身份validation在调试时成功但在Azure App Service上失败
我只是使用CSOM使用以下方法从SharePoint获取一些用户。 这一直对我有用,我没有任何问题。
突然间,当我今天尝试调用此方法时,它会因此错误而失败
The sign-in name or password does not match one in the Microsoft account system. at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String securityXml, String serviceTarget, String servicePolicy) at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String username, String password, String serviceTarget, String servicePolicy) at Microsoft.SharePoint.Client.Idcrl.SharePointOnlineAuthenticationProvider.GetAuthenticationCookie(Uri url, String username, SecureString password, Boolean alwaysThrowOnFailure, EventHandler`1 executingWebRequest) at Microsoft.SharePoint.Client.SharePointOnlineCredentials.GetAuthenticationCookie(Uri url, Boolean refresh, Boolean alwaysThrowOnFailure) at Microsoft.SharePoint.Client.ClientRuntimeContext.SetupRequestCredential(ClientRuntimeContext context, HttpWebRequest request) at Microsoft.SharePoint.Client.SPWebRequestExecutor.GetRequestStream() at Microsoft.SharePoint.Client.ClientContext.GetFormDigestInfoPrivate() at Microsoft.SharePoint.Client.ClientContext.EnsureFormDigest() at Microsoft.SharePoint.Client.ClientContext.ExecuteQuery() at SharePointLibrary.SPClient.GetAllUsers() in C:\Users\bassie\source\repos\TFS\ADVWKSP\SharePointLibrary\SPClientUsers.cs:line 39 但它只有在发布到Azure后才会失败。
我已将用于Azure应用程序流的用户名和密码记录下来,并且它们肯定是正确的,并且在我的计算机上进行调试时使用的是相同的。
这怎么可能? 我疯了吗?
构造函数
public SPClient(string url) { baseUrl = url; var userName = ConfigurationManager.ConnectionStrings["SPsvcUsername"].ConnectionString; var password = ConfigurationManager.ConnectionStrings["SPsvcPassword"].ConnectionString; Trace.TraceInformation(userName); Trace.TraceInformation(password); var securePassword = new SecureString(); foreach (var c in password) { securePassword.AppendChar(c); } credentials = new SharePointOnlineCredentials(userName, securePassword); }
获取用户方法
public IEnumerable GetAllUsers() { var spUsers = new List(); using (var clientContext = new ClientContext(baseUrl)) { clientContext.Credentials = credentials; var web = clientContext.Web; var list = clientContext.Web.SiteUserInfoList; var users = list.GetItems(new CamlQuery()); clientContext.Load(users, includes => includes.Include( f => f["GUID"], f => f["FirstName"], f => f["LastName"], f => f["UserName"], f => f["Picture"], f => f.DisplayName)); clientContext.ExecuteQuery(); foreach (var user in users) { var imagePath = (FieldUrlValue)user.FieldValues["Picture"]; spUsers.Add(new SharePointUser() { FirstName = (user.FieldValues["FirstName"] is string firstName) ? firstName : string.Empty, LastName = (user.FieldValues["LastName"] is string lastName) ? lastName : string.Empty, UserName = (user.FieldValues["UserName"] is string userName) ? userName.ToLower() : string.Empty, ImagePath = (user.FieldValues["Picture"] is FieldUrl pictureUrl) ? pictureUrl.ToString() : string.Empty, DisplayName = user.DisplayName }); } } return spUsers; }
由于凭据是正确的,因此可能启用了多重身份validation,并且策略可能会为此帐户触发它。 如果是这种情况,您可以为该特定帐户停用MFA。
此外,作为PnP核心库一部分的AuthenticationManager类可能是有益的,因为它有助于各种身份validation方案。