需要您的帮助以解决以下问题。我在VS2017中的.netcore中创建了 webapi ,并且我尝试使用https://apps.dev.microsoft.com/的新身份验证模式。
我注册了应用,创建了https://localhost:44337/signin-oidc
的回复网址在.netcore中我有以下配置
"Authentication": {
"AzureAd": {
"AADInstance": "https://login.microsoftonline.com/",
"Audience": "<my audience>/<Name Of The App Registered>",
"ClientId": "<Registered App ID>",
"Domain": "<Domain of AAD>",
"TenantId": "<Tenant ID of AAD>"
}
},
"Logging": {
"IncludeScopes": false,
"LogLevel": {
"Default": "Debug",
"System": "Information",
"Microsoft": "Information"
}
}
现在我正在使用通用应用程序进行测试,但是,每次尝试登录后,总是向我发送此错误:
Additional technical information:
Correlation ID: a14b452f-457a-46e6-9601-67383df6ba1a
Timestamp: 2017-05-11 09:42:56Z
AADSTS50011: The reply address 'urn:ietf:wg:oauth:2.0:oob' does not match the reply addresses configured for the application: '<My Application ID>'. More details: not specified
我已经在apps.dev.microsoft.com中确认了AppID,并且我还在AAD中注册了该应用程序(具有不同的ID,我无法控制它)
这是Startup.cs的代码:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseJwtBearerAuthentication(new JwtBearerOptions
{
Authority = Configuration["Authentication: AzureAd:AADInstance"] + Configuration["Authentication: AzureAd:TenantId"],
Audience = Configuration["Authentication:AzureAd:Audience"],
TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
{
ValidIssuer = Configuration["Authentication: AzureAd:AADInstance"] + Configuration["Authentication: AzureAd:TenantId"] + "/ v2.0"
}
});
app.UseMvc();
}
先谢谢你的帮助,
答案 0 :(得分:2)
您的UWP应用必须使用以下回复网址urn:ietf:wg:oauth:2.0:oob
注册为原生应用。此外,您必须授予权限才能让UWP应用调用您的API。
答案 1 :(得分:2)
好的,我已经解决了这个问题。感谢Martin的帮助,解决方案类似于您的建议。
此问题的解决方案是: 在http://blessing.com.br/aplicativos/pontos.php上,您需要将新平台注册为Native并保留该值。