AADSTS90019:在请求中或任何提供的凭证中均未找到租户识别信息
AADSTS90019: No tenant-identifying information found in either the request or implied by any provided credentials
您好,我想实现 Office365 SSO 登录。
我已经创建了一个帐户,现在正在关注此文档:https://msdn.microsoft.com/en-us/library/azure/dn645542.aspx
我已经拿到代码了,现在想实现 "Use the Authorization Code to Request an Access Token"
但我收到错误消息:AADSTS90019:在请求中或任何提供的凭据中均未找到租户识别信息。
这是我通话的详细记录:
http-bio-8080-exec-10 29/06/2015 14:45:37,496 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "POST /common/oauth2/token HTTP/1.1[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,496 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Content-Length: 810[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,497 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Content-Type: application/x-www-form-urlencoded[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,497 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Host: login.microsoftonline.com[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,498 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Connection: Keep-Alive[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,499 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "User-Agent: Apache-HttpClient/4.3.5 (java 1.5)[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,499 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Accept-Encoding: gzip,deflate[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,500 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,501 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "client_id=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2FXXXXXXXXX%2FREST%2FUser%2Foffice&client_secret=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&code=XXXXXXXXXXXXXXXXXXX&grant_type=authorization_code"
http-bio-8080-exec-10 29/06/2015 14:45:37,570 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "H"
http-bio-8080-exec-10 29/06/2015 14:45:37,571 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "TTP/1.1 400 Bad Request[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,572 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Cache-Control: no-cache, no-store[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,572 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Pragma: no-cache[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,573 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Content-Type: application/json; charset=utf-8[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,573 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Expires: -1[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,574 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Server: Microsoft-IIS/8.5[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,575 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "x-ms-request-id: c7702631-895c-4c6c-bad1-691ced9259f5[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,575 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "x-ms-gateway-service-instanceid: ESTSFE_IN_3[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,576 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "X-Content-Type-Options: nosniff[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,576 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Strict-Transport-Security: max-age=31536000; includeSubDomains[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,577 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,578 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Set-Cookie: flight-uxoptin=true; path=/; secure; HttpOnly[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,578 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Set-Cookie: x-ms-gateway-slice=productiona; path=/; secure; HttpOnly[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,579 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Set-Cookie: stsservicecookie=ests; path=/; secure; HttpOnly[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,580 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "X-Powered-By: ASP.NET[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,580 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Date: Mon, 29 Jun 2015 12:45:48 GMT[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,581 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Content-Length: 501[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,581 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,582 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "{"error":"invalid_request","error_description":"AADSTS90019: No tenant-identifying information found in either the request or implied by any provided credentials.\r\nTrace ID: c7702631-895c-4c6c-bad1-691ced9259f5\r\nCorrelation ID: bd641f9d-9982-4808-b7ba-95d3dc0ba8d9\r\nTimestamp: 2015-06-29 12:45:49Z","error_codes":[90019],"timestamp":"2015-06-29 12:45:49Z","trace_id":"c7702631-895c-4c6c-bad1-691ced9259f5","correlation_id":"bd641f9d-9982-4808-b7ba-95d3dc0ba8d9","submit_url":null,"context":null}"
这就是我配置APP的方式
您的案例中使用的帐户是 Microsoft 帐户,而不是组织帐户/AAD 帐户。不幸的是,Microsoft 帐户不能在公共端点上工作。如果 Microsoft 帐户是 Azure AD 租户中的来宾,那么您可以将该租户名称放在授权终结点中,代替 'common',这应该可以工作。显然你必须提前知道你想要的租户。
您可以 运行 在使用组织帐户时遇到类似的问题。如果组织帐户是另一个租户或多个租户中的来宾,则您必须指定要由其颁发令牌的特定租户。
尝试清除 cookies/local 与 ADAL 相关的存储
您好,我想实现 Office365 SSO 登录。 我已经创建了一个帐户,现在正在关注此文档:https://msdn.microsoft.com/en-us/library/azure/dn645542.aspx
我已经拿到代码了,现在想实现 "Use the Authorization Code to Request an Access Token"
但我收到错误消息:AADSTS90019:在请求中或任何提供的凭据中均未找到租户识别信息。
这是我通话的详细记录:
http-bio-8080-exec-10 29/06/2015 14:45:37,496 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "POST /common/oauth2/token HTTP/1.1[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,496 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Content-Length: 810[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,497 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Content-Type: application/x-www-form-urlencoded[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,497 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Host: login.microsoftonline.com[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,498 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Connection: Keep-Alive[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,499 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "User-Agent: Apache-HttpClient/4.3.5 (java 1.5)[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,499 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "Accept-Encoding: gzip,deflate[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,500 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,501 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 >> "client_id=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2FXXXXXXXXX%2FREST%2FUser%2Foffice&client_secret=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&code=XXXXXXXXXXXXXXXXXXX&grant_type=authorization_code"
http-bio-8080-exec-10 29/06/2015 14:45:37,570 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "H"
http-bio-8080-exec-10 29/06/2015 14:45:37,571 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "TTP/1.1 400 Bad Request[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,572 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Cache-Control: no-cache, no-store[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,572 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Pragma: no-cache[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,573 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Content-Type: application/json; charset=utf-8[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,573 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Expires: -1[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,574 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Server: Microsoft-IIS/8.5[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,575 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "x-ms-request-id: c7702631-895c-4c6c-bad1-691ced9259f5[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,575 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "x-ms-gateway-service-instanceid: ESTSFE_IN_3[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,576 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "X-Content-Type-Options: nosniff[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,576 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Strict-Transport-Security: max-age=31536000; includeSubDomains[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,577 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,578 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Set-Cookie: flight-uxoptin=true; path=/; secure; HttpOnly[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,578 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Set-Cookie: x-ms-gateway-slice=productiona; path=/; secure; HttpOnly[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,579 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Set-Cookie: stsservicecookie=ests; path=/; secure; HttpOnly[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,580 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "X-Powered-By: ASP.NET[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,580 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Date: Mon, 29 Jun 2015 12:45:48 GMT[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,581 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "Content-Length: 501[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,581 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "[\r][\n]"
http-bio-8080-exec-10 29/06/2015 14:45:37,582 | DEBUG | org.apache.http.wire | wire | http-outgoing-3 << "{"error":"invalid_request","error_description":"AADSTS90019: No tenant-identifying information found in either the request or implied by any provided credentials.\r\nTrace ID: c7702631-895c-4c6c-bad1-691ced9259f5\r\nCorrelation ID: bd641f9d-9982-4808-b7ba-95d3dc0ba8d9\r\nTimestamp: 2015-06-29 12:45:49Z","error_codes":[90019],"timestamp":"2015-06-29 12:45:49Z","trace_id":"c7702631-895c-4c6c-bad1-691ced9259f5","correlation_id":"bd641f9d-9982-4808-b7ba-95d3dc0ba8d9","submit_url":null,"context":null}"
这就是我配置APP的方式
您的案例中使用的帐户是 Microsoft 帐户,而不是组织帐户/AAD 帐户。不幸的是,Microsoft 帐户不能在公共端点上工作。如果 Microsoft 帐户是 Azure AD 租户中的来宾,那么您可以将该租户名称放在授权终结点中,代替 'common',这应该可以工作。显然你必须提前知道你想要的租户。
您可以 运行 在使用组织帐户时遇到类似的问题。如果组织帐户是另一个租户或多个租户中的来宾,则您必须指定要由其颁发令牌的特定租户。
尝试清除 cookies/local 与 ADAL 相关的存储