堆栈内存溢出
  简体   繁体   English

Azure 逻辑应用无法使用转换后的 base64 编码 pfx 创建客户端证书身份验证

[英]Azure Logic App not able create client certificate authentication with converted base64 encoded pfx

 原文  2022-05-02 14:05:47       azure/ authentication/ azure-logic-apps

问题描述

I want to get the token information for ADP Client through Azure Logic App.我想通过 Azure Logic App 获取 ADP 客户端的令牌信息。 I have the Client Certificate from ADP so I decided to use HTTP trigger from Logic App and selected authentication type "Client Certificate".我有来自 ADP 的客户端证书,所以我决定使用来自 Logic App 的 HTTP 触发器并选择身份验证类型“客户端证书”。 Since I cant directly use certificate in Logic app so I converted certificate into base64Encoded .pfx format, and certificate is not having any password.由于我不能直接在 Logic 应用程序中使用证书,所以我将证书转换为 base64Encoded .pfx 格式,并且证书没有任何密码。 below is the sample code for the request下面是请求的示例代码

{
    "definition": {
        "$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
        "actions": {},
        "contentVersion": "1.0.0.0",
        "outputs": {},
        "triggers": {
            "HTTP": {
                "inputs": {
                    "authentication": {
                        "pfx": "convertedbase64string",
                        "type": "ClientCertificate"
                    },
                    "body": "grant_type=client_credentials&client_id=ClientId&client_secret=client_secret",
                    "headers": {
                        "content-type": "application/x-www-form-urlencoded"
                    },
                    "method": "POST",
                    "uri": "https://accounts.adp.com/auth/oauth/v2/token"
                },
                "recurrence": {
                    "frequency": "Month",
                    "interval": 15
                },
                "type": "Http"
            }
        }
    },
    "kind": "Stateful"
}

above request returns me bad request, can anyone help me what is going wrong here?上面的请求返回了我不好的请求,谁能帮我这里出了什么问题?

For converting into base64 I used below steps in power shell
$pfx_cert = get-content 'C:\sample\adpcertificate.pfx' -Encoding Byte
$output =[Convert]::ToBase64String($pfx_cert)
$output

I tried same request with client certificate using postman which is working fine, but not able to get succeed with Logic App.我使用邮递员尝试了与客户端证书相同的请求,该请求运行良好,但无法通过 Logic App 获得成功。

Any help is much appreciated.任何帮助深表感谢。

1 个解决方案

解决方案1
 0  2022-05-24 18:14:19

There are only few differences between the headers sent from Postman and the Logic App.从 Postman 和 Logic App 发送的标头之间只有很少的区别。 The main difference is that Postman also sends the accept-header: "Accept": "*/*" and leaves out alle the x-ms-* headers from the logic app.主要区别在于 Postman 还发送了 accept-header: "Accept": "*/*"并从逻辑应用程序中忽略了所有x-ms-*标头。

I created a Logic App with http-trigger, which I post to from Postman and Logic App to inspect the changes:我使用 http-trigger 创建了一个逻辑应用程序,我从 Postman 和逻辑应用程序发布到该应用程序以检查更改:

With Postman与邮递员

{
    "headers": {
        "Connection": "keep-alive",
        "Accept": "*/*",
        "Accept-Encoding": "br,gzip,deflate",
        "Host": "....westeurope.logic.azure.com:443",
        "User-Agent": "PostmanRuntime/7.28.4",
        "Postman-Token": "...-baea-4e89-9bf6-490a63968b5d",
        "Content-Length": "76",
        "Content-Type": "application/x-www-form-urlencoded"
    },
    "body": {
        "$content-type": "application/x-www-form-urlencoded",
        "$content": "Z3JhbnRfdHlwZT1jbGllbnRfY3JlZGVudGlhbHMmY2xpZW50X2lkPUNsaWVudElkJmNsaWVudF9zZWNyZXQ9Y2xpZW50X3NlY3JldA==",
        "$formdata": [
            {
                "key": "grant_type",
                "value": "client_credentials"
            },
            {
                "key": "client_id",
                "value": "ClientId"
            },
            {
                "key": "client_secret",
                "value": "client_secret"
            }
        ]
    }
}

