oauth-2.0 - 使用 MSAL 库获取访问 token 时随机获取请求超时 "confidentialClientApplication.AcquireTokenForClient"

Question

我有一项使用 EWS 与 Outlook Exchange Online 进行通信的服务。它具有 OAuth 身份验证，并且该 AppID 已在 Azure 门户上注册。我能够生成访问 token 并成功与交易所进行在线通信。

但是，在使用 MSAL 库方法“confidentialClientApplication.AcquireTokenForClient”生成 token 时，随机出现请求超时。

请注意，我的服务从不同的地方发生了许多调用，那么是否是由于许多调用导致失败？我认为重试逻辑是内置的，在日志中我也看到类似的事情。 处理此问题的推荐方法是什么？

访问 token 代码

private async Task<string> GetAccessToken()
{
     try
     {
     
         var confidentialClientApplication = ConfidentialClientApplicationBuilder.Create(ExchangeOnlineConfiguration.ClientId)
                                                            .WithTenantId(ExchangeOnlineConfiguration.TenantId)
                                                            .WithClientSecret(ExchangeOnlineConfiguration.ClientSecret)
                                                            .Build();
         var authenticationResult = await confidentialClientApplication.
             AcquireTokenForClient(new[] { ExchangeOnlineConfiguration.DefaultScope }).ExecuteAsync();

         var accessToken = authenticationResult.AccessToken;
         return accessToken;
     }
     catch (Exception ex)
     {
         ContentLogger.logger.Error($"GetAccessToken failed! Exception Details {ex} ");
         throw;
     }
 }

异常(exception):

GetAccessToken failed! Exception Details MSAL.Desktop.4.14.0.0.MsalServiceException:
ErrorCode: request_timeout
Microsoft.Identity.Client.MsalServiceException: Request to the endpoint timed out. ---> System.Threading.Tasks.TaskCanceledException: A task was canceled.
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Http.HttpManager.<ExecuteAsync>d_10.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Http.HttpManager.<ExecuteWithRetryAsync>d8.MoveNext()
--- End of inner exception stack trace ---
at Microsoft.Identity.Client.Http.HttpManager.<ExecuteWithRetryAsync>d8.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Http.HttpManager.<ExecuteWithRetryAsync>d8.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Http.HttpManager.<SendPostAsync>d4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Http.HttpManager.<SendPostAsync>d3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.OAuth2.OAuth2Client.<ExecuteRequestAsync>d11`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.OAuth2.OAuth2Client.<GetTokenAsync>d10.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.OAuth2.TokenClient.<SendHttpAndClearTelemetryAsync>d8.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.Identity.Client.OAuth2.TokenClient.<SendHttpAndClearTelemetryAsync>d8.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.OAuth2.TokenClient.<SendTokenRequestAsync>d5.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.RequestBase.<SendTokenRequestAsync>d21.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.ClientCredentialRequest.<FetchNewAccessTokenAsync>d3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.ClientCredentialRequest.<ExecuteAsync>d2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.RequestBase.<RunAsync>d14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.ApiConfig.Executors.ConfidentialClientExecutor.<ExecuteAsync>d3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at GetAccessToken>d_11.MoveNext() in   

Answer 1

异步获取多个 token 似乎不起作用。 每个 token 缓存一个 secret 客户端应用程序。

For Client Credentials flow a singleton should work fine. You are requesting tokens for an application, not for a user. There will only be 1 access token in the in-memory cache (for the app), irrespective of how many users and sessions there are

Note that you're not providing a token cache implementation, which means that MSAL will cache tokens in memory (in this case the one access token).

可以引用这个question .