[英]404 Not Found for oauth2/v2.0/token endpoint of Azure AD B2C
I'm having a hard time receiving an access_token and refresh_token via the OAuth 2.0 API of Azure AD B2C.我很难通过 Azure AD B2C 的 OAuth 2.0 API 接收access_token和refresh_token 。
I'm following the official guide describing the OAuth 2.0 authorization code flow.我正在遵循描述 OAuth 2.0 授权代码流程的官方指南。
Receiving an authorization_token via the interactive login website provided by Microsoft works fine (URL: https://login.microsoftonline.com/[MY_TENANT]/oauth2/v2.0/authorize?client_id=[CLIENT_ID]&response_type=code&response_mode=query&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=[CLIENT_ID]%20offline_access&p=[MY_SIGNUP_SIGNIN_POLICY]
).通过 Microsoft 提供的交互式登录网站接收授权令牌工作正常(网址: https://login.microsoftonline.com/[MY_TENANT]/oauth2/v2.0/authorize?client_id=[CLIENT_ID]&response_type=code&response_mode=query&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=[CLIENT_ID]%20offline_access&p=[MY_SIGNUP_SIGNIN_POLICY]
: https://login.microsoftonline.com/[MY_TENANT]/oauth2/v2.0/authorize?client_id=[CLIENT_ID]&response_type=code&response_mode=query&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=[CLIENT_ID]%20offline_access&p=[MY_SIGNUP_SIGNIN_POLICY]
)。
However, when trying to get an access_token via a simple POST request as stated in the documentation, I'm getting a 404 Not Found with the following POST request:但是,当尝试通过文档中所述的简单 POST 请求获取access_token 时,我收到以下 POST 请求的 404 Not Found:
URL: https://login.microsoftonline.com/[MY_TENANT]/oauth2/v2.0/token?p=B2C_1_sign_in
Header: Content-Type application/x-www-form-urlencoded
Payload: grant_type=authorization_code&client_id=[CLIENT_ID]&scope=[CLIENT_ID]%20offline_access&code=[AUTHORIZATION_CODE]&redirect_uri=urn:ietf:wg:oauth:2.0:oob
Is the documentation wrong at that point?那个时候文档有错吗?
Note: I'm not able to use any existing .NET or Java libraries providing this login procedure due to framework reasons.注意:由于框架原因,我无法使用任何现有的 .NET 或 Java 库提供此登录过程。 A C++ library would do.一个 C++ 库就可以了。
I so very much want them to implement the usual complete headless OAuth2 protocol in a standard-conformant way ...我非常希望他们以符合标准的方式实现通常的完整无头 OAuth2 协议......
The problem was my misunderstanding of the documentation.问题是我对文档的误解。
The policy (query parameter p
) must be the same in all cases.策略(查询参数p
)在所有情况下都必须相同。 Thus, the URL for the POST request has to be:因此,POST 请求的 URL 必须是:
https://login.microsoftonline.com/[MY_TENANT]/oauth2/v2.0/token?p=MY_SIGNUP_SIGNIN_POLICY
Where MY_SIGNUP_SIGNIN_POLICY
is exactly the same as in the login URL.其中MY_SIGNUP_SIGNIN_POLICY
与登录 URL 中的完全相同。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.