MSAL js、AAD B2C 多重身份验证、400 错误请求、请求 header 太长
MSAL js, AAD B2C Multi Factor Authentication, 400 Bad Request, Request header too long
MSAL js 版本:v0.2.4;
Chrome 版本:79.0.3945.88(正式版)(64 位)
从各种post了解到,由于cookie堆积,我们看到'400 Bad Request - Request header too long',但事实并非如此发生在我所有的开发环境中。
我想知道,为什么它不在本地环境中(运行 来自 VS Code),而是在已部署的环境中(Azure App Service)
我可以将 MSAL 包更新到最新版本,但同时以前它在部署的环境中工作正常但现在不行,为什么?
范围错误消息 (AADB2C90055) 与 'Bad Request - Request header too long' 有任何联系吗?
AADB2C90055: The scope 'openid profile' must specify resource
任何类型的信息都会对我或其他人有用,在此先感谢
这是我的应用程序中使用的代码,
let userAgentApplication: Msal.UserAgentApplication;
const createAuthorityUrl = (tenantId: string, policy: string) => {
return `https://${tenantId}.b2clogin.com/tfp/${tenantId}.onmicrosoft.com/${policy}`;
};
export const b2cLogin = (config: B2CConfig) => {
const msalAppConfig = {
cacheLocation: 'localStorage',
redirectUri: `${location.protocol}//${location.host}`,
navigateToLoginRequestUrl: false,
storeAuthStateInCookie: true,
validateAuthority: false,
};
const { clientId, tenantId, myb2cSigninPolicy, myb2cPasswordResetPolicy } = config;
return new Promise(resolve => {
let handlingPasswordReset = false;
const app = new Msal.UserAgentApplication(
clientId,
createAuthorityUrl(tenantId, myb2cSigninPolicy),
(errorDesc: string, token: string) => {
if (errorDesc && errorDesc.indexOf('AADB2C90118') > -1) {
// user forgot password
// https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp/issues/9#issuecomment-347556074
handlingPasswordReset = true;
new Msal.UserAgentApplication(
clientId,
createAuthorityUrl(tenantId, myb2cPasswordResetPolicy),
() => null,
msalAppConfig,
).loginRedirect();
}
return resolve(token);
},
msalAppConfig,
);
if (!handlingPasswordReset) {
userAgentApplication = app;
}
// Seems that MSAL's acquireTokenSilent() won't resolve if run within an iframe
if (window.parent !== window) {
return resolve('');
}
if (!userAgentApplication.isCallback(location.hash)) resolve(getAccessToken());
});
};
export const getAccessToken = async (): Promise<string> => {
if (!userAgentApplication) {
throw new Error('getAccessToken attempted before authentication initialized');
}
try {
return await userAgentApplication.acquireTokenSilent(['openid']);
} catch (error) {
console.log(error);
return '';
}
};
错误 HTTP 400: Size of header request is too long 通常是因为cookies太多或cookies太大.
参考:
MSAL js 版本:v0.2.4;
Chrome 版本:79.0.3945.88(正式版)(64 位)
从各种post了解到,由于cookie堆积,我们看到'400 Bad Request - Request header too long',但事实并非如此发生在我所有的开发环境中。 我想知道,为什么它不在本地环境中(运行 来自 VS Code),而是在已部署的环境中(Azure App Service)
我可以将 MSAL 包更新到最新版本,但同时以前它在部署的环境中工作正常但现在不行,为什么?
范围错误消息 (AADB2C90055) 与 'Bad Request - Request header too long' 有任何联系吗?
AADB2C90055: The scope 'openid profile' must specify resource
任何类型的信息都会对我或其他人有用,在此先感谢
这是我的应用程序中使用的代码,
let userAgentApplication: Msal.UserAgentApplication;
const createAuthorityUrl = (tenantId: string, policy: string) => {
return `https://${tenantId}.b2clogin.com/tfp/${tenantId}.onmicrosoft.com/${policy}`;
};
export const b2cLogin = (config: B2CConfig) => {
const msalAppConfig = {
cacheLocation: 'localStorage',
redirectUri: `${location.protocol}//${location.host}`,
navigateToLoginRequestUrl: false,
storeAuthStateInCookie: true,
validateAuthority: false,
};
const { clientId, tenantId, myb2cSigninPolicy, myb2cPasswordResetPolicy } = config;
return new Promise(resolve => {
let handlingPasswordReset = false;
const app = new Msal.UserAgentApplication(
clientId,
createAuthorityUrl(tenantId, myb2cSigninPolicy),
(errorDesc: string, token: string) => {
if (errorDesc && errorDesc.indexOf('AADB2C90118') > -1) {
// user forgot password
// https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp/issues/9#issuecomment-347556074
handlingPasswordReset = true;
new Msal.UserAgentApplication(
clientId,
createAuthorityUrl(tenantId, myb2cPasswordResetPolicy),
() => null,
msalAppConfig,
).loginRedirect();
}
return resolve(token);
},
msalAppConfig,
);
if (!handlingPasswordReset) {
userAgentApplication = app;
}
// Seems that MSAL's acquireTokenSilent() won't resolve if run within an iframe
if (window.parent !== window) {
return resolve('');
}
if (!userAgentApplication.isCallback(location.hash)) resolve(getAccessToken());
});
};
export const getAccessToken = async (): Promise<string> => {
if (!userAgentApplication) {
throw new Error('getAccessToken attempted before authentication initialized');
}
try {
return await userAgentApplication.acquireTokenSilent(['openid']);
} catch (error) {
console.log(error);
return '';
}
};
错误 HTTP 400: Size of header request is too long 通常是因为cookies太多或cookies太大.
参考: