为什么返回的访问令牌null中的爆炸服务器端应用程序中的空名?
这个问题已经提出了几次,但这些答案似乎都没有用。
blazor Server-从当前登录的用户中获取AAD访问权限
服务器端blazor get beater bearer bearer token
我有一个在运行的jlazor应用程序(server-side) .net6。它连接到我的Azure Active Directory。我可以成功地对AAD进行身份验证,并获得索赔实例。
文件设置AAD的
[...]
builder.Services
.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"))
;
builder.Services
.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.SaveTokens = true;
});
[...]
摘录
[...]
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "XXX.com",
"TenantId": "5dXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"ClientId": "26XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"CallbackPath": "/signin-oidc"
}
[...]
这是从program.cs 我得到了成功的身份验证,文件_host.cshtml应该给我一个有效的访问令牌,但在我的情况下不是这样:
问题
为什么返回的访问令牌null in我的大火应用?
更新1
我在启动文件中使用以下2个呼叫看到了答案:
[...]
builder.Services
.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"))
.EnableTokenAcquisitionToCallDownstreamApi(new string[] { "openid" })
.AddInMemoryTokenCaches()
;
我看到没有更改。
The question has been raised a couple times on SO but none of these answers seems to work in my situation.
How do I get the access token from a blazor (server-side) web app?
Blazor server - get AAD access token from current logged in user
Server side Blazor get bearer token
I have a Blazor application (Server-Side) running on .net6. It is connected to my Azure Active Directory. I can successfully authenticate myself to AAD and get the ClaimsPrincipal instance.
Here is a excerpt from the Program.cs file where it sets up the AAD:
[...]
builder.Services
.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"))
;
builder.Services
.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.SaveTokens = true;
});
[...]
The configuration related to the AzureAd section contains the following information:
[...]
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "XXX.com",
"TenantId": "5dXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"ClientId": "26XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"CallbackPath": "/signin-oidc"
}
[...]
Based on the previous answers, once I get successfully authenticated, the following call in the file _Host.cshtml should have given me a valid access token but it is not the case in my situation:
Question
Why is the returned access token null in my Blazor application?
Update 1
I have seen answers using these extra 2 calls in the startup file:
[...]
builder.Services
.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"))
.EnableTokenAcquisitionToCallDownstreamApi(new string[] { "openid" })
.AddInMemoryTokenCaches()
;
I see no changes.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果要为下游API请求令牌,则TokenAcquisition是必不可少的方法:
与IDOWNStreamWebapi结合使用,您甚至不必将令牌作为字符串保存为字符串,当调用API时,它将被分配:
AppSettings结构:
If you want to request a token for your downstream API, TokenAcquisition is the way to go:
Combined with IDownstreamWebApi you don't even have to save the token as a string, it will get assigned when the api is called:
And appsettings structure: