- ABP Framework version: 7.3.2
- UI Type: MVC
- Database System: EF Core (SQL Server)
- Tiered (for MVC) or Auth Server Separated (for Angular): no
- Exception message and full stack trace:
- Steps to reproduce the issue:
Using Azure AD for Login to the ABP application and trying to call PowerBI API for embed the reports.
Azure Code
Token is generated by following post. https://support.abp.io/QA/Questions/5253/Token--Authentication
But token generated while login to the application not accepted by the PowerBI API
Token is getting by the following code
public override async Task SignInAsync(IdentityUser user, AuthenticationProperties authenticationProperties, string authenticationMethod = null) { if (authenticationMethod == "AzureOpenId") // is github external login { var githubAuthenticateResult = await Context.AuthenticateAsync(IdentityConstants.ExternalScheme); if (githubAuthenticateResult.Succeeded) { if (githubAuthenticateResult.Properties != null) { authenticationProperties.StoreTokens(githubAuthenticateResult.Properties.GetTokens()); } } }
await base.SignInAsync(user, authenticationProperties, authenticationMethod);
}
}
access_token = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken);
I am trying to fetch the data from the powerBI API by passing the token, but token is not accepted by the power BI API
$.ajax({
type: "GET",
url: "https://api.powerbi.com/v1.0/myorg/groups",
headers: {
"Authorization": Bearer ${access_token}
},
contentType: "application/json; charset=utf-8",
success: function(data) {
....
We are trying the get the data from PowerBI API by using the AzureAD access token generated while login to the abp application.
But token not working for PowerBI API
Note: User has permission to access PowerBI Dashboards, Reporst, Datasets.
Please help to resolve the issue.
Thank you ABP.
5 Answer(s)
-
0
Hello Sagar.chinna,
We are trying to reproduce this issue, but it will take some time. Please have a look at the links below if you think they may be useful. https://community.fabric.microsoft.com/t5/Service/Power-BI-Rest-API-wont-accept-Application-Token/m-p/2510908 https://community.fabric.microsoft.com/t5/Service/Power-BI-Rest-API-wont-accept-Application-Token/m-p/2514468#M160047
Also could you please check you token details on https://jwt.io/ and share a screenshot of decoded details only
Please do let me know if anything else is needed.
Thank You, Anjali
-
0
-
0
-
0
Hi
i didn't do any changes suggested on this ticket https://support.abp.io/QA/Questions/5253/Token--Authentication. here is the code that i have only added to abp io new mvc template
added https://localhost:44350/signin-oidc as redirecturi in AzureAd App
Step 2 Changes in Pages/Account/Login.cshtml (note you have to create the Login.cshtm file and Account folder manually)
Login.cshtml.cs code
using Jupiter.Web; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Options; using Owl.reCAPTCHA; using System; using System.Linq; using System.Threading.Tasks; using Volo.Abp.Account.ExternalProviders; using Volo.Abp.Account.Public.Web; using Volo.Abp.Account.Public.Web.Pages.Account; using Volo.Abp.Account.Security.Recaptcha; using Volo.Abp.DependencyInjection; using Volo.Abp.Security.Claims; namespace Jupiter.Web.Pages.Account { [ExposeServices(typeof(LoginModel))] [Dependency(ReplaceServices = true)] public class AppLoginModel : LoginModel { private readonly IConfiguration _configuration; public AppLoginModel(IAuthenticationSchemeProvider schemeProvider, IOptions< AbpAccountOptions > accountOptions, IAbpRecaptchaValidatorFactory recaptchaValidatorFactory, IAccountExternalProviderAppService accountExternalProviderAppService, ICurrentPrincipalAccessor currentPrincipalAccessor, IOptions< IdentityOptions > identityOptions, IOptionsSnapshot< reCAPTCHAOptions > reCaptchaOptions, IConfiguration configuration) : base(schemeProvider, accountOptions, recaptchaValidatorFactory, accountExternalProviderAppService, currentPrincipalAccessor, identityOptions, reCaptchaOptions) { _configuration = configuration; } public override async Task< IActionResult > OnGetExternalLoginCallbackAsync(string returnUrl = "", string returnUrlHash = "", string remoteError = null) { var token = await SignInManager.GetExternalLoginInfoAsync(); var accessToken = token?.AuthenticationTokens?.FirstOrDefault(x => x.Name == "access_token"); var powerbi = new PowerBiServiceApi(_configuration, accessToken?.Value ?? string.Empty); HttpContext.Response.Cookies.Append("AuthToken", accessToken?.Value ?? string.Empty); var report = await powerbi.GetReport(Guid.Parse("workspaceid"), Guid.Parse("reportid")); return await base.OnGetExternalLoginCallbackAsync(returnUrl, returnUrlHash, remoteError); } } }
Here is the code for PowerBiServiceApi
using Microsoft.PowerBI.Api; using Microsoft.Rest; using System.Threading.Tasks; using System; using Microsoft.Extensions.Configuration; namespace Jupiter.Web { public class EmbeddedReportViewModel { public string Id; public string Name; public string EmbedUrl; public string Token; } public class PowerBiServiceApi { private string urlPowerBiServiceApiRoot { get; } private string AccessToken { get; } public PowerBiServiceApi(IConfiguration configuration, string accessToken) { this.urlPowerBiServiceApiRoot = configuration["PowerBi:ServiceRootUrl"]; AccessToken = accessToken; } public static readonly string[] RequiredScopes = new string[] { "https://analysis.windows.net/powerbi/api/Report.Read.All" }; public PowerBIClient GetPowerBiClient() { var tokenCredentials = new TokenCredentials(AccessToken, "Bearer"); return new PowerBIClient(new Uri(urlPowerBiServiceApiRoot), tokenCredentials); } public async Task<EmbeddedReportViewModel> GetReport(Guid WorkspaceId, Guid ReportId) { PowerBIClient pbiClient = GetPowerBiClient(); // Call the Power BI Service API to get embedding data var report = await pbiClient.Reports.GetReportInGroupAsync(WorkspaceId, ReportId); // Return report embedding data to caller return new EmbeddedReportViewModel { Id = report.Id.ToString(), EmbedUrl = report.EmbedUrl, Name = report.Name, Token = AccessToken }; } } }
Note i have save the azure ad access token to Cookies so you can access the token to make call while getting reports and workspace.
do let me know if this doesn't work.
-
0