ADAL .Net Core nuget package does not support UserPasswordCredential

c# authentication azure-active-directory .net-core adal
racha picture racha · Sep 9, 2016 · Viewed 7.1k times · Source

In ADAL.Net 3.x UserPasswordCredential is introduced on top of UserCredential from 2.x. But the same UserPasswordCredential is not exposed in the .Net Core under the same nuget package?

UserCredential class has only one property UserName

namespace Microsoft.IdentityModel.Clients.ActiveDirectory
{
    //
    // Summary:
    //     Credential used for integrated authentication on domain-joined machines.
    public class UserCredential
    {
        //
        // Summary:
        //     Constructor to create user credential. Using this constructor would imply integrated
        //     authentication with logged in user and it can only be used in domain joined scenarios.
        public UserCredential();
        //
        // Summary:
        //     Constructor to create credential with client id and secret
        //
        // Parameters:
        //   userName:
        //     Identifier of the user application requests token on behalf.
        public UserCredential(string userName);

        //
        // Summary:
        //     Gets identifier of the user.
        public string UserName { get; }
    }
}

Since UserPasswordCredential is not available in .NetCore and UserCredential takes only one parameter username, how to input the password of the user and implement below code in .Net Core?

authContext.AcquireTokenAsync(WebAPIResourceId, ClientId, userPasswordCredential);

I am using ADAL 3.13.4 version specifically in .Net Core 1.0 version

Answer

Fei Xue - MSFT picture Fei Xue - MSFT · Sep 20, 2016

To use the resource owner password credentials grant flow to get the access token for Azure AD, we can call the http request diectly using the HttpClient. Here is an example for your reference :

HttpClient client = new HttpClient();
string tokenEndpoint = "https://login.microsoftonline.com/{tenantId}/oauth2/token";
var body = "resource={resourceUrl}&client_id={clientId}&grant_type=password&username={userName}&password={password}";
var stringContent = new StringContent(body, Encoding.UTF8, "application/x-www-form-urlencoded");

var result=await client.PostAsync(tokenEndpoint, stringContent).ContinueWith<string>((response) =>
{
    return response.Result.Content.ReadAsStringAsync().Result;
});

JObject jobject = JObject.Parse(result);

var token = jobject["access_token"].Value<string>();

Related questions

How to authenticate user with Azure Active Directory using OAuth 2.0?

I have a REST API written in C# and I need to authenticate with an existing Azure AD service. I currently have the username and password of the user wishing to authenticate. I need to authenticate with Azure AD and …

Read More
Authenticating with Windows Azure Active Directory directly without opening web browser

I referred this question and this MSDN post, but couldn't get the problem fixed. Below code demonstrates how to perform the WAAD authentication using web browser: AuthenticationContext auth = new AuthenticationContext("https://login.windows.net/" + myDomain); AuthenticationResult result = auth.AcquireToken(resource, …

Read More
Validate a username and password against Active Directory?

How can I validate a username and password against Active Directory? I simply want to check if a username and password are correct.

Read More