0

我在基于WebApp-graph-user sample的应用程序中收到以下错误堆栈。我只是想登录并获取 User.ReadBasic.All 图形权限的令牌。我检查了进入 AcquireTokenByAuthorizationCode 的所有参数,一切看起来都不错(没有空值)。应用程序是使用 .net core 3.1 的 MVC Web 应用程序。

堆:

NullReferenceException:对象引用未设置为对象的实例。Microsoft.Identity.Client.Internal.ClientCredentialWrapper.get_Thumbprint() Microsoft.Identity.Client.Internal.JsonWebToken+JWTHeaderWithCertificate..ctor(ClientCredentialWrapper credential, bool sendCertificate) Microsoft.Identity.Client.Internal.JsonWebToken.EncodeHeaderToJson(ClientCredentialWrapper credential, bool sendCertificate) Microsoft.Identity.Client.Internal.JsonWebToken.Encode(ClientCredentialWrapper credential, bool sendCertificate) Microsoft.Identity.Client.Internal.JsonWebToken.Sign(ClientCredentialWrapper credential, bool sendCertificate) Microsoft.Identity.Client.Internal.Requests.ClientCredentialHelper。 CreateClientCredentialBodyParameters(ICoreLogger 记录器,ICryptographyManager cryptographyManager,ClientCredentialWrapper clientCredential,CancellationToken cancelToken) Microsoft.Identity.Web.TokenAcquisition.AddAccountToCacheFromAuthorizationCodeAsync(AuthorizationCodeReceivedContext context, IEnumerable scopes) in TokenAcquisition.cs + var result = await application Microsoft.Identity.Web.WebAppServiceCollectionExtensions+<>c__DisplayClass2_1+<b__3>d.MoveNext() 在 WebAppServiceCollectionExtensions。 cs + 等待 tokenAcquisition.AddAccountToCacheFromAuthorizationCodeAsync(context, options.Scope).ConfigureAwait(false); Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RunAuthorizationCodeReceivedEventAsync(OpenIdConnectMessage 授权响应,ClaimsPrincipal 用户,AuthenticationProperties 属性,JwtSecurityToken jwt)Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler。

代码:来自 TokenAcquisition.cs - 第 127 行

                // Do not share the access token with ASP.NET Core otherwise ASP.NET will cache it and will not send the OAuth 2.0 request in
                // case a further call to AcquireTokenByAuthorizationCodeAsync in the future is required for incremental consent (getting a code requesting more scopes)
                // Share the ID Token though
                var result = await application
                    .AcquireTokenByAuthorizationCode(scopes.Except(_scopesRequestedByMsal), context.ProtocolMessage.Code)
                    .ExecuteAsync()
                    .ConfigureAwait(false);
                context.HandleCodeRedemption(null, result.IdToken);
4

1 回答 1

0

已解决:由于此处讨论的错误配置,结果证明这是一个空客户端机密值: https ://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/1476

于 2020-03-06T22:16:26.730 回答