1

我创建了一个 MVC 应用程序,在主页中,我有一个 Power BI 仪表板报告,所以我在索引操作中配置了 Power BI 和 Azure AD 配置,一旦调用索引操作,它将验证身份验证并重定向到重定向行动方法。在该方法中,Authentication 已经过验证并调用 Power BI 操作方法并显示报告。

该报告在页面中工作正常,但是当将其设置为 Iframe 时,它​​不起作用并显示以下错误。

主页索引操作:

public ActionResult Index()
{
    var @params = new NameValueCollection
    {      
        //Azure AD will return an authorization code. 
        //See the Redirect class to see how "code" is used to AcquireTokenByAuthorizationCode
        {"response_type", "code"},
        //Client ID is used by the application to identify themselves to the users that they are requesting permissions from. 
        //You get the client id when you register your Azure app.
        {"resource", "https://analysis.windows.net/powerbi/api"},
        {"redirect_uri", "xxxx/home/Redirect."}
    };

    //Create sign-in query string
    var queryString = HttpUtility.ParseQueryString(string.Empty);
    queryString.Add(@params);

    string authorityUri = "https://login.windows.net/common/oauth2/authorize/";
    var authUri = String.Format("{0}?{1}", authorityUri, queryString);
    ViewBag.authUri = authUri;

    return View();
}

重定向操作方法:

public async Task<ActionResult> Redirect()
{
    string code = Request.Params["code"];

    if (code != null)  
    {
        AuthenticationContext AC = new AuthenticationContext("https://login.windows.net/common/oauth2/authorize", TC);
        ClientCredential cc = new ClientCredential("xxxxx", "xxxxxxx");

        AuthenticationResult AR = await AC.AcquireTokenByAuthorizationCodeAsync(code, new Uri("http://localhost:43333/home/redirect"), cc);

        //Set Session "authResult" index string to the AuthenticationResult
        Session["authResult"] = AR;
    } else {
        //Remove Session "authResult"
        Session["authResult"] = null;
    }

    return RedirectToAction("POWERBI", "Home");
}

Power BI 操作

public async Task<ActionResult> POWERBI()
{
    AuthenticationResult authResult;
    authResult = (AuthenticationResult)Session["authResult"];
    var token = authResult.AccessToken;
    ViewBag.Token = token;
    var tokenCredentials = new TokenCredentials(token, "Bearer");

    // Create a Power BI Client object. It will be used to call Power BI APIs.
    using (var client = new PowerBIClient(new Uri(ApiUrl), tokenCredentials))
    {
        // Get a list of dashboards.
        var dashboards = await client.Dashboards.GetDashboardsInGroupAsync(GroupId);

        // Get the first report in the group.
        var dashboard = dashboards.Value.FirstOrDefault();
        //var dashboard = dashboards.Value.Where(w => w.Id == "DashboardId");

        if (dashboard == null)
        {
            return View(new EmbedConfig()
            {
                ErrorMessage = ""
            });
        }

        // Generate Embed Token.
        var generateTokenRequestParameters = new GenerateTokenRequest(accessLevel: "view");
        var tokenResponse = await client.Dashboards.GenerateTokenInGroupAsync(GroupId, dashboard.Id, generateTokenRequestParameters);

        if (tokenResponse == null)
        {
            return View(new EmbedConfig()
            {
                ErrorMessage = "."
            });
        }

        // Generate Embed Configuration.
        var embedConfig = new EmbedConfig()
        {
            EmbedToken = tokenResponse,
            EmbedUrl = dashboard.EmbedUrl,
            Id = dashboard.Id
        };

        return View(embedConfig);
    }   
}

在 iframe 内的主页视图中:

<iframe src="@Url.Action("Index", "Home")" class="col-lg-12 col-md-12 col-sm-12" height="450">  </iframe>

注意: - 没有 Iframe,功能可以正常工作。- 在 iframe 中显示报告时出现问题。

错误:

拒绝在 iframe 中显示 url,因为它设置 X-frame-options-to 拒绝

错误

4

1 回答 1

2

错误消息意味着<iframe src>您试图拉入您的网站不允许它在 iframe 中托管。它正在发送响应标头:

X-Frame-Options: DENY

并且浏览器正在阻止框架。主机页面这样做是为了防止跨框架脚本攻击

于 2018-03-17T17:21:10.253 回答