为什么我的 Azure 网站不接受 OAuth 令牌?
Why isn't my Azure Website accepting OAuth tokens?
我希望我的应用程序在使用 Azure 网站托管时接受 OAuth 令牌。我有以下内容:
web.config 网络应用
<appSettings>
<add key="ida:Realm" value="https://example.com/development" />
<add key="ida:AudienceUri" value="https://example.com/development" />
<add key="ida:Tenant" value="example.com" />
</appSettings>
Startup.cs 网络应用
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Microsoft.AspNet.SignalR;
using Microsoft.Owin;
using Owin;
using Microsoft.Owin.Security.ActiveDirectory;
using System.Configuration;
[assembly: OwinStartup(typeof(MyApplication.Web.Startup))]
namespace MyApplication.Web
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
ConfigureAuth(app);
}
public void ConfigureAuth(IAppBuilder app)
{
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters()
{
ValidAudience = ConfigurationManager.AppSettings["ida:AudienceUri"]
},
Tenant = ConfigurationManager.AppSettings["ida:Tenant"]
});
}
}
}
Main.cs
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System.Globalization;
using System.Net.Http;
using System.Net.Http.Headers;
void Main()
{
var clientId = @"GUIDGUIDGUID";
var key = @"KEYKEYKEYKEYKEY";
var aadInstance = "https://login.windows.net/{0}";
var tenant = "example.com";
var authContext = new AuthenticationContext(String.Format(CultureInfo.InvariantCulture, aadInstance, tenant), true);
var credential = new ClientCredential(clientId, key);
authContext.TokenCache.Clear();
var token = authContext.AcquireToken(@"https://example.com/development", credential);
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.AccessToken);
var response = client.GetAsync(@"https://app.example.com/").Result;
var responseText = response.Content.ReadAsStreamAsync().Result;
Console.Write(new StreamReader(responseText).ReadToEnd());
}
}
谁能提供一些指导?
原来我是在使用 Uri
class 来验证 App ID URI。问题是,它在末尾添加了一个尾部斜杠,这会导致问题。一旦我开始使用 string
class 来存储 App ID URI,就没问题了。
因此请确保您使用的值与 Azure AD 中看到的值完全相同!
我希望我的应用程序在使用 Azure 网站托管时接受 OAuth 令牌。我有以下内容:
web.config 网络应用
<appSettings>
<add key="ida:Realm" value="https://example.com/development" />
<add key="ida:AudienceUri" value="https://example.com/development" />
<add key="ida:Tenant" value="example.com" />
</appSettings>
Startup.cs 网络应用
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Microsoft.AspNet.SignalR;
using Microsoft.Owin;
using Owin;
using Microsoft.Owin.Security.ActiveDirectory;
using System.Configuration;
[assembly: OwinStartup(typeof(MyApplication.Web.Startup))]
namespace MyApplication.Web
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
ConfigureAuth(app);
}
public void ConfigureAuth(IAppBuilder app)
{
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters()
{
ValidAudience = ConfigurationManager.AppSettings["ida:AudienceUri"]
},
Tenant = ConfigurationManager.AppSettings["ida:Tenant"]
});
}
}
}
Main.cs
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System.Globalization;
using System.Net.Http;
using System.Net.Http.Headers;
void Main()
{
var clientId = @"GUIDGUIDGUID";
var key = @"KEYKEYKEYKEYKEY";
var aadInstance = "https://login.windows.net/{0}";
var tenant = "example.com";
var authContext = new AuthenticationContext(String.Format(CultureInfo.InvariantCulture, aadInstance, tenant), true);
var credential = new ClientCredential(clientId, key);
authContext.TokenCache.Clear();
var token = authContext.AcquireToken(@"https://example.com/development", credential);
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.AccessToken);
var response = client.GetAsync(@"https://app.example.com/").Result;
var responseText = response.Content.ReadAsStreamAsync().Result;
Console.Write(new StreamReader(responseText).ReadToEnd());
}
}
谁能提供一些指导?
原来我是在使用 Uri
class 来验证 App ID URI。问题是,它在末尾添加了一个尾部斜杠,这会导致问题。一旦我开始使用 string
class 来存储 App ID URI,就没问题了。
因此请确保您使用的值与 Azure AD 中看到的值完全相同!