With Logic App使用逻辑应用

{
    "headers": {
        "Connection": "Keep-Alive",
        "Accept-Encoding": "gzip,deflate",
        "Accept-Language": "en",
        "Host": "...westeurope.logic.azure.com",
        "User-Agent": "azure-logic-apps/1.0,(workflow ...; version ...)",
        "x-ms-trigger-callback-url": "https://....westeurope.logic.azure.com/ <...>",
        "x-ms-trigger-type": "Http",
        "x-ms-workflow-id": "...",
        "x-ms-workflow-version": "...",
        "x-ms-workflow-name": "myworkflowname",
        "x-ms-workflow-system-id": "/locations/westeurope/scaleunits/...",
        "x-ms-workflow-run-id": "...",
        "x-ms-workflow-operation-name": "HTTP",
        "x-ms-execution-location": "westeurope",
        "x-ms-workflow-subscription-id": "...",
        "x-ms-workflow-resourcegroup-name": "..",
        "x-ms-tracking-id": "...",
        "x-ms-correlation-id": "...",
        "x-ms-client-request-id": "...",
        "x-ms-activity-vector": "...",
        "Content-Length": "76",
        "Content-Type": "application/x-www-form-urlencoded"
    },
    "body": {
        "$content-type": "application/x-www-form-urlencoded",
        "$content": "Z3JhbnRfdHlwZT1jbGllbnRfY3JlZGVudGlhbHMmY2xpZW50X2lkPUNsaWVudElkJmNsaWVudF9zZWNyZXQ9Y2xpZW50X3NlY3JldA==",
        "$formdata": [
            {
                "key": "grant_type",
                "value": "client_credentials"
            },
            {
                "key": "client_id",
                "value": "ClientId"
            },
            {
                "key": "client_secret",
                "value": "client_secret"
            }
        ]
    }
}

Solution解决方案

My solution would be to manually add the Accept-Header in the post request in the Logic App.我的解决方案是在逻辑应用程序的发布请求中手动添加 Accept-Header。

"headers": {
        "Accept": "*/*",
        // ...
    },

I sadly don't have an ADP account to verify this, but I've seen other APIs break when no accept header is sent.遗憾的是,我没有 ADP 帐户来验证这一点,但我看到其他 API 在没有发送接受标头时中断。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从 base64 编码字符串解析 Azure 逻辑应用程序中的 JSON 数组,以在 For_each 中使用 - Parsing JSON array in Azure Logic App from base64 encoded string to use in For_each 从 base64 编码字符串创建证书在 Azure Function 中失败 - Creating Certificate from base64 encoded string failing in Azure Function .pfx文件的Base-64编码形式 - Base-64 encoded form of the .pfx file 在Mac上将Azure应用服务证书导出为.pfx - Export Azure App Service Certificate as .pfx on Mac Azure APIM with certificate authentication error using.pfx certificate - Azure APIM with certificate authentication error using .pfx certificate 从Java的Azure Blob存储下载数据后,如何在图像中嵌入base64编码的数据? - How to embed base64 encoded data in image after downloading data from Azure Blob Storage in Javascript? Azure APIM在将Content-Type作为application / json传递时验证base64编码的文本吗? - Azure APIM validating base64 encoded text when passing Content-Type as application/json? azure signaturehash 从 debug.keystore 拒绝我的 Base64 编码的 SHA1 hash - azure signaturehash rejects my Base64 encoded SHA1 hash from debug.keystore 可以添加到Azure队列的base64编码字符串的最大长度是多少? - What is the maximum length of base64 encoded string that can be added to Azure queue? 将从 API 返回的 PNG 转换为 JPG,然后转换为 Azure 函数中的 Base64 编码字符串 - Converting a PNG returned from an API to a JPG, then to a Base64 encoded string in an Azure function
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM