[英]Azure AD B2C -> OAuth2 -> Azure Function App Token Exchange
I'm fairly new to authentication, token exchanges and Azure AD B2C.我对身份验证、令牌交换和 Azure AD B2C 还很陌生。
I've built an Azure AD B2C tenant in my portal and set the Redirect URI to be localhost (an Azure Function I'm running locally on Visual Studio).我在我的门户中构建了一个 Azure AD B2C 租户,并将重定向 URI 设置为本地主机(我在 Visual Studio 上本地运行的一个 Azure 函数)。 I know that after the browser takes you to the redirect URI it passes the authorization_code back through the URI, I'm able to save that code as a variable in my function but I'm afraid I'm lost on what to do after that.
我知道在浏览器将您带到重定向 URI 后,它会通过 URI 传回 authorization_code,我可以将该代码作为变量保存在我的函数中,但恐怕我不知道在那之后该怎么做. VS
VS
[FunctionName("Login")]
public static string Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", "post", Route = null)] HttpRequest req,
ILogger log)
{
string name = req.Query["code"];
return name;
}
I know I have to make a POST request to the /token endpoint but when I pass in the authorization_code I get this response in postman我知道我必须向 /token 端点发出 POST 请求,但是当我传入 authorization_code 时,我在邮递员中得到了这个回复
{
"error": "invalid_request",
"error_description": "AADSTS900144: The request body must contain the following parameter: 'grant_type'.\r\nTrace ID: a79790d9-5ab8-488e-bd5a-0e1feecd1d00\r\nCorrelation ID: 6f065d48-61d3-4193-99bf-e14f3a6951aa\r\nTimestamp: 2020-01-23 20:45:33Z",
"error_codes": [
900144
],
"timestamp": "2020-01-23 20:45:33Z",
"trace_id": "a79790d9-5ab8-488e-bd5a-0e1feecd1d00",
"correlation_id": "6f065d48-61d3-4193-99bf-e14f3a6951aa",
"error_uri": "https://login.microsoftonline.com/error?code=900144"
}
From my function how do I pass these parameters into the body to the /token endpoint?从我的函数中,我如何将这些参数传递到正文到 /token 端点? Any help would be appreciated.
任何帮助,将不胜感激。 Best.
最好。
That error indicates you are using the AAD token endpoint and not the AAD B2C token endpoint.该错误表明您使用的是 AAD 令牌端点,而不是 AAD B2C 令牌端点。
The correct endpoints are here for AAD B2C. AAD B2C 的正确端点位于此处。 https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-oidc#send-authentication-requests
https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-oidc#send-authentication-requests
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.