UWP应用程序中的ADAL持久TokenCache

时间:2016-02-28 00:56:20

标签: win-universal-app azure-active-directory adal

我在新的Windows 10 UWP应用程序中进行简单的AAD身份验证。它工作得很好,除了我不想让用户每次启动应用程序时输入他们的凭据。根据我的理解,默认的共享TokenCache应该自动执行此操作,但是在应用程序启动后第一次调用AcquireTokenAsync时会弹出身份验证对话框。

有趣的是,我可以调用TokenCache.ReadItems(),我的TokenCacheItem就在那里。

我的ADAL跟踪如下。如您所见,令牌被反序列化,但它不认为它是当前用户的匹配。谢谢!

2016-02-27 18:30:56:8139    Type: Informational Id: 2   Message: '2/28/2016 12:30:56 AM:  - TokenCache.cs: Deserialized 1 items to token cache.'
2016-02-27 18:30:56:8199    Type: Informational Id: 2   Message: '2/28/2016 12:30:56 AM:  - AuthenticationContext.cs: ADAL WinRT with assembly version '2.21.0.0', file version '2.21.30122.1612' and informational version '99c728ed4636738ad0f97ca000a9d88cc5b75cc0' is running...'
2016-02-27 18:30:56:8364    Type: Informational Id: 2   Message: '2/28/2016 12:30:56 AM: 12cc879d-1196-43ef-9e03-389a69dd4432 - AcquireTokenHandlerBase.cs: === Token Acquisition started:
    Authority: https://login.windows.net/common/
    Resource: https://management.core.windows.net/
    ClientId: 486c0900-9582-4672-92af-37013e31958d
    CacheType: Microsoft.IdentityModel.Clients.ActiveDirectory.TokenCache (1 items)
    Authentication Target: User
    '
2016-02-27 18:30:56:8569    Type: Informational Id: 2   Message: '2/28/2016 12:30:56 AM:  - TokenCache.cs: Deserialized 1 items to token cache.'
2016-02-27 18:30:56:8589    Type: Verbose   Id: 1   Message: '2/28/2016 12:30:56 AM: 12cc879d-1196-43ef-9e03-389a69dd4432 - TokenCache.cs: Looking up cache for a token...'
2016-02-27 18:30:56:8679    Type: Informational Id: 2   Message: '2/28/2016 12:30:56 AM: 12cc879d-1196-43ef-9e03-389a69dd4432 - TokenCache.cs: No matching token was found in the cache'
2016-02-27 18:30:56:8989    Type: Informational Id: 2   Message: '2/28/2016 12:30:56 AM: 12cc879d-1196-43ef-9e03-389a69dd4432 - AcquireTokenInteractiveHandler.cs: Cannot access user information to determine whether it is a local user or not due to machine's privacy setting.'

更新 感谢Kanishk提供的链接,我能够解决这个问题。我强烈建议阅读完整的帖子,但这就是我最终做的事情:

_authenticationContext = new AuthenticationContext("https://login.windows.net/common");

var tokenCacheItem = _authenticationContext.TokenCache.ReadItems().FirstOrDefault();
if (tokenCacheItem != null)
{
    _authenticationContext = new AuthenticationContext($"https://login.windows.net/{tokenCacheItem.TenantId}");
}

1 个答案:

答案 0 :(得分:1)

这种情况正在发生,因为身份验证上下文使用“https://login.windows.net/common/”而不是租户特定端点。查看http://www.cloudidentity.com/blog/2014/08/26/the-common-endpoint-walks-like-a-tenant-talks-like-a-tenant-but-is-not-a-tenant/了解详情。

相关问题
最新问题