堆栈内存溢出
  简体   繁体   English

无法获得Angular SPA来使用Azure Active Directory验证ASP.NET MVC WebAPI

[英]Cannot get an Angular SPA to authenticate an ASP.NET MVC WebAPI with Azure Active Directory

 原文  2017-04-19 12:05:20       angularjs/ asp.net-web-api/ azure-active-directory/ adal

问题描述

I have created a single page application in Angular 2 and an ASP.NET MVC WebAPI that both require Azure Active Directory authentication. 我在Angular 2和ASP.NET MVC WebAPI中创建了一个单页面应用程序,它们都需要Azure Active Directory身份验证。 Both applications are registered in the Azure Portal, and have OAuth2 enabled. 这两个应用程序都在Azure门户中注册,并启用了OAuth2。 The SPA also has permission to access the WebAPI SPA还有权访问WebAPI

In the SPA, I use adaljs, which works as expected. 在SPA中,我使用adaljs,它按预期工作。 The ASP.NET Web API is configured to use Windows Azure Active Directory Bearer Authentication, which also works as far as I can tell. ASP.NET Web API配置为使用Windows Azure Active Directory承载身份验证,这也是我能说的。

When the SPA requests data from the WebAPI it sends a bearer authorization token in the header, but the requests gets denied (status 401 UNAUTHORIZED). 当SPA从WebAPI请求数据时,它在标头中发送承载授权令牌,但请求被拒绝(状态401 UNAUTHORIZED)。

I have created a sample project in in github: https://github.com/ranthonissen/angular2-adaljs-webapi , and described the steps I followed in more detail here: https://dotronald.be/creating-an-angular-single-page-application-with-azure-active-directory-and-adal-js-that-uses-an-asp-net-webapi/ 我在github中创建了一个示例项目: https//github.com/ranthonissen/angular2-adaljs-webapi ,并在此处更详细地描述了我所遵循的步骤: https//dotronald.be/creating-an-angular -单页的应用程序与-蔚主动目录和阿达尔-JS-该用途-AN-ASP净的WebAPI /

What am I missing to get this setup to work? 为了让这个设置起作用,我错过了什么?

1 个解决方案

解决方案1
 3 已采纳  2017-04-20 05:21:26

Based on the code, you were acquiring the access token using the clientId instead of app id URI of the second app. 根据代码,您使用clientId而不是第二个应用程序的app id URI获取访问令牌。

To fix this issue, we can add resource id parameter in the SPA like below: 要解决此问题,我们可以在SPA中添加资源ID参数,如下所示:

secret.service.ts secret.service.ts 

import { Injectable } from '@angular/core';
@Injectable()
export class SecretService {
    public get adalConfig(): any {
        return {
            tenant: 'adnewfei.onmicrosoft.com',
            clientId: 'aac92cf9-32ab-4004-aeab-1046389dff79',
            redirectUri: window.location.origin + '/',
            postLogoutRedirectUri: window.location.origin + '/',
            resourceId:"https://ADNewFei.onmicrosoft.com/webAPIFei"
        };
    }
}

The value of resourceId is the App ID URI of the app you register for the web API. resourceId的值是您为Web API注册的应用程序的App ID URI And it should match the value you config in the web.config of web API project like below: 它应该匹配您在web API项目的web.config中配置的值,如下所示:

在此输入图像描述 

  <appSettings>
    <add key="ida:ClientId" value="29fc9b4c-4d77-4ffa-b4af-674d6b0584f7" />
    <add key="ida:Tenant" value="adnewfei.onmicrosoft.com" />
    <add key="ida:Audience" value="https://ADNewFei.onmicrosoft.com/webAPIFei" />
    <add key="ida:Password" value="xxxxxx" />
  </appSettings>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用ASP.NET MVC和WebApi的Angular.js SPA安全性 - Angular.js SPA security with ASP.NET MVC and WebApi Angular 2 - ASP.NET MVC应用程序 - 没有SPA - Angular 2 - ASP.NET MVC app - NO SPA 带有Angular和ASP.NET MVC的SEO(非SPA) - SEO With Angular and ASP.NET MVC (not SPA) 不带CORS的SPA的ASP.NET WebApi - ASP.NET WebApi for SPA without CORS 用于已添加书签的Angular SPA URL的ASP.NET MVC 4路由 - ASP.NET MVC 4 Route for Bookmarked Angular SPA URLs ASP.Net MVC赞成WebAPI加载初始Angular模型 - ASP.Net MVC verses WebAPI loading of initial Angular model 使用Angular.JS Active Directory身份验证的ASP.NET MVC4应用程序 - ASP.NET MVC4 application using Angular.JS Active Directory Authentication 使用ASP.NET MVC 6和AngularJS在SPA中进行路由 - Routing in SPA with ASP.NET MVC 6 and AngularJS ASP.NET MVC WebAPI不返回数据 - ASP.NET MVC WebAPI Not Returning Data 如何在用asp.net mvc核心制作的应用程序的一两页中将angular 4用作迷你spa? - How to use angular 4 as mini spa in just one or two pages of an application made with asp.net mvc core?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM