ADAL:在特定机器上获取令牌时出错
ADAL: Error with getting token on specific machine
我编写了一个 C# 应用程序,用于使用 ADAL 进行身份验证将一些数据推送到 MS 服务 (PowerBI)。我在 Debian Jessie 上使用 Mono 创建并编译了它(试图尽可能接近生产环境)。它 运行 在这台机器上完美无缺,但当我将它移至生产环境时,出现错误 Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: user_realm_discovery_failed: User realm discovery failed。我读过它可能连接到 machine.config 中的 defaultProxy 设置,所以我相应地修改了我的代码,但它没有帮助。生产服务器和我的机器之间的主要区别是:
仅限命令行 (prod) -> GNOME,静态 IP -> 动态 IP。两者都是虚拟机。完整的错误输出:
Unhandled Exception:
Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: user_realm_discovery_failed: User realm discovery failed ---> System.Net.WebException: Error getting response stream (Write: failed.): SendFailure ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error code
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.RemoteValidation (Mono.Security.Protocol.Tls.ClientContext context, AlertDescription description) [0x00000] in <filename unk
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
at System.Net.HttpWebRequest.GetResponse () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpWebRequestWrapper+<GetResponseSyncOrAsync>d__2.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.IHttpWebResponse].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse+<CreateByDiscoveryAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse+<CreateByDiscoveryAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenNonInteractiveHandler+<PreTokenRequest>d__4.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter.GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase+<RunAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationResult].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext+<AcquireTokenCommonAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
ErrorCode: user_realm_discovery_failed
StatusCode: 0
[ERROR] FATAL UNHANDLED EXCEPTION: Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: user_realm_discovery_failed: User realm discovery failed ---> System.Net.WebException: Erhe authentication or decryption has failed.): SendFailure ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certifica0xffffffff800b010a
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.RemoteValidation (Mono.Security.Protocol.Tls.ClientContext context, AlertDescription description) [0x00000] in <filename unk
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
at System.Net.HttpWebRequest.GetResponse () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpWebRequestWrapper+<GetResponseSyncOrAsync>d__2.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.IHttpWebResponse].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse+<CreateByDiscoveryAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse+<CreateByDiscoveryAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenNonInteractiveHandler+<PreTokenRequest>d__4.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter.GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase+<RunAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationResult].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext+<AcquireTokenCommonAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
ErrorCode: user_realm_discovery_failed
StatusCode: 0
所有对 <filename unknown>:0 的引用也没有帮助。
编辑:我也试过在生产机器上编译它——尝试 运行
时出现同样的错误
我自己想出来了,很愚蠢的错误。我从默认的 debian 仓库安装了 mono,它们已经过时了。我实际上已经考虑过它并添加了 xamarin 最新的回购协议,但我没有注意到在 apt-get upgrade 上,单声道包被保留了下来。 apt-get distro-upgrade 全部修复。只需要小心这个命令 - 可能会弄乱你的系统。
我编写了一个 C# 应用程序,用于使用 ADAL 进行身份验证将一些数据推送到 MS 服务 (PowerBI)。我在 Debian Jessie 上使用 Mono 创建并编译了它(试图尽可能接近生产环境)。它 运行 在这台机器上完美无缺,但当我将它移至生产环境时,出现错误 Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: user_realm_discovery_failed: User realm discovery failed。我读过它可能连接到 machine.config 中的 defaultProxy 设置,所以我相应地修改了我的代码,但它没有帮助。生产服务器和我的机器之间的主要区别是:
仅限命令行 (prod) -> GNOME,静态 IP -> 动态 IP。两者都是虚拟机。完整的错误输出:
Unhandled Exception:
Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: user_realm_discovery_failed: User realm discovery failed ---> System.Net.WebException: Error getting response stream (Write: failed.): SendFailure ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error code
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.RemoteValidation (Mono.Security.Protocol.Tls.ClientContext context, AlertDescription description) [0x00000] in <filename unk
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
at System.Net.HttpWebRequest.GetResponse () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpWebRequestWrapper+<GetResponseSyncOrAsync>d__2.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.IHttpWebResponse].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse+<CreateByDiscoveryAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse+<CreateByDiscoveryAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenNonInteractiveHandler+<PreTokenRequest>d__4.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter.GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase+<RunAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationResult].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext+<AcquireTokenCommonAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
ErrorCode: user_realm_discovery_failed
StatusCode: 0
[ERROR] FATAL UNHANDLED EXCEPTION: Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: user_realm_discovery_failed: User realm discovery failed ---> System.Net.WebException: Erhe authentication or decryption has failed.): SendFailure ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certifica0xffffffff800b010a
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.RemoteValidation (Mono.Security.Protocol.Tls.ClientContext context, AlertDescription description) [0x00000] in <filename unk
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename unknown>:0
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
at System.Net.HttpWebRequest.GetResponse () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.HttpWebRequestWrapper+<GetResponseSyncOrAsync>d__2.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.IHttpWebResponse].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse+<CreateByDiscoveryAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse+<CreateByDiscoveryAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.UserRealmDiscoveryResponse].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenNonInteractiveHandler+<PreTokenRequest>d__4.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter.GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase+<RunAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at System.Runtime.CompilerServices.TaskAwaiter`1[Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationResult].GetResult () [0x00000] in <filename unknown>:0
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext+<AcquireTokenCommonAsync>d__0.MoveNext () [0x00000] in <filename unknown>:0
ErrorCode: user_realm_discovery_failed
StatusCode: 0
所有对 <filename unknown>:0 的引用也没有帮助。
编辑:我也试过在生产机器上编译它——尝试 运行
时出现同样的错误我自己想出来了,很愚蠢的错误。我从默认的 debian 仓库安装了 mono,它们已经过时了。我实际上已经考虑过它并添加了 xamarin 最新的回购协议,但我没有注意到在 apt-get upgrade 上,单声道包被保留了下来。 apt-get distro-upgrade 全部修复。只需要小心这个命令 - 可能会弄乱你的系统。