无法验证 AzureAD 本机客户端应用程序
Cannot Authenticate AzureAD native client application
我已经注册了一个 AzureAD 应用程序,它是一个 public 客户端/本机客户端。
我在门户中使用 Azure 生成的标准代码。
重要的一点是
static App()
{
_clientApp = PublicClientApplicationBuilder.Create(ClientId)
.WithLogging((level, message, containsPii) =>
{
System.Diagnostics.Debug.WriteLine("*************************");
System.Diagnostics.Debug.WriteLine($"{level}: {message}");
}, LogLevel.Verbose, true, true)
.WithAuthority($"{Instance}{Tenant}")
.WithRedirectUri(RedirectURI)
.Build();
TokenCacheHelper.EnableSerialization(_clientApp.UserTokenCache);
}
和
authResult = await app.AcquireTokenInteractive(scopes)
.WithAccount(accounts.FirstOrDefault())
.WithParentActivityOrWindow(new WindowInteropHelper(this).Handle) // optional, used to center the browser on the window
.WithPrompt(Prompt.SelectAccount)
.ExecuteAsync();
返回的错误是;
"AADSTS7000218: The request body must contain the following parameter:
'client_assertion' or 'client_secret'.
根据 AzureAD 中的 I for example read here and in most places,我已将默认类型更改为 Public 客户端。
我仍然遇到同样的错误。
我已经启用了日志记录,我想我有下面的相关部分
Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) An authorization code was retrieved from the /authorize endpoint.
Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) Exchanging the auth code for tokens
Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) === InteractiveParameters Data ===
LoginHint provided: False
User provided: False
UseEmbeddedWebView: NotSpecified
ExtraScopesToConsent:
Prompt: select_account
HasCustomWebUi: False
Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) Response status code does not indicate success: 401 (Unauthorized).
Warning: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) Request retry failed.
Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) HttpStatusCode: 401: Unauthorized
Error: (True) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) MSAL.Desktop.4.13.0.0.MsalServiceException:
ErrorCode: invalid_client
Microsoft.Identity.Client.MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details.You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
我似乎正在获取授权码,但未能获取令牌。错误是 401(未授权)。
有人能帮我理解一下吗?
有两个步骤可以解决这个问题。
1.Change默认客户端类型为Public客户端。
2.Add 移动和桌面应用程序平台
我已经注册了一个 AzureAD 应用程序,它是一个 public 客户端/本机客户端。
我在门户中使用 Azure 生成的标准代码。
重要的一点是
static App()
{
_clientApp = PublicClientApplicationBuilder.Create(ClientId)
.WithLogging((level, message, containsPii) =>
{
System.Diagnostics.Debug.WriteLine("*************************");
System.Diagnostics.Debug.WriteLine($"{level}: {message}");
}, LogLevel.Verbose, true, true)
.WithAuthority($"{Instance}{Tenant}")
.WithRedirectUri(RedirectURI)
.Build();
TokenCacheHelper.EnableSerialization(_clientApp.UserTokenCache);
}
和
authResult = await app.AcquireTokenInteractive(scopes)
.WithAccount(accounts.FirstOrDefault())
.WithParentActivityOrWindow(new WindowInteropHelper(this).Handle) // optional, used to center the browser on the window
.WithPrompt(Prompt.SelectAccount)
.ExecuteAsync();
返回的错误是;
"AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
根据 AzureAD 中的 I for example read here and in most places,我已将默认类型更改为 Public 客户端。
我仍然遇到同样的错误。
我已经启用了日志记录,我想我有下面的相关部分
Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) An authorization code was retrieved from the /authorize endpoint. Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) Exchanging the auth code for tokens Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) === InteractiveParameters Data === LoginHint provided: False User provided: False UseEmbeddedWebView: NotSpecified ExtraScopesToConsent: Prompt: select_account HasCustomWebUi: False
Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) Response status code does not indicate success: 401 (Unauthorized). Warning: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) Request retry failed. Info: (False) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) HttpStatusCode: 401: Unauthorized Error: (True) MSAL 4.13.0.0 MSAL.Desktop Microsoft Windows NT 6.2.9200.0 (UnknownClient: 0.0.0.0) MSAL.Desktop.4.13.0.0.MsalServiceException: ErrorCode: invalid_client Microsoft.Identity.Client.MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details.You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.
我似乎正在获取授权码,但未能获取令牌。错误是 401(未授权)。
有人能帮我理解一下吗?
有两个步骤可以解决这个问题。
1.Change默认客户端类型为Public客户端。
2.Add 移动和桌面应用程序平台