简体繁体 English

使用本地客户端凭据连接到 Azure Blob 存储

[英]Connecting to Azure Blob Storage using Client Credential from on-premise

原文 2021-10-25 13:26:10 8 1 c#/ azure/ asp.net-core/ azure-blob-storage/ msal

I'm trying to interact with an Azure Blob Storage protected by Azure AD using ClientID & ClientSecret.我正在尝试使用 ClientID 和 ClientSecret 与受 Azure AD 保护的 Azure Blob 存储进行交互。 It's working fine when I'm running the application from my machine on Visual Studio however when I run it from a VM on-premise, I'm getting this error:当我在 Visual Studio 上从我的机器运行应用程序时，它工作正常，但是当我从本地 VM 运行它时，我收到此错误：

An error response was returned by the OAuth2 server, but it could not be parsed. OAuth2 服务器返回错误响应，但无法解析。 Please inspect the exception properties for details.请检查异常属性以获取详细信息。 ---> MSAL.NetCore.4.30.1.0.MsalServiceException: ErrorCode: non_parsable_oauth_error Microsoft.Identity.Client.MsalServiceException: An error response was returned by the OAuth2 server, but it could not be parsed. ---> MSAL.NetCore.4.30.1.0.MsalServiceException: ErrorCode: non_parsable_oauth_error Microsoft.Identity.Client.MsalServiceException: OAuth2 服务器返回错误响应，但无法解析。 Please inspect the exception properties for details.请检查异常属性以获取详细信息。 at Microsoft.Identity.Client.Internal.Requests.RequestBase.HandleTokenRefreshError(MsalServiceException e, MsalAccessTokenCacheItem cachedAccessTokenItem) at Microsoft.Identity.Client.Internal.Requests.ClientCredentialRequest.ExecuteAsync(CancellationToken cancellationToken) at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken) at Microsoft.Identity.Client.ApiConfig.Executors.ConfidentialClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters, AcquireTokenForClientParameters clientParameters, CancellationToken cancellationToken) at Azure.Identity.AbstractAcquireTokenParameterBuilderExtensions.ExecuteAsync[T](AbstractAcquireTokenParameterBuilder`1 builder, Boolean async, CancellationToken cancellationToken) at Azure.Identity.MsalConfidentialClient.AcquireTokenForClientAsync(String[] scopes, Boolean async, CancellationToken cancellationToken) at Azure.Identity.ClientSecretCredential.GetTokenAsync(TokenRequestContext req在 Microsoft.Identity.Client.Internal.Requests.RequestBase.HandleTokenRefreshError(MsalServiceException e, MsalAccessTokenCacheItem cachedAccessTokenItem) 在 Microsoft.Identity.Client.Internal.Requests.ClientCredentialRequest.ExecuteAsync(CancellationToken cancelationToken) 在 Microsoft.Identity.Client.Internal.Requests。 RequestBase.RunAsync(CancellationToken cancelationToken) 在 Microsoft.Identity.Client.ApiConfig.Executors.ConfidentialClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters, AcquireTokenForClientParameters clientParameters, CancellationToken cancelationToken) 在 Azure.Identity.AbstractAcquireTokenParameterBuilderExtensions`ExecuteTokenParameterActractExtensions.ExecuteTokenAsync[BooleanActractTextensions] , CancellationToken cancelationToken) at Azure.Identity.MsalConfidentialClient.AcquireTokenForClientAsync(String[] scopes, Boolean async, CancellationToken cancelationToken) at Azure.Identity.ClientSecretCredential.GetTokenAsync(TokenRequestContext req) uestContext, CancellationToken cancellationToken) StatusCode: 407 uestContext, CancellationToken 取消令牌）状态代码：407

1 个解决方案

Looks like you are going through a proxy to access the Oauth endpoint看起来您正在通过代理访问 Oauth 端点

https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/407https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/407

The HTTP 407 Proxy Authentication Required client error status response code indicates that the request has not been applied because it lacks valid authentication credentials for a proxy server that is between the browser and the server that can access the requested resource. HTTP 407 Proxy Authentication Required客户端错误状态响应代码表示该请求尚未应用，因为它缺少位于浏览器和可以访问所请求资源的服务器之间的代理服务器的有效身份验证凭据。

You need to inspect the connectivity properties between the VM and the OAuth server您需要检查 VM 和 OAuth 服务器之间的连接属性