0

我正在使用 ADAL iOS 库进行 Azure 身份验证。但是,如果我先使用一个帐户登录,然后退出并使用另一个帐户登录,则会遇到问题。即使我设置了“AD_PROMPT_ALWAYS”,我也会收到以下错误。

2015-08-31 12:50:39.939 PortalDev[908:174411] ADALiOS [2015-08-31 11:50:39 - xxx-xxx-xxx-xxx-xxx] ERROR: Error raised: 19. Additional Information: Domain: ADAuthenticationErrorDomain ProtocolCode:(null) Details:Different user was authenticated. Expected: 'aaa@xxx.com'; Actual: 'bbb@xxx.com'. Either the user entered credentials for different user, or cookie for different logged user is present. Consider calling acquireToken with AD_PROMPT_ALWAYS to ignore the cookie.. ErrorCode: 19.
2015-08-31 12:50:39.943 PortalDev[908:174411] ADAL Error: 19, Different user was authenticated. Expected: 'aaa@xxx.com'; Actual: 'bbb@xxx.com'. Either the user entered credentials for different user, or cookie for different logged user is present. Consider calling acquireToken with AD_PROMPT_ALWAYS to ignore the cookie. (status: 2)

我清除了缓存,并尝试清除了我认为的 cookie:

if (allItems.count > 0) {
            [cache removeAllWithError:&error];
            if (error) {
                CLSNSLog(@"Error clearing cache: %@", error.errorDetails);
            } else {
                CLSNSLog(@"Items removed.");
            }
        } else {
            CLSNSLog(@"Was no user cached.");
        }


        NSHTTPCookieStorage* cookieStorage = [NSHTTPCookieStorage sharedHTTPCookieStorage];
        NSArray* cookies = cookieStorage.cookies;
        if (cookies.count)
        {
            for(NSHTTPCookie* cookie in cookies)
            {
                CLSNSLog(@"Deleting Auth Cookie %@.", cookie.name);
                [cookieStorage deleteCookie:cookie];
            }
            CLSNSLog(@"Auth Cookies cleared.");
        }

但我不认为有任何 cookie 需要清除。当我得到登录网页时,用户名是预先填写的。几周/几个月前我认为它运行良好,但现在似乎出现了问题。我今天从最新的 GitHub 源代码构建了这个库。

有什么建议可以让我切换用户名吗?

4

1 回答 1

0

错误消息说:

预期:'aaa@xxx.com';实际:'bbb@xxx.com'

这表明正在将 userId 参数传递给 acquireToken。这将导致预先填写登录页面中的用户名字段。但是,错误是说当用户登录时,他们将用户名字段更改为不同的用户。因为您请求了特定用户但没有获得该用户的令牌,所以 acquireToken 返回错误。有关更多详细信息,请参阅此答案:

ADAL iOS - 不同的用户已通过身份验证。预期 userA@mydomain.com,实际 userB@mydomain.com

于 2015-09-01T16:12:19.190 回答