Adal for Flask WebApp Azure 将无法运行
Adal for Flask WebApp Azure will not work
我已无计可施,试图为我的 Flask web 应用程序获取 Azure Active Directory 用户身份验证。在尝试任何用户身份验证之前,它是有效的,但现在我已经按照我能找到的所有示例进行操作,但我不知道我做错了什么。也许我完全走错了路,但如果有人能告诉我我做错了什么,我可以使用一些反馈。它既不能在本地主机上运行,也不能在网站本身上运行。在网站上,我只收到请求超时的 500 错误。在本地主机上,它会为我提供登录请求,但随后 returns 出现错误。
我已逐步遵循此文档:
https://github.com/Azure-Samples/active-directory-python-webapp-graphapi
我在 Azure Active Directory 中注册了我的 webapp,并将 App IDU URI 设置为:
https://{company_domain.com}/{appname}
主页URL到:
https://{appname}.azurewebsites.net
回复URLs 至:
https://{appname}.azurewebsites.net
允许委派权限的必需权限 "Sign in and read user profile"
在我的代码中,我创建了一个 config.py 文件,如下所示:
RESOURCE = "https://{app_name}.azurewebsites.net"
TENANT = "{company_domain_name.com}"
AUTHORITY_HOST_URL = "https://login.microsoftonline.com"
CLIENT_ID = "{client_id}" # copy the Application ID of your app from your Azure portal
CLIENT_SECRET = "{client_secret_key}" # copy the value of key you generated when setting up the application
然后在我的 init.py 文件中有以下代码:
from flask import Flask, render_template, Response, session, request, url_for, redirect
import adal
import config
import requests
import uuid
AUTHORITY_URL = config.AUTHORITY_HOST_URL + '/' + config.TENANT
REDIRECT_URI = 'https://{appname}.azurewebsites.net/getAtoken'
TEMPLATE_AUTHZ_URL = ('https://login.microsoftonline.com/{}/oauth2/authorize?' +
'response_type=code&client_id={}&redirect_uri={}&' +
'state={}&resource={}')
@app.route("/")
def main():
login_url = 'http://<app_name>.azurewebsites.net/login'
resp = Response(status=307)
resp.headers['location'] = login_url
return resp
@app.route("/login")
def login():
auth_state = str(uuid.uuid4())
session['state'] = auth_state
authorization_url = TEMPLATE_AUTHZ_URL.format(
config.TENANT,
config.CLIENT_ID,
REDIRECT_URI,
auth_state,
config.RESOURCE)
resp = Response(status=307)
resp.headers['location'] = authorization_url
return resp
@app.route("/getAToken")
def main_logic():
code = request.args['code']
state = request.args['state']
if state != session['state']:
raise ValueError("State does not match")
auth_context = adal.AuthenticationContext(AUTHORITY_URL)
token_response = auth_context.acquire_token_with_authorization_code(code, REDIRECT_URI, config.RESOURCE,
config.CLIENT_ID, config.CLIENT_SECRET)
Flask.session['access_token'] = token_response['accessToken']
return Flask.redirect('/index')
@app.route('/index')
def index():
if 'access_token' not in session:
return redirect(url_for('login'))
endpoint = config.RESOURCE + '/' + config.API_VERSION + '/me/'
http_headers = {'Authorization': session.get('access_token'),
'User-Agent': 'adal-python-sample',
'Accept': 'application/json',
'Content-Type': 'application/json',
'client-request-id': str(uuid.uuid4())}
return render_template('index.html')
On the local host, it'll get me the sign in request, but then it returns an error after that.
表示回复url不匹配。您可以为已注册的 Azure AD WebApp 添加回复 url (http://localhost:5000/getAToken)。如果你想 运行 它在本地和 azure 平台,你可以在回复 urls.
中添加两者。
本地测试
On the website, I just get a 500 error that the request timed out
WebApp好像没有正确开发。
有关如何在 Azure App Service 上设置 Python 环境的更多信息,请参阅此 tutorial.
