堆栈内存溢出
  简体   繁体   English

Django 不验证或查看来自 Azure 的 JWT 令牌

[英]Django doesn't validate or see the JWT token from Azure

 原文  2022-06-14 14:56:10       python/ django/ azure/ django-rest-framework/ jwt

问题描述

I used azure-ad-verify-token 0.2.1 on Django-rest backend to validate a jwt token from Microsoft Azure , where the user is authenticated on the frontend with React .我在Django-rest后端使用azure-ad-verify-token 0.2.1来验证来自Microsoft Azurejwt token ,用户在前端使用React进行身份验证。

According to the documentation, this library should do everything on its own.根据文档,这个库应该自己做所有事情。

from azure_ad_verify_token import verify_jwt

azure_ad_app_id = 'my app id'
azure_ad_issuer = 'https://exampletenant.b2clogin.com/0867afa-24e7-40e9-9d27-74bb598zzzzc/v2.0/'
azure_ad_jwks_uri = 'https://exampletenant.b2clogin.com/exampletenant.onmicrosoft.com/B2C_1_app_sign_in/discovery/v2.0/keys'
payload = verify_jwt(
    token='<AZURE_JWT_TO_VERIFY_HERE>',
    valid_audiences=[azure_ad_app_id],
    issuer=azure_ad_issuer,
    jwks_uri=azure_ad_jwks_uri,
    verify=True,
)

print(payload)

I don't understand the line token='<AZURE_JWT_TO_VERIFY_HERE>' , how can I put the token there?我不明白token='<AZURE_JWT_TO_VERIFY_HERE>'行,我怎样才能把令牌放在那里?

Authorization from Azure on React is successful, and I get a access jwt-token that I can extract: Azure 对React的授权成功,我获得了一个可以提取的access jwt-token

token = request.headers['Authorization']

But I need to validate it and somehow insert it into a string token='<AZURE_JWT_TO_VERIFY_HERE>' , but it doesn't recognize the request here.但我需要验证它并以某种方式将其插入到字符串token='<AZURE_JWT_TO_VERIFY_HERE>'中,但它无法识别此处的request

How can I put a token= from the header ?如何从header中放置token=

And in general, is this the right way?总的来说,这是正确的方法吗? Or am I missing something?还是我错过了什么? Any help and hints would be very helpful and would be greatly appreciated.任何帮助和提示都会非常有帮助,将不胜感激。 Or advise another library for token validation in Python .或者建议另一个库在Python中进行token validation

1 个解决方案

解决方案1
 0  2022-06-17 12:07:31

  • azure-ad-verify-token This is used to verify the tokens received from azure ad. azure-ad-verify-token这用于验证从 azure ad 收到的令牌。

  • You have to get auth tokens from azure using MSAL python library and the azure-ad-verify-token will then verify the token.您必须使用 MSAL python 库从 azure 获取身份验证令牌,然后 azure-ad-verify-token 将验证令牌。

  • To retrieve the tokens, you will need MSAL python library, and it will also take clientid and tenentd as arguments.要检索令牌,您将需要 MSAL python 库,它还将clientidtenentd作为参数。

test_app=PublicClientApplication(client_id=client_id,authority="https://login.microsoftonline.com/"+tenant_id)

test_tokens=test_app.acquire_token_interactive(scopes=scopes)

  • Now you can take the token you just received and use it in the azure-ad-verify-token .现在您可以获取刚刚收到的令牌并在azure-ad-verify-token中使用它。

token=test_tokens['access_token']

Reference:参考:

MSAL Python MSAL 蟒蛇

Authenticate Python apps by using the Azure SDK for Python 使用 Azure SDK for Python 对 Python 应用进行身份验证

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 验证来自 AAD Azure 的 JWT access_token 失败 - Validate JWT access_token from AAD Azure Fails Django JWT的AFNetworking和令牌 - AFNetworking and Token from Django JWT 从视图内部生成 Django JWT 令牌 - Generate Django JWT token from inside a view Postgresql没有看到来自Django(Heroku)的模型 - Postgresql doesn't see models from Django(Heroku) Python JWT 未使用谷歌公钥验证 - Python JWT doesn't validate with google public key 在 Django 中使用 JWT 令牌进行身份验证 - Authenticating with JWT token in Django django-recaptcha不验证输入 - django-recaptcha doesn't validate the input Django 看不到静态 css 文件 - Django doesn't see static css files Django 在其他表中看不到 fk - Django doesn't see fk in other table Django 看不到静态文件 - Django doesn't see static files
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM