使用AutoRest C＃客户端访问带有承载令牌的Web API - TokenCredentials不起作用

EDIT 10/24 我认为这很可能是用户错误 - 在深入研究这个问题之前，请参阅下面的答案以获得补救措施

TL;DR: 对于我的OAuth 2.0代码流程...

为什么我的TokenCredentials无法与我的AutoRest客户端一起使用？我没有应用于请求/没有授权标头集的承载令牌

I know my pipeline works already..

使用this azure sample中的代码，这不是一个AutoRest客户端，我可以成功获取我的 access_token 并可以从我受保护的Web API项目中获取JSON ..所以我排除了所有必备的东西..我知道我的管道工作

My AutoRest setup..

1.）从GitHub this AutoRest repo v1.1.0下载

2.）将我的招摇JSON下载到磁盘，保存为 swagger.json

3.）运行此命令行以生成C＃文件：

autorest --input-file=swagger.json --csharp --output-folder=MyCorp_ApiClient_Tsl --namespace='MyCorp.ApiClient' --add-credentials

4.）将生成的类复制到我的.NET 4.6.2网站中

5.）这些是我的NuGets：

- Microsoft.Rest.ClientRuntime version="2.3.8" 
- Microsoft.Rest.ClientRuntime.Azure.Authentication version="2.3.1" 
- Microsoft.IdentityModel.Clients.ActiveDirectory version="2.28.3"

Here's what's not working:

AdalTokenHelper tokenHelper = new AdalTokenHelper();//helper code further below

    string token = await tokenHelper.GetTokenString();
    var svcClientCreds = new TokenCredentials(token, "Bearer");

    client = new MyCorp.ApiClient(new Uri(apiRsrcUrl), svcClientCreds, 
    new DelegatingHandler[] { new MyAzureTracingHandler() });

    //make call to OData controller...        
    MyCorp.ApiClient.Models.ODataResponseListStatus statusList = await client.Status.GetStatusAsync(expand: "StatusType",cancellationToken: defaultCancelThreadToken);

    return View(statusList.Value);

我 TokenCredentials ，但无论如何，我可以将我的断点放在 MyAzureTracingHandler 中并看到请求没有应用授权 Headers ..所以我得到了预期的 401 Unauthorized 响应 .

如果我修改 MyAzureTracingHandler 以接受我的 TokenCredentials 实例，那么我可以强制请求应用相应的承载令牌 .

This works, but, feels hack-ish:

我从此更改了原始客户端实例化代码段：

client = new ApiClient(new Uri(apiRsrcUrl), svcClientCreds, 
 new DelegatingHandler[] { new MyAzureTracingHandler() });

对此：

client = new ApiClient(new Uri(apiRsrcUrl), svcClientCreds, 
 new DelegatingHandler[] { new MyAzureTracingHandler(svcClientCreds) });

在 MyAzureTracingHander 的 SendAsync 方法中，我这样做：

await svcClientCreds.ProcessHttpRequestAsync(request, cancellationToken);

难道我做错了什么？在实例化我的客户端时，我认为我不应该两次传递 ServiceClientCredentials .

Appendix A - Getting access token via ADAL:

private string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
    private string appKey = ConfigurationManager.AppSettings["ida:ClientSecret"];
    private string tslResourceID = ConfigurationManager.AppSettings["ross:TslWebApiResourceId"];
    private static string loginRedirectUri = ConfigurationManager.AppSettings["ross:LoginRedirectUri"];

    private AuthenticationContext authContext;
    private AuthenticationResult authenticationResult;

    public async Task<string> GetTokenString()
    {
        string signedInUserID = ClaimsPrincipal.Current.FindFirst(ClaimTypes.NameIdentifier).Value;
        string tenantID = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid").Value;
        string userObjectID = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;

        try
        {
            // get a token for the Graph without triggering any user interaction (from the cache, via multi-resource refresh token, etc)
            ClientCredential clientcred = new ClientCredential(clientId, appKey);

            // initialize AuthenticationContext with the token cache of the currently signed in user, as kept in the app's database
            authContext = new AuthenticationContext(Startup.Authority, new ADALTokenCache(userObjectID));


            UserIdentifier userIdentifier = new UserIdentifier(userObjectID, UserIdentifierType.UniqueId);

            authenticationResult = await authContext.AcquireTokenSilentAsync(tslResourceID, clientcred, userIdentifier);
        }
        catch(AdalException ex)
        {
            throw ex;
        }
        return authenticationResult.AccessToken;
    }