我已无计可施,试图为我的 Flask web 应用程序获取 Azure Active Directory 用户身份验证。在尝试任何用户身份验证之前,它是有效的,但现在我已经按照我能找到的所有示例进行操作,但我不知道我做错了什么。也许我完全走错了路,但如果有人能告诉我我做错了什么,我可以使用一些反馈。它既不能在本地主机上运行,也不能在网站本身上运行。在网站上,我只收到请求超时的 500 错误。在本地主机上,它会为我提供登录请求,但随后 returns 出现错误。
我已逐步遵循此文档:
https://github.com/Azure-Samples/active-directory-python-webapp-graphapi
我在 Azure Active Directory 中注册了我的 webapp,并将 App IDU URI 设置为:
https://{company_domain.com}/{appname}
主页URL到:
https://{appname}.azurewebsites.net
回复URLs 至:
https://{appname}.azurewebsites.net
允许委派权限的必需权限 "Sign in and read user profile"
在我的代码中,我创建了一个 config.py 文件,如下所示:
RESOURCE = "https://{app_name}.azurewebsites.net"
TENANT = "{company_domain_name.com}"
AUTHORITY_HOST_URL = "https://login.microsoftonline.com"
CLIENT_ID = "{client_id}" # copy the Application ID of your app from your Azure portal
CLIENT_SECRET = "{client_secret_key}" # copy the value of key you generated when setting up the application
然后在我的 init.py 文件中有以下代码:
from flask import Flask, render_template, Response, session, request, url_for, redirect
import adal
import config
import requests
import uuid
AUTHORITY_URL = config.AUTHORITY_HOST_URL + '/' + config.TENANT
REDIRECT_URI = 'https://{appname}.azurewebsites.net/getAtoken'
TEMPLATE_AUTHZ_URL = ('https://login.microsoftonline.com/{}/oauth2/authorize?' +
'response_type=code&client_id={}&redirect_uri={}&' +
'state={}&resource={}')
@app.route("/")
def main():
login_url = 'http://<app_name>.azurewebsites.net/login'
resp = Response(status=307)
resp.headers['location'] = login_url
return resp
@app.route("/login")
def login():
auth_state = str(uuid.uuid4())
session['state'] = auth_state
authorization_url = TEMPLATE_AUTHZ_URL.format(
config.TENANT,
config.CLIENT_ID,
REDIRECT_URI,
auth_state,
config.RESOURCE)
resp = Response(status=307)
resp.headers['location'] = authorization_url
return resp
@app.route("/getAToken")
def main_logic():
code = request.args['code']
state = request.args['state']
if state != session['state']:
raise ValueError("State does not match")
auth_context = adal.AuthenticationContext(AUTHORITY_URL)
token_response = auth_context.acquire_token_with_authorization_code(code, REDIRECT_URI, config.RESOURCE,
config.CLIENT_ID, config.CLIENT_SECRET)
Flask.session['access_token'] = token_response['accessToken']
return Flask.redirect('/index')
@app.route('/index')
def index():
if 'access_token' not in session:
return redirect(url_for('login'))
endpoint = config.RESOURCE + '/' + config.API_VERSION + '/me/'
http_headers = {'Authorization': session.get('access_token'),
'User-Agent': 'adal-python-sample',
'Accept': 'application/json',
'Content-Type': 'application/json',
'client-request-id': str(uuid.uuid4())}
return render_template('index.html')
On the local host, it'll get me the sign in request, but then it returns an error after that.
表示回复url不匹配。您可以为已注册的 Azure AD WebApp 添加回复 url (http://localhost:5000/getAToken)。如果你想 运行 它在本地和 azure 平台,你可以在回复 urls.
中添加两者。本地测试
On the website, I just get a 500 error that the request timed out
WebApp好像没有正确开发。 有关如何在 Azure App Service 上设置 Python 环境的更多信息,请参阅此 tutorial.