我在我的应用程序中使用 Angular ADAL 包装器 microsoft-adal-angular6。身份验证正在工作。但是,在令牌刷新期间,Azure AD 返回“已发送静默登录请求,但当前登录的用户均不匹配请求的登录提示”错误。这个问题有什么解决办法吗?
这是提琴手的踪迹。请求标头
GET /xxxx-xxxx-xxxx-xxxx/oauth2/authorize?response_type=id_token&client_id=xxxx-xxxx-xxxx-xxxx&redirect_uri=http://localhost:4200/#/login/callback#&state=xxxx-xxxx-xxxx-xxxx|xxxx-xxxx-xxxx-xxxx&client-request-id=xxxx-xxxx-xxxx-xxxx&x-client-SKU=Js&x-client-Ver=1.0.17&prompt=none&login_hint=Firstname.Lastname@comapany.com&domain_hint=company.com&nonce=xxxx-xxxx-xxxx-xxxx HTTP/1.1
回复
Location: http://localhost:4200/#error=login_required&error_description=AADSTS50058: A silent sign-in request was sent but none of the currently signed in user(s) match the requested login hint. Trace ID: 81dc661a-9151-4d18-a951-e202aa411b00 Correlation ID: ce35413a-f1fa-44ef-aa48-937375c579cc Timestamp: 2020-07-01 11:23:35Z&error_uri=https://login.microsoftonline.com/error?code=50058&state=xxxx-xxxx-xxxx-xxxx|xxxx-xxxx-xxxx-xxxx
我尝试使用 adalsvc.RefreshToken() 来避免静默登录(对吗?),我收到了以下警告。
Set-Cookie header is ignored in response from url: https://login.microsoftonline.com/xxxx-xxxx-xxxx-xxxx/oauth2/authorize?response_type=id_token&client_id=xxxx-xxxx-xxxxx-xxxx&redirect_uri=http://localhost:4200/#/login/callback#&state=xxxx-xxxx-xxxx-xxxxx|xxxx-xxxx-xxxx-xxxx&client-request-id=xxxx-xxxx-xxxx-xxxx&x-client-SKU=Js&x-client-Ver=1.0.17&prompt=none&login_hint=firstname.lastname@company.com&domain_hint=company.com&nonce=xxxx-xxxx-xxxx-xxxx. Cookie length should be less than or equal to 4096 characters.