教育令牌不刷新
ADAL Token Not Refreshing
我有一个 ASP.NET webforms 应用程序,我在其中使用与 Azure Active Directory 关联的 Azure Key Vault。我使用了此处找到的指南 https://azure.microsoft.com/en-us/documentation/articles/storage-encrypt-decrypt-blobs-key-vault/
从 Azure Active Directory 为我的应用程序获取令牌并使用它来访问我的密钥保管库,我最终将其用于存储加密。应用程序第一次请求令牌时一切正常,但在令牌过期后(一小时后)。应用程序不会像它应该的那样检索新令牌。我正在使用最新的稳定版本 Microsoft.IdentityModel.Clients.ActiveDirectory 2.19.208020213,并尝试了最新的预发布版 (3.5.208051316-alpha)。
GetToken 方法如下所示
Public Async Function GetToken(authority As String, resource As String, scope As String) As Task(Of String)
Dim authContext = New AuthenticationContext(authority)
Dim clientCred As New ClientCredential(CloudConfigurationManager.GetSetting("ClientID"), CloudConfigurationManager.GetSetting("ClientSecret"))
System.Diagnostics.Trace.TraceInformation("Attempting to acquire auth token")
Dim result As AuthenticationResult = await authContext.AcquireTokenAsync(resource, clientCred)
System.Diagnostics.Trace.TraceInformation("Auth returned")
If result Is Nothing Then
System.Diagnostics.Trace.TraceInformation("Auth was null")
Throw New InvalidOperationException("Failed to obtain the JWT token")
End If
System.Diagnostics.Trace.TraceInformation("Returning auth access token")
Return result.AccessToken
End Function
此处用于连接到密钥保管库
Dim cloudResolver As New KeyVaultKeyResolver(AddressOf GetToken)
GetToken 方法只是在 AcquireTokenAsync 处挂起。我在 ADAL 中打开了详细日志记录,这就是日志显示的内容,它停止了并且 GetToken 从不 returns.
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: Looking up cache for a token...
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: An item matching the requested resource was found in the cache
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: An expired or near expiry token was found in the cache
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: An old item was removed from the cache
此外,我尝试通过将令牌缓存设置为 Nothing 来关闭令牌缓存,然后 ADAL 甚至不会在第一次检索访问令牌。
我在这个类似的问题中找到了答案
关键是删除其中任何一个并用 await 替换它们
.GetAwaiter().GetResult()
例如这是原件
Dim theKey = cloudResolver.ResolveKeyAsync($"{CloudConfigurationManager.GetSetting("KeyVaultUrl")}Secret/", CancellationToken.None).GetAwaiter().GetResult()
已替换为
Dim theKey = await cloudResolver.ResolveKeyAsync($"{CloudConfigurationManager.GetSetting("KeyVaultUrl")}Secret/", CancellationToken.None)
我有一个 ASP.NET webforms 应用程序,我在其中使用与 Azure Active Directory 关联的 Azure Key Vault。我使用了此处找到的指南 https://azure.microsoft.com/en-us/documentation/articles/storage-encrypt-decrypt-blobs-key-vault/ 从 Azure Active Directory 为我的应用程序获取令牌并使用它来访问我的密钥保管库,我最终将其用于存储加密。应用程序第一次请求令牌时一切正常,但在令牌过期后(一小时后)。应用程序不会像它应该的那样检索新令牌。我正在使用最新的稳定版本 Microsoft.IdentityModel.Clients.ActiveDirectory 2.19.208020213,并尝试了最新的预发布版 (3.5.208051316-alpha)。
GetToken 方法如下所示
Public Async Function GetToken(authority As String, resource As String, scope As String) As Task(Of String)
Dim authContext = New AuthenticationContext(authority)
Dim clientCred As New ClientCredential(CloudConfigurationManager.GetSetting("ClientID"), CloudConfigurationManager.GetSetting("ClientSecret"))
System.Diagnostics.Trace.TraceInformation("Attempting to acquire auth token")
Dim result As AuthenticationResult = await authContext.AcquireTokenAsync(resource, clientCred)
System.Diagnostics.Trace.TraceInformation("Auth returned")
If result Is Nothing Then
System.Diagnostics.Trace.TraceInformation("Auth was null")
Throw New InvalidOperationException("Failed to obtain the JWT token")
End If
System.Diagnostics.Trace.TraceInformation("Returning auth access token")
Return result.AccessToken
End Function
此处用于连接到密钥保管库
Dim cloudResolver As New KeyVaultKeyResolver(AddressOf GetToken)
GetToken 方法只是在 AcquireTokenAsync 处挂起。我在 ADAL 中打开了详细日志记录,这就是日志显示的内容,它停止了并且 GetToken 从不 returns.
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: Looking up cache for a token...
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: An item matching the requested resource was found in the cache
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: An expired or near expiry token was found in the cache
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: An old item was removed from the cache
此外,我尝试通过将令牌缓存设置为 Nothing 来关闭令牌缓存,然后 ADAL 甚至不会在第一次检索访问令牌。
我在这个类似的问题中找到了答案
关键是删除其中任何一个并用 await 替换它们
.GetAwaiter().GetResult()
例如这是原件
Dim theKey = cloudResolver.ResolveKeyAsync($"{CloudConfigurationManager.GetSetting("KeyVaultUrl")}Secret/", CancellationToken.None).GetAwaiter().GetResult()
已替换为
Dim theKey = await cloudResolver.ResolveKeyAsync($"{CloudConfigurationManager.GetSetting("KeyVaultUrl")}Secret/", CancellationToken.None)