stackoom
  简体   繁体   中英

Can't login user to Azure AD using a bearer token without cookies

 原文  2020-01-14 20:53:24       c#/ azure/ api/ azure-active-directory/ restful-authentication

Question

Right now I'm hitting an API that uses Azure AD to authenticate users. Using a bearer token results in a HTTP 302 error redirecting users to login. However, if I have a few cookies, the GET request goes through fine.

How come the bearer token is not acceptable on it's own, and needs cookies? Is there a way around this?

1 answers

solution1
 0 ACCPTED  2020-01-16 01:34:57

If you are using .net core and you want to use an access token to auth requests, pls make sure that you are using AzureADBearer as your Authentication service.

Go to Startup.cs and try the code below :

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.AzureAD.UI;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;

namespace WebApplicationAzureAD
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication(AzureADDefaults.BearerAuthenticationScheme)
                .AddAzureADBearer(options => Configuration.Bind("AzureAd", options));
            services.AddControllers();
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseHttpsRedirection();

            app.UseRouting();

            app.UseAuthentication();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllers();
            });
        }
    }
}

Content of appsettings.json 

{
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "<your tenant domain>",
    "TenantId": "<your tenant ID>",
    "ClientId": "<your client ID>"
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AllowedHosts": "*"
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Azure AD Jwt Bearer token How to generate a bearer token from azure ad with user credentials Validation of an Azure AD Bearer Token in a Console Application Jmeter - Azure AD - Bearer Token - Configuration Function Validate Bearer token (azure ad) with MSAL Obtaining bearer access token to access o365 resource, using Azure AD auth Need to generate Azure AD bearer token using C# rest call Getting Access Token from Azure AD without user credentials Azure AD Graph API Bearer Token with ADAL JS Unable to get bearer token from Azure AD to use with API App
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM