stackoom
  简体   繁体   中英

Azure AD B2C: Unable to get token with authorization code

 原文  2019-05-03 14:32:21       azure/ azure-active-directory

Question

I am currently following this guide on setting up authorization for an azure function. I'm currently trying to test the auth portion in fiddler separately from my web app to ensure I can get a valid token. I am able to successfully retrieve an authorization code however after that, I need to post some data to exchange the authorization code for a token. When trying to do that, I am being returned a 502 with message: DNS Lookup for "mytenantname.onmicrosoft.com" failed. System.Net.Sockets.SocketException No such host is known DNS Lookup for "mytenantname.onmicrosoft.com" failed. System.Net.Sockets.SocketException No such host is known as if the host does not exist at all. My post to the endpoint looks as follows where B2C_1_FunctionsPlaygroundSignInRegister is the name of my user flow: 

POST https://mytenantname.onmicrosoft.com/oauth2/v2.0/token?p=B2C_1_FunctionsPlaygroundSignInRegister HTTP/1.1

User-Agent: Fiddler

Content-Type: application/x-www-form-urlencoded

Host: mytenantname.onmicrosoft.com

Body:grant_type=authorization_code&client_id=MyApplicationIdForTheAzure-AD-B2C-ap-here&code=myCodeHere&redirect_uri=jwt.ms

For reference, here is the working get request I send that I can type in a browser, be prompted with a login/register screen, and be returned an authorization code after logging in: 

https://mytenantname.b2clogin.com/tfp/mytenantname.onmicrosoft.com/B2C_1_FunctionsPlaygroundSignInRegister/oauth2/v2.0/authorize?client_id=yApplicationIdForTheAzure-AD-B2C-ap-here&nonce=2&redirect_uri=https://functionapi.azurewebsites.net/.auth/login/aad/callback&scope=https://mytenantname.onmicrosoft.com/api/read&response_type=code

Can someone please point out where I'm going wrong here? I've now spent a great deal of time on this issue and am out of ideas.

1 answers

solution1
 1 ACCPTED  2019-05-03 14:43:46

Your POST url and Host header are wrong.

See this section -

OAuth 2.0 authorization code flow in Azure Active Directory B2C 

POST fabrikamb2c.onmicrosoft.com/oauth2/v2.0/token?p=b2c_1_sign_in HTTP/1.1
Host: https://fabrikamb2c.b2clogin.com

Note the Host header. That means your Fiddler request should read something like this: 

POST https://mytenantname.b2clogin.com/mytenantname.onmicrosoft.com/oauth2/v2.0/token?p=...
Host: mytenantname.b2clogin.com

PS This is way better than Fiddler for what you're trying to do - https://oauthdebugger.com/

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to get user profile info in Authorization code flow Azure AD B2C? Azure AD B2C get token programatically for unit testing Azure ad and Azure ad b2c token validation failure Unable to get Refresh token from Azure B2C Example of fetch() method to API with Azure AD B2C authorization Azure AD B2C Authorization support based on Scope/Role Authorization in Azure AD B2C for the react React Native app Azure Ad b2c: Get email in Claims after successfully Signin in azure ad b2c I get the message “This is not an Azure AD B2C directory…” for my Azure AD B2C tenant How to validate Azure ad b2c token using PHP?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM