1


我一直在尝试让 AdalJS 参与 Cordova/phonegap 项目。我正在尝试向 webapi(支持 ADAL 身份验证)发出 api 请求,但我只看到发生令牌刷新请求但没有实际的 api 请求。

当我在登录到应用程序并尝试访问 webapi 后尝试向 webapi 发出请求时,我在 javascript 控制台中看到以下内容:

renewToken is called for resource:https://mytentantid.onmicrosoft.com/webapiclientid
Add adal frame to document:adalRenewFrame
Renew token Expected state: <token here>|https://mytentantid.onmicrosoft.com/webapiclientid
Navigate url:https://login.windows.net/mytenantid.onmicrosoft.com/oauth2/authorize?response_type=token&client_id=<id here>8&resource=https%3A%2F%2Fmytenantid.onmicrosoft.com%2FWebApiclientID&redirect_uri=https%3A%2F%2Fmywebapiurl.azurewebsites.net&state=fc37b890-904d-4734-8f49-7ae1d79345a3%7Chttps%3A%2F%2Fmytenantid.onmicrosoft.com%2FwebAPIclientID&nux=1&x-client-SKU=Js&x-client-Ver=1.0.0
Navigate to:https://login.windows.net/mytenantid.onmicrosoft.com/oauth2/authorize?response_type=token&client_id=<client id token>8&resource=https%3A%2F%2Fmytenant.onmicrosoft.com%2Fwebapiclientid&redirect_uri=https%3A%2F%2Fmywebapiurl.azurewebsites.net&state=<token>%7Chttps%3A%2F%2Fmytenant.onmicrosoft.com%2Fwebapiclientid&nux=1&x-client-SKU=Js&x-client-Ver=1.0.0&prompt=none&login_hint=myaccount%40outlook.com&domain_hint=outlook.com&nonce=<nonce here>
LoadFrame: adalRenewFrame
HTML1300: Navigation occurred
File: about:blank (seems to navigate to a blank iframe)
Add adal frame to document:adalRenewFrame
LoadFrame: adalRenewFrame
HTML1300: Navigation occurred
File: mywebapiurl.azurewebsites.net
Add adal frame to document:adalRenewFrame

app.config 中对 Adaljs 的定义:

    var localUri = window.location.href;
    var redirectUri = "https://mywebapiurl.azurewebsites.net";



    var config = {
        tenant: "mytenant.onmicrosoft.com",
        clientId: '<client-id-of-mobile-app>',
        endpoints: {
            "https://mywebapiurl.azurewebsites.net/": "https://mytentantname.onmicrosoft.com/webAPIclientURI"
        },
        postLogoutRedirectUri: 'http://www.google.com',
        extraQueryParameter: 'nux=1',
        localLoginUrl: '/login',
        displayCall: function (url) {
            var ref = window.open(url, '_blank', 'location=no,hidden=no');
            ref.addEventListener('loadstart', function (event) {
                if ((event.url).indexOf(redirectUri) === 0) {
                    ref.close();
                    window.location.href = event.url.replace(redirectUri + "/", localUri);
                    window.location.reload();
                }
            });
        },
        cacheLocation: "localStorage"
    };

    if (localUri.indexOf("http://") !== 0 && localUri.indexOf("https://") !== 0) {
        config.redirectUri = redirectUri;
    }

    adalProvider.init(config, $httpProvider);

我的 webapi 配置设置:

<appsettings>
    <add key="ida:Tenant" value="mytentantid.onmicrosoft.com" />
    <add key="ida:Audience" value="<api client uri>" />
</appsettings>

启动.auth.cs:

public void ConfigureAuth(IAppBuilder {
            app.UseWindowsAzureActiveDirectoryBearerAuthentication(
               new WindowsAzureActiveDirectoryBearerAuthenticationOptions
               {
                   Audience = ConfigurationManager.AppSettings["ida:Audience"],
                   Tenant = ConfigurationManager.AppSettings["ida:Tenant"],
               });

        }

该 API 在 Azure 网站上运行,可通过浏览器访问。当我执行获取请求时,我只看到令牌刷新,但看不到实际的 api 请求。移动应用程序有权在 AAD 配置中使用 webapi。

我的配置有问题吗?

4

1 回答 1

0

配置中的端点用于 CORS API 请求。看起来您正在尝试访问也托管您的页面的 api。您应该从配置中删除端点。

于 2015-03-09T18:18:48.613 回答