无法从 Azure Key Vault 获取令牌
Failure to get token from Azure Key Vault
我有一个使用 Identity 进行身份验证的 Blazor WASM 应用程序,它在周五运行良好。昨晚我去进行更改,Azure 中的应用程序 运行 和我机器上本地的 运行 应用程序在启动后都开始出现异常。从一切正常到现在,环境或代码库没有任何变化。
应用程序运行,重定向到登录页面,get 在服务器上处理正常,但在 .cshtml 文件中标记的第一行抛出异常(假设因为它未能加密内容)点):
An unhandled exception occurred while processing the request.
CredentialUnavailableException: EnvironmentCredential authentication unavailable. Environment variables are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/environmentcredential/troubleshoot
Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, string additionalMessage)
AggregateException: Multiple exceptions were encountered while
attempting to authenticate. (EnvironmentCredential authentication
unavailable. Environment variables are not fully configured. See the
troubleshooting guide for more information.
https://aka.ms/azsdk/net/identity/environmentcredential/troubleshoot)
(ManagedIdentityCredential authentication unavailable. Multiple
attempts failed to obtain a token from the managed identity endpoint.)
(Process "C:\Program Files\Microsoft Visual
Studio22\Community\Common7\IDE\Extensions\lybeojxv.4oe\TokenService\Microsoft.Asal.TokenService.exe"
has failed with unexpected error: TS003: Error, TS004: Unable to get
access token. 'AADSTS50020: User account '{EmailHidden}' from identity
provider 'live.com' does not exist in tenant 'Microsoft Services' and
cannot access the application
'{IDREDACTED}'(Visual Studio) in that tenant.
The account needs to be added as an external user in the tenant first.
Sign out and sign in again with a different Azure Active Directory
user account. Trace ID: {IDREDACTED}
Correlation ID: {IDREDACTED} Timestamp:
2021-12-20 19:46:59Z'.) (Stored credentials not found. Need to
authenticate user in VSCode Azure Account. See the troubleshooting
guide for more information.
https://aka.ms/azsdk/net/identity/vscodecredential/troubleshoot)
(Azure CLI not installed) (PowerShell is not installed.)
Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception
ex, string additionalMessage)
CredentialUnavailableException: DefaultAzureCredential failed to
retrieve a token from the included credentials. See the
troubleshooting guide for more information.
https://aka.ms/azsdk/net/identity/defaultazurecredential/troubleshoot
- EnvironmentCredential authentication unavailable. Environment variables are not fully configured. See the troubleshooting guide for
more information.
https://aka.ms/azsdk/net/identity/environmentcredential/troubleshoot
- ManagedIdentityCredential authentication unavailable. Multiple attempts failed to obtain a token from the managed identity endpoint.
- Process "C:\Program Files\Microsoft Visual Studio22\Community\Common7\IDE\Extensions\lybeojxv.4oe\TokenService\Microsoft.Asal.TokenService.exe"
has failed with unexpected error: TS003: Error, TS004: Unable to get
access token. 'AADSTS50020: User account '{EmailHidden}' from identity
provider 'live.com' does not exist in tenant 'Microsoft Services' and
cannot access the application
'{IDREDACTED}'(Visual Studio) in that tenant.
The account needs to be added as an external user in the tenant first.
Sign out and sign in again with a different Azure Active Directory
user account. Trace ID: {IDREDACTED}
Correlation ID: {IDREDACTED} Timestamp:
2021-12-20 19:46:59Z'.
- Stored credentials not found. Need to authenticate user in VSCode Azure Account. See the troubleshooting guide for more information.
https://aka.ms/azsdk/net/identity/vscodecredential/troubleshoot
- Azure CLI not installed
- PowerShell is not installed. Azure.Identity.DefaultAzureCredential.GetTokenFromSourcesAsync(TokenCredential[]
sources, TokenRequestContext requestContext, bool async,
CancellationToken cancellationToken)
CryptographicException: An error occurred while trying to encrypt the
provided data. Refer to the inner exception for more information.
Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(byte[]
plaintext)
我在相关文档和故障排除指南中找不到任何似乎与我的设置和问题相关的内容。而且我觉得我必须遗漏一些简单的东西,比如某些凭证的过期或更改,但我找不到任何看起来是罪魁祸首的东西,而且代码库的任何一部分都没有改变,Azure 环境也没有从我知道它的功能开始到它开始时,任何人都感动过。
Whelp,在拔掉我的头发 2 天后,我能够通过在我的机器上安装 Azure CLI 和 运行 来自 PowerShell window 的“az login”命令来解决这个问题.就这样。希望这能为其他人节省很多时间。
我有一个使用 Identity 进行身份验证的 Blazor WASM 应用程序,它在周五运行良好。昨晚我去进行更改,Azure 中的应用程序 运行 和我机器上本地的 运行 应用程序在启动后都开始出现异常。从一切正常到现在,环境或代码库没有任何变化。
应用程序运行,重定向到登录页面,get 在服务器上处理正常,但在 .cshtml 文件中标记的第一行抛出异常(假设因为它未能加密内容)点):
An unhandled exception occurred while processing the request. CredentialUnavailableException: EnvironmentCredential authentication unavailable. Environment variables are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/environmentcredential/troubleshoot Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, string additionalMessage)
AggregateException: Multiple exceptions were encountered while attempting to authenticate. (EnvironmentCredential authentication unavailable. Environment variables are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/environmentcredential/troubleshoot) (ManagedIdentityCredential authentication unavailable. Multiple attempts failed to obtain a token from the managed identity endpoint.) (Process "C:\Program Files\Microsoft Visual Studio22\Community\Common7\IDE\Extensions\lybeojxv.4oe\TokenService\Microsoft.Asal.TokenService.exe" has failed with unexpected error: TS003: Error, TS004: Unable to get access token. 'AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '{IDREDACTED}'(Visual Studio) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: {IDREDACTED} Correlation ID: {IDREDACTED} Timestamp: 2021-12-20 19:46:59Z'.) (Stored credentials not found. Need to authenticate user in VSCode Azure Account. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/vscodecredential/troubleshoot) (Azure CLI not installed) (PowerShell is not installed.) Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, string additionalMessage)
CredentialUnavailableException: DefaultAzureCredential failed to retrieve a token from the included credentials. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/defaultazurecredential/troubleshoot
- EnvironmentCredential authentication unavailable. Environment variables are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/environmentcredential/troubleshoot
- ManagedIdentityCredential authentication unavailable. Multiple attempts failed to obtain a token from the managed identity endpoint.
- Process "C:\Program Files\Microsoft Visual Studio22\Community\Common7\IDE\Extensions\lybeojxv.4oe\TokenService\Microsoft.Asal.TokenService.exe" has failed with unexpected error: TS003: Error, TS004: Unable to get access token. 'AADSTS50020: User account '{EmailHidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application '{IDREDACTED}'(Visual Studio) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: {IDREDACTED} Correlation ID: {IDREDACTED} Timestamp: 2021-12-20 19:46:59Z'.
- Stored credentials not found. Need to authenticate user in VSCode Azure Account. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/vscodecredential/troubleshoot
- Azure CLI not installed
- PowerShell is not installed. Azure.Identity.DefaultAzureCredential.GetTokenFromSourcesAsync(TokenCredential[] sources, TokenRequestContext requestContext, bool async, CancellationToken cancellationToken)
CryptographicException: An error occurred while trying to encrypt the provided data. Refer to the inner exception for more information. Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(byte[] plaintext)
我在相关文档和故障排除指南中找不到任何似乎与我的设置和问题相关的内容。而且我觉得我必须遗漏一些简单的东西,比如某些凭证的过期或更改,但我找不到任何看起来是罪魁祸首的东西,而且代码库的任何一部分都没有改变,Azure 环境也没有从我知道它的功能开始到它开始时,任何人都感动过。
Whelp,在拔掉我的头发 2 天后,我能够通过在我的机器上安装 Azure CLI 和 运行 来自 PowerShell window 的“az login”命令来解决这个问题.就这样。希望这能为其他人节省很多时间。