在我们的应用程序中使用Angular 5,我们通过Azure Active Directory(AAD)进行身份验证,获取持有者令牌以访问后端API . 我们在对后端api的身份验证调用中没有取得任何成功,获得401未经授权 . App和Api都托管在Azure中 . 在解决此问题时,将不胜感激任何帮助:
The App service Registration on AAD:
Angular App (using the adal-angular5 1.0.36 library):
Application ID: aaaaa-aaaaa-aaaaa-aaaaa-aaaaa
Object ID: bbbbbb-bbbbb-bbbb-bbbbb-bbbbbb
App ID URI: https://frontendapp.azurewebsites.net
Home Page URL: https://homepage.frontendapp.com
Backend API (.Net 4.7):
Application ID: cccccc-cccccc-cccccc-cccccc-cccccc
Object ID: dddddd-ddddd-ddddd-dddddd-dddddd
App ID URI: https://backendapi.azurewebsites.net
Home Page URL: https://homepage.backendapi.com
App方面
config for adal-angular5 on the Angular App:
config: adal.Config = {
tenant: 'common',
clientId: 'aaaaa-aaaaa-aaaaa-aaaaa-aaaaa',
postLogoutRedirectUri: window.location.origin,
endpoints: {
ApiUri: "https://homepage.backendapi.com",
}
};
Call to get the bearer token:
this.adal5Service.acquireToken("https://backendapi.azurewebsites.net")
call to the api
我们验证了选项包含具有承载令牌的标头:
this.adal5HttpService.get('/api/hello', options);
在API方面
我们正在使用Microsoft Owin库(Microsoft.Owin 4.0.0 nuget包),
API startup:
public partial class Startup
{
/// <summary>
/// Initializes OWIN authentication.
/// </summary>
/// <param name="app">Web API AppBuilder</param>
public void Configuration(IAppBuilder app)
{
if (app == null)
{
throw new ArgumentNullException("app");
}
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Tenant = "common",
Audience = "https://backendapi.azurewebsites.net"
});
}
}
API side controler
[HttpGet]
[Authorize]
[Route("hello")]
public string GetHello()
{
try
{
var result = "we hit it yay!!!!!!!!!!!!!!!";
return result;
}
catch (Exception ex)
{
var msg = "not hit saddd.....";
var error = new Exception(msg, ex);
throw error;
}
}
使用 [Authorize] 属性,我们将获得401未授权,没有其他错误消息 .
如果没有 [Authorize] 属性,我们就可以正常使用Controller方法并获得返回结果 .
我能够确认从App发送的持有者令牌确实是我们在Api中的头部中获得的持有者令牌 . 我无法弄清楚为什么我们会得到未经授权的 .
APP或API端的配置设置是否正确?
Azure中是否需要其他配置?
任何帮助都会很感激!