MSAL - 重定向 URI 上的 MsalGuard - 进入重定向循环
我正在我的角度应用程序中实现 msal 并使用 msal-v1 库。
我从记录的示例中获取了 angular-7 示例,并尝试在我的企业应用程序中实现以下代码。
我在 app.module.ts 和 app-routing.module.ts 中添加了 popup as false
MsalModule.forRoot(
{
auth: {
clientId: "app client id",
authority:
"https://login.microsoftonline.com/tenant.onmicrosoft.com/",
validateAuthority: true,
redirectUri: window.location.origin,
postLogoutRedirectUri:
window.location.origin,
navigateToLoginRequestUrl: true,
},
cache: {
cacheLocation: "localStorage",
storeAuthStateInCookie: isIE, // set to true for IE 11
},
},
{
popUp: false,
consentScopes: ["user.read", "openid", "profile"],
unprotectedResources: ["https://www.microsoft.com/en-us/"],
protectedResourceMap,
extraQueryParameters: {},
}
)
,我在空路由上添加了 MsalGuard 因为我的应用程序不会有任何登录按钮和默认登陆页面也需要身份验证。
const routes: Routes = [
{
path: "",
component: HomeComponent,
canActivate: [MsalGuard],
},
{
path: "profile",
component: ProfileComponent,
canActivate: [MsalGuard],
},
];
@NgModule({
imports: [RouterModule.forRoot(routes, { useHash: false })],
exports: [RouterModule],
})
export class AppRoutingModule {}
通过这样做,如果我直接点击域 URL(即重定向 URI)而不使用任何路由,我就能够在本地存储中正确授权并获取令牌,但是如果我们清除本地存储然后直接导航到配置文件路径,我就无法获取令牌,因为它正在进入连续的重定向循环。
应用程序重定向到/#id_token=eyJ,然后重定向到/profile/#id_token=eyJ,依此类推。
请指导我如何保护我的角度应用程序中的所有路由而不进入重定向循环。
msal version - 1.4.4
msal-angular - 1.1.2
I'm implementing msal in my angular application and I'm using msal-v1 library.
I have taken angular-7 sample from the documented samples and tried implementing the below code in my enterprise application.
I have added popup as false in app.module.ts
MsalModule.forRoot(
{
auth: {
clientId: "app client id",
authority:
"https://login.microsoftonline.com/tenant.onmicrosoft.com/",
validateAuthority: true,
redirectUri: window.location.origin,
postLogoutRedirectUri:
window.location.origin,
navigateToLoginRequestUrl: true,
},
cache: {
cacheLocation: "localStorage",
storeAuthStateInCookie: isIE, // set to true for IE 11
},
},
{
popUp: false,
consentScopes: ["user.read", "openid", "profile"],
unprotectedResources: ["https://www.microsoft.com/en-us/"],
protectedResourceMap,
extraQueryParameters: {},
}
)
and on app-routing.module.ts, I have added MsalGuard on the empty route as my application wont have any login button and the default landing page also needs authentication.
const routes: Routes = [
{
path: "",
component: HomeComponent,
canActivate: [MsalGuard],
},
{
path: "profile",
component: ProfileComponent,
canActivate: [MsalGuard],
},
];
@NgModule({
imports: [RouterModule.forRoot(routes, { useHash: false })],
exports: [RouterModule],
})
export class AppRoutingModule {}
By doing this, if I directly hit the domain URL(i.e. redirect URI) with out any route, I was able to authorize and get token properly in the localstorage, but if we clear local storage and then directly navigate to profile path, I was not able to get the token as it is entering a continuously redirect loop.
the application is redirecting to /#id_token=eyJ and then to /profile/#id_token=eyJ and so on.
please guide me on how to guard all routes in my angular application and not enter the redirect loop.
msal version - 1.4.4
msal-angular - 1.1.2
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我在 github(
msal-v1) 论坛中讨论了相同的问题,并通过设置不带MsalGuard但相同的新路线找到了替代解决方案Home组件。此处讨论了完整的详细信息
I have discussed the same issue in the github(
msal-v1) forum and have found a alternate solution by setting a new route without theMsalGuardbut to the sameHomeComponent.full details are discussed here