我编写了一个Web应用程序,该应用程序使用OAuth 2.0 Web服务器流连接到Salesforce API,并且一切正常.
I wrote a web application which connects to the Salesforce API using the OAuth 2.0 web server flow, and that all works fine.
但是现在需要从WinForms桌面应用程序访问Salesforce API,这很困难.Salesforce建议对桌面应用程序使用User-Agent或隐式流程.
But now there is a requirement to access the Salesforce API from a WinForms desktop application and I'm stuck. Salesforce suggest using the User-Agent, or implict, flow for desktop applications.
Salesforce在此处描述了流程- https://help.salesforce.com/articleView?id = remoteaccess_oauth_user_agent_flow.htm& type = 5
The flow is described by Salesforce here - https://help.salesforce.com/articleView?id=remoteaccess_oauth_user_agent_flow.htm&type=5
I've created a WinForms application and used the CefSharp library to embed a browser. I can open a web page in the embedded browser using the URL syntax shown in the article, e.g.
https://login.salesforce.com/services/oauth2/authorize?response_type=token& client_id = 客户ID & redirect_uri = REDIRECT_URI
But I don't know where to go from here.
I'm guessing the redirect URI has to be a public endpoint, but how would the token returned by Salesforce to the URI finds it's way back to my desktop application so it can be used in the headers of WebRequests to access the API.
I would be grateful for any help, pointers, sample code, etc.
重定向uri不必是公共的.它可以是 localhost:somePort
redirect uri doesn't have to be public. It can be localhost:somePort
and your application would have to be listening to traffic on that port.
例如,如果您想使用SFDX CLI + Visual Studio Code开发SF代码-有一种不错的授权访问SF org的方法,您可以在网站上键入凭据,但是一切都很好-OAuth会发送到 localhost:1717
.只要在此端口上没有其他监听,就可以了.与Salesforce Data Loader相似-您可以键入用户名并将其传递给它,但是它也具有基于Web的流程.有时,这实际上是唯一的选择,如果您的SF管理员启用了单一登录",并且可以通过Active Directory/Google/Facebook/...进行身份验证-您可能无法使用SF用户名和密码.
For example if you want to develop SF code using SFDX CLI + Visual Studio Code - there's a nice way to authorise access to SF org where you type your credentials on the website but when all is good - the OAuth piece gets sent to localhost:1717
. As long as nothing else is listening on this port you're fine. Similar with Salesforce Data Loader - you can type username and pass to it but it also has this web-based flow. And sometimes it's the only option really, if your SF admin enabled Single Sign-On that authenticates against Active Directory/Google/Facebook/... - you might not be able to use SF username and password.
My C# days are long gone but listening on a port on local machine shouldn't be the end of the world? You shouldn't need a full-blown web server bundled with your app...
https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow 有一些很好的理论
这篇关于如何在WinForms应用程序中使用Salesforce OAuth 2.0隐式流身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!