当配置了一个回复地址时,没有为该应用程序注册回复地址

时间:2019-07-18 07:38:49

标签: c# wpf azure-active-directory azure-keyvault

我正在制作WPF应用程序,它必须从Azure Key Vault中获取密钥,但是我总是遇到此错误:

  

AADSTS500113:没有为该应用程序注册答复地址。

     

这是我使用的代码:

public class KeyProvider
{
    public string BaseUrl => "https://my-key-vault.vault.azure.net";
    public Uri RedirectUri => new Uri("urn:ietf:wg:oauth:2.0:oob");
    public KeyVaultClient KeyVaultClient { get; private set; }

    public KeyProvider()
    {
        KeyVaultClient = new KeyVaultClient(GetAccessToken);
    }

    public async Task<string> GetSecretAsync(string key)
    {
        SecretBundle secret = await KeyVaultClient.GetSecretAsync(BaseUrl, key);
        return secret.Value;
    }

    private async Task<string> GetAccessToken(string azureTenantId, string clientId, string redirectUri)
    {
        AuthenticationContext context = new AuthenticationContext(azureTenantId);
        AuthenticationResult tokenResult = await context.AcquireTokenAsync("https://vault.azure.net", clientId, RedirectUri, new PlatformParameters(PromptBehavior.RefreshSession));

        return tokenResult.AccessToken;
    }
}

调试GetAccessToken时,我看到redirectUri (方法的参数)是一个空字符串。

这是我在Azure门户中的配置。

我有什么想念吗?

2 个答案:

答案 0 :(得分:1)

在您的代码中,重定向uri是http。但是在您的应用程序中,它是https。请尝试将它们设置为相同的。

更新

权限:

enter image description here

平台:

enter image description here

在Key Vault中为用户添加访问策略。

enter image description here

代码:

class Program
{
    public static string clientId = "d4c9b2ed-****-****-****-30a787f7c928";
    public static string redirectUri = "https://localhost/";
    public static string baseUrl = "https://jackkv.vault.azure.net/";

    public static async Task<string> AuthenticationCallback(string authority, string resource, string scope)
    {
        var result = await new AuthenticationContext(authority).AcquireTokenAsync(resource, clientId, new Uri(redirectUri), new PlatformParameters(PromptBehavior.RefreshSession));
        return result.AccessToken;
    }


    static void Main(string[] args)
    {

        Console.ReadLine();

        KeyVaultClient kvc = new KeyVaultClient(AuthenticationCallback);
        var secret = kvc.GetSecretAsync(baseUrl, "testSecret").Result;

        Console.WriteLine(secret.Value);

        Console.ReadLine();
    }
}

结果:

enter image description here

答案 1 :(得分:0)

我发现了这个错误。我以a probably outdated answer from Stack Overflow为基础。现在这是我的代码:

public string ClientID => "01234567-89ab-cdef-0123-456789abcdef";

// skipped some lines...

private async Task<string> GetAccessToken(string authority, string resource, string redirectUri)
{
    AuthenticationContext context = new AuthenticationContext(authority);
    AuthenticationResult tokenResult = await context.AcquireTokenAsync(resource, ClientID, RedirectUri, new PlatformParameters(PromptBehavior.RefreshSession));

    return tokenResult.AccessToken;
}
相关问题
最新问题