【发布时间】:2020-12-06 00:12:12
【问题描述】:
我在从我的 React 应用程序获取访问令牌时遇到问题,试图访问我自己的 .NET Core 3.1 Web API。我可以正常登录并且可以访问用户数据,但是当我尝试获取访问令牌时,我不断收到以下错误。将不胜感激任何帮助或推动正确的方向。谢谢!
未捕获(承诺中) BrowserAuthError:silent_sso_error:无法完成静默 SSO - 提供的信息不足。请提供 loginHint 或 sid。
这是我所拥有的:
- 设置 React 应用注册(SPA w/redirect to localhost:3000 using auth code flow)
- 设置 .NET Core Web api 应用注册(Web w/重定向到 localhost:44347)
- 为 Web api 创建了两个作用域(读取和写入)
- 将 spa 的 api 权限授予 web api 范围
.NET Core 3.1 Web API 设置(参考:https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-protected-web-api-app-configuration):
- 启动配置服务
services.AddMicrosoftIdentityWebApiAuthentication(Configuration, "AzureAdB2C");
- appsettings.json
"AzureAdB2C": {
"Instance": "https://{example}.b2clogin.com",
"ClientId": "{web api Client ID}",
"TenantId": "xxxxxxxxxxxx",
"Audience": "https://{example}.onmicrosoft.com/api"
}
使用“@azure/msal-browser”设置反应:“^2.7.0”和“@azure/msal-react”:“^1.0.0-alpha.0”(参考:https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-react):
- index.tsx
const configuration: Configuration = {
auth: {
clientId: '{SPA Client ID}',
authority: 'https://{example}.b2clogin.com/{example}.onmicrosoft.com/B2C_1_SignUpIn',
knownAuthorities: ['{example}.b2clogin.com'],
},
cache: {
cacheLocation: 'localStorage', // This configures where your cache will be stored
storeAuthStateInCookie: false // Set this to "true" to save cache in cookies
}
};
const pca = new PublicClientApplication(configuration);
<MsalProvider instance={pca}>
<App />
</MsalProvider>
- App.tsx
useEffect(() => {
if (error) {
login(InteractionType.Popup);
}
}, [error, login]);
- 访问令牌代码
const { instance, accounts, inProgress } = useMsal();
useEffect(() => {
if (inProgress === 'none' && accounts.length > 0) {
const request = {
account: accounts[0],
scopes: ["https://{example}.onmicrosoft.com/api/scope.read"]
};
// Retrieve an access token
instance.acquireTokenSilent(request)
.then(response => {
console.log('response', response);
if (response.accessToken) {
console.log('accessToken', response.accessToken);
return response.accessToken;
}
return null;
})
.catch(error => console.log('token error', error));
}
}, [inProgress, accounts, instance]);
【问题讨论】:
标签: reactjs azure-active-directory asp.net-core-webapi azure-ad-b2c msal