我正在尝试通过Microsoft和Spring Boot Application实现单点登录。我已经在https://apps.dev.microsoft.com/#/application/上设置了应用程序注册过程。我已经生成了appId,密钥也启用了允许隐式流。这就是我得到的:
2018-12-13 20:54:18.407 INFO 34505 --- [pool-9-thread-1]
c.m.aad.adal4j.AuthenticationAuthority : [Correlation ID: 2fa4ae8c-b16b-4742-
9bbd-0b65aadfeed5] Instance discovery was successful
2018-12-13 20:54:19.081 ERROR 34505 --- [pool-9-thread-1]
c.m.aad.adal4j.AuthenticationContext : [Correlation ID: 2fa4ae8c-b16b-4742-9bbd-0b65aadfeed5] Execution of class
com.microsoft.aad.adal4j.AcquireTokenCallable failed.
com.microsoft.aad.adal4j.AuthenticationException: **{"error_description":"AADSTS65001: The user or administrator has not consented to use the application with ID '036bd163-bdc6-4094-8b8b-4f47863fd152' named 'guidepost_local_sso'. Send an interactive authorization request for this user and resource.\r\nTrace ID: 3b5e8bb5-19c9-4bee-8037-eece262b3c00\r\nCorrelation ID: 2fa4ae8c-b16b-4742-9bbd-0b65aadfeed5\r\nTimestamp: 2018-12-13 15:24:18Z","error":"invalid_grant"}**
at
com.microsoft.aad.adal4j.AdalTokenRequest.executeOAuthRequestAndProcessResponse(AdalTokenRequest.java:128)
at com.microsoft.aad.adal4j.AuthenticationContext.acquireTokenCommon(AuthenticationContext.java:928)
at com.microsoft.aad.adal4j.AcquireTokenCallable.execute(AcquireTokenCallable.java:70)
at com.microsoft.aad.adal4j.AcquireTokenCallable.execute(AcquireTokenCallable.java:38)
at com.microsoft.aad.adal4j.AdalCallable.call(AdalCallable.java:47)
at java.util.concurrent.FutureTask.run(Fu
tureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
我已经设置了必需的委派权限,但此问题仍然存在。
如何解决这两个异常?