Azure Web Api Jwt-无法获得禁止的配置套接字

时间:2019-01-11 11:49:04

标签: jwt identityserver4 azure-web-app-service asp.net-core-2.2

具有一个Asp.Net Core 2.2.1 Web Api,它正在尝试获取OpenId配置,以便它可以对请求进行身份验证。授权网站恰好是IdentityServer4。

/。well-known / openid-configuration看起来正确,并且api站点正在运行,并且不安全的api方法可以正常工作。

在Kudu中查看日志,我看到以下错误。似乎是由Sockets问题引起的,但我不知道这里出了什么问题。

在我的开发机上本地都可以正常工作,那么我缺少什么/ Azure需要什么?

System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII is hidden]'. ---> 
System.Net.Http.HttpRequestException: An attempt was made to access a socket
in a way forbidden by its access permissions --->

完整的错误详细信息; 

2019-01-11 11:07:43.096 +00:00 [Error] Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler: Exception occurred while processing message.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII is hidden]'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: '[PII is hidden]'. ---> System.Net.Http.HttpRequestException: An attempt was made to access a socket in a way forbidden by its access permissions ---> System.Net.Sockets.SocketException: An attempt was made to access a socket in a way forbidden by its access permissions
   at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.ConnectHelper.ConnectAsync(String host, Int32 port, CancellationToken cancellationToken)
   at System.Threading.Tasks.ValueTask`1.get_Result()
   at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Threading.Tasks.ValueTask`1.get_Result()
   at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask)
   at System.Threading.Tasks.ValueTask`1.get_Result()
   at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
   at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()

1 个答案:

答案 0 :(得分:2)

经过数小时的调试,然后打开

IdentityModelEventSource.ShowPII = true;    //show detail of error and see problem

要查看众所周知的配置问题,我发现它没有从Azure门户获取应用程序设置。

当我的设置被嵌套时,我只需要确保Azure刀片中的密钥匹配即可。

{
  "AppSettings": {
    "ApiUrl": "someUrl",
    "AuthorityUrl": "anotherUrl"
  }, ...

成为

AppSettings:ApiUrl

简单的错误陷阱。

相关问题
最新问题