matplotlib 子图
- angular - Angular 可观察数组,由 http 请求和手动添加的数据填充
- windows - 如何阻止 WinDbg 缩小其窗口?
- swift - 在 MPSCNNGraph 的输入处使用负浮点值
- php - Laravel 5.2 w/ Yajra 数据表,在对象的读取视图中,如何显示父模型的 hasMany 子级的所有数据表?
- javascript - 将 Javascript 对象转换为不同的替代数组保留键
- c# - 等待来自 PowerShell 的异步 C# 方法
- css - 实际画布文本尺寸
- javascript - 使用 javascript 启用禁用的 html 按钮
- javascript - 输入为“空”。如何用日期计算输入值?