我正在尝试为我的组织在Android应用上实施Firebase身份验证。每个员工都有一个Microsoft企业帐户,因此我想使用该电子邮件/密码登录我的应用程序。
我在Firebase控制台上启用了此选项,并使用我创建的Azure AD应用程序的信息填充数据:
Azure AD应用有权登录用户并阅读其配置文件。
我设法使其能够在Firebase控制台上创建用户。
但是在我的Android应用上,写入凭据后,会出现此错误消息。
我们无法登录。 AADSTS900561:端点仅接受POST请求。收到了GET请求。
Android代码是Firebase提供的示例代码。
OAuthProvider.Builder provider = OAuthProvider.newBuilder("microsoft.com");
Task < AuthResult > pendingResultTask = mAuth.getPendingAuthResult();
if (pendingResultTask != null) {
pendingResultTask.addOnSuccessListener(new OnSuccessListener < AuthResult >
() {
@Override
public void onSuccess(AuthResult authResult) {
Log.e("PROFILE", authResult.getAdditionalUserInfo()
.getProfile().toString());
}
}).addOnFailureListener(new OnFailureListener() {
@Override
public void onFailure(@NonNull Exception e) {
Log.e("FAIL", "ERROR LOGIN");
}
});
} else {
mAuth.startActivityForSignInWithProvider(Login.this, provider.build())
.addOnSuccessListener(new OnSuccessListener < AuthResult > () {
@Override
public void onSuccess(AuthResult authResult) {
Log.e("PROFILE", authResult.getAdditionalUserInfo()
.getProfile().toString());
Log.w("USERNAME", authResult.getUser()
.getDisplayName());
}
}).addOnFailureListener(new OnFailureListener() {
@Override
public void onFailure(@NonNull Exception e) {
Log.e("FAIL", "ERROR LOGIN: " + e);
}
});
}
正在打印PROFILE
日志行,Android Studio中没有错误。此外,如果用户是在Firebase上创建的...我不知道是什么原因导致登录过程无法完成。
编辑: 这是我在Azure AD应用程序上的重定向URI配置:
编辑2: 支持的帐户类型设置为所有帐户。 (以西班牙语表示抱歉,它说我可以编辑清单以更改配置)
清单看起来像这样:
{
"id": "******************************",
"acceptMappedClaims": null,
"accessTokenAcceptedVersion": 2,
"allowPublicClient": null,
"appId": "***************************",
"appRoles": [],
"oauth2AllowUrlPathMatching": false,
"createdDateTime": "2019-04-02T09:53:53Z",
"groupMembershipClaims": null,
"identifierUris": ["api://****************************"],
"informationalUrls": {
"termsOfService": null,
"support": null,
"privacy": null,
"marketing": null
},
"keyCredentials": [],
"knownClientApplications": [],
"logoUrl": null,
"logoutUrl": null,
"name": "App name",
"oauth2AllowIdTokenImplicitFlow": true,
"oauth2AllowImplicitFlow": true,
"oauth2Permissions": [],
"oauth2RequirePostResponse": false,
"optionalClaims": null,
"orgRestrictions": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [
{
"customKeyIdentifier": null,
"endDate": "2099-12-31T12:00:00Z",
"keyId": "***************************",
"startDate": "2019-04-02T09:55:10.2084897Z",
"value": null,
"createdOn": "2019-04-02T09:55:14.432352Z",
"hint": "gGL",
"displayName": null
}
],
"preAuthorizedApplications": [],
"publisherDomain": "domain.com",
"replyUrlsWithType": [
{
"url": "https://***********.firebaseapp.com/__/auth/handler",
"type": "Web"
},
{
"url": "https://login.live.com/oauth20_desktop.srf",
"type": "InstalledClient"
},
{
"url": "urn:ietf:wg:oauth:2.0:oob",
"type": "InstalledClient"
},
{
"url": "https://login.microsoftonline.com/common/oauth2/nativeclient",
"type": "InstalledClient"
},
{
"url": "msalececeef1-*****************://auth",
"type": "InstalledClient"
}
],
"requiredResourceAccess": [
{
"resourceAppId": "*************************",
"resourceAccess": [
{
"id": "***********************",
"type": "Scope"
}
]
}
],
"samlMetadataUrl": null,
"signInUrl": null,
"signInAudience": "AzureADandPersonalMicrosoftAccount",
"tags": [],
"tokenEncryptionKeyId": null
}
我尝试将"oauth2RequirePostResponse": false
更改为true
,但也没有用。