ADAL与Web API的通信会导致令牌刷新,但不会向WebAPI发出请求

时间:2015-03-09 09:30:41

标签: cordova asp.net-web-api adal


我一直试图让AdalJS参与Cordova / phonegap项目。 我试图向webapi(支持ADAL身份验证)发出api请求,但我只看到发生令牌刷新的请求但没有实际的api请求。

当我在登录应用程序并尝试访问webapi后尝试向webapi发出请求时,我在javascript控制台中看到以下内容:

renewToken is called for resource:https://mytentantid.onmicrosoft.com/webapiclientid
Add adal frame to document:adalRenewFrame
Renew token Expected state: <token here>|https://mytentantid.onmicrosoft.com/webapiclientid
Navigate url:https://login.windows.net/mytenantid.onmicrosoft.com/oauth2/authorize?response_type=token&client_id=<id here>8&resource=https%3A%2F%2Fmytenantid.onmicrosoft.com%2FWebApiclientID&redirect_uri=https%3A%2F%2Fmywebapiurl.azurewebsites.net&state=fc37b890-904d-4734-8f49-7ae1d79345a3%7Chttps%3A%2F%2Fmytenantid.onmicrosoft.com%2FwebAPIclientID&nux=1&x-client-SKU=Js&x-client-Ver=1.0.0
Navigate to:https://login.windows.net/mytenantid.onmicrosoft.com/oauth2/authorize?response_type=token&client_id=<client id token>8&resource=https%3A%2F%2Fmytenant.onmicrosoft.com%2Fwebapiclientid&redirect_uri=https%3A%2F%2Fmywebapiurl.azurewebsites.net&state=<token>%7Chttps%3A%2F%2Fmytenant.onmicrosoft.com%2Fwebapiclientid&nux=1&x-client-SKU=Js&x-client-Ver=1.0.0&prompt=none&login_hint=myaccount%40outlook.com&domain_hint=outlook.com&nonce=<nonce here>
LoadFrame: adalRenewFrame
HTML1300: Navigation occurred
File: about:blank (seems to navigate to a blank iframe)
Add adal frame to document:adalRenewFrame
LoadFrame: adalRenewFrame
HTML1300: Navigation occurred
File: mywebapiurl.azurewebsites.net
Add adal frame to document:adalRenewFrame

app.config中Adaljs的定义:

    var localUri = window.location.href;
    var redirectUri = "https://mywebapiurl.azurewebsites.net";



    var config = {
        tenant: "mytenant.onmicrosoft.com",
        clientId: '<client-id-of-mobile-app>',
        endpoints: {
            "https://mywebapiurl.azurewebsites.net/": "https://mytentantname.onmicrosoft.com/webAPIclientURI"
        },
        postLogoutRedirectUri: 'http://www.google.com',
        extraQueryParameter: 'nux=1',
        localLoginUrl: '/login',
        displayCall: function (url) {
            var ref = window.open(url, '_blank', 'location=no,hidden=no');
            ref.addEventListener('loadstart', function (event) {
                if ((event.url).indexOf(redirectUri) === 0) {
                    ref.close();
                    window.location.href = event.url.replace(redirectUri + "/", localUri);
                    window.location.reload();
                }
            });
        },
        cacheLocation: "localStorage"
    };

    if (localUri.indexOf("http://") !== 0 && localUri.indexOf("https://") !== 0) {
        config.redirectUri = redirectUri;
    }

    adalProvider.init(config, $httpProvider);

我的webapi配置设置:

<appsettings>
    <add key="ida:Tenant" value="mytentantid.onmicrosoft.com" />
    <add key="ida:Audience" value="<api client uri>" />
</appsettings>

Startup.auth.cs:

public void ConfigureAuth(IAppBuilder {
            app.UseWindowsAzureActiveDirectoryBearerAuthentication(
               new WindowsAzureActiveDirectoryBearerAuthenticationOptions
               {
                   Audience = ConfigurationManager.AppSettings["ida:Audience"],
                   Tenant = ConfigurationManager.AppSettings["ida:Tenant"],
               });

        }

API在Azure网站上运行,可通过浏览器访问。当我执行get请求时,我只看到令牌刷新但不是实际的api请求。 移动应用程序有权在AAD配置中使用webapi。

我的配置有问题吗?

1 个答案:

答案 0 :(得分:0)

配置中的端点用于CORS API请求。看起来您正在尝试访问也托管您的页面的api。您应该从配置中删除端点。

相关问题
最新问题