参考:Microsoft 标识平台和 OAuth 2.0 代理流 https://learn.microsoft.com/ZH-CN/entra/identity-platform/v2-oauth2-on-behalf-of-flow
/// <summary> /// 获取B数据 /// </summary> /// <returns></returns> public async Task<RestResponse> GetEmdData() { var tokenResponse = await GetToEMDToken(); string url = MaintenanceConsts.GETEMDDATAURL; string token = tokenResponse.AccessToken; var client = new RestClient(_emdBaseUrl); var request = new RestRequest(url); request.AddHeader("Authorization", "Bearer " + token); var response = await client.GetAsync(request); return response; } /// <summary> /// 获取访问B的token /// </summary> /// <returns></returns> private async Task<TokenResponse> GetToEMDToken() { try { var authorization = _httpContextAccessor.HttpContext.Request.Headers["Authorization"]; var accessToken = authorization.Any() ? authorization.ToString() : ""; string baseUrl = _instance + _tenantId + "/"; string assertion = accessToken?.Replace("Bearer ", ""); var options = new RestClientOptions(baseUrl); using var client = new RestClient(options); var request = new RestRequest(MaintenanceConsts.GETEMDTOKENURL) .AddHeader("Content-Type", MaintenanceConsts.CONTENTTYPE) .AddParameter("grant_type", MaintenanceConsts.GRANTTYPE) .AddParameter("client_id", _clientId) .AddParameter("client_secret", _clientSecret) .AddParameter("assertion", assertion) .AddParameter("scope", _emdScope) .AddParameter("requested_token_use", MaintenanceConsts.REQUESTEDTOKENUSE); var response = await client.PostAsync<TokenResponse>(request); return response; } catch (Exception ex) { _logger.LogError(ex.Message); _logger.LogError(ex.ToString()); throw; } }