Swift中MSAL和AD B2C的登录问题

时间:2019-08-07 11:38:22

标签: swift azure-ad-b2c msal

我正在尝试使用MSAL和Azure AD B2C在iOS应用中实现登录。

我尝试在Azure上设置多个应用程序并添加了多个策略,但是没有一个起作用。

我正在这样设置应用程序:


self.application = try MSALPublicClientApplication(clientId: kClientID,
                                                               authority: try getAuthority(forPolicy: kSignupOrSigninPolicy),
                                                               redirectUri: "msal{my-code-from-azure}://auth")

这是auth的代码:

func authorize() {
        do {

            let authority = try self.getAuthority(forPolicy: self.kSignupOrSigninPolicy)

            let parameters = MSALInteractiveTokenParameters(scopes: kScopes)
            parameters.authority = authority
            application.acquireToken(with: parameters) { (result, error) in
                if let result = result {
                    self.accessToken = result.accessToken
                    print("Access token is \(self.accessToken ?? "Empty")")
                } else {
                    print("Could not acquire token: \(error ?? "No error informarion" as? Error)")
                }
            }
        } catch {
            print("Unable to create authority \(error)")
        }
    }

这是创建应用程序时的日志:

%@ TID=4374853 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:22:40] Default app's access group: "Masked(not-null)".
%@ TID=4374853 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:22:40] Using "Masked(not-null)" Team ID.
%@ TID=4374853 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:22:40] Init MSIDKeychainTokenCache with keychainGroup: Masked(not-null)

这是执行登录时的日志:

%@ TID=4374853 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:32:27 - E1C7D48B-1947-41F1-AAC4-33A6C533019E] [MSAL] -[MSALPublicClientApplication acquireTokenWithParameters:(
    "https://{my-url}/user_impersonation"
)
                                     extraScopesToConsent:(null)
                                                  account:Masked(null)
                                                loginHint:Masked(null)
                                               promptType:MSALPromptTypePromptIfNecessary
                                     extraQueryParameters:(null)
                                                authority:<MSALB2CAuthority: 0x600000371860>
                                              webviewType:MSALWebviewTypeDefault
                                            customWebview:No
                                            correlationId:(null)
                                             capabilities:(null)
                                            claimsRequest:(null)]
%@ TID=4374853 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:32:27 - E1C7D48B-1947-41F1-AAC4-33A6C533019E] [MSAL] Beginning interactive flow.
%@ TID=4374853 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:32:27 - E1C7D48B-1947-41F1-AAC4-33A6C533019E] [MSAL] Resolving authority: Masked(not-null), upn: Masked(null)
%@ TID=4374853 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:32:27 - E1C7D48B-1947-41F1-AAC4-33A6C533019E] [MSAL] Resolved authority, validated: YES, error: 0
2019-08-07 13:32:33.320511+0200 PodMe[59184:4374853] [MC] System group container for systemgroup.com.apple.configurationprofiles path is /Users/user/Library/Developer/CoreSimulator/Devices/7F6AB8AB-D024-4FA1-BC2D-9D5CC042BA79/data/Containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles
2019-08-07 13:32:33.322370+0200 PodMe[59184:4374853] [MC] Reading from private effective user settings.
%@ TID=4374853 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:32:50 - E1C7D48B-1947-41F1-AAC4-33A6C533019E] [MSAL] No cached preferred_network for authority
%@ TID=4379306 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:32:50] Failed to initialize issuer authority with error MSIDErrorDomain, -51112
%@ TID=4379306 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:32:50 - E1C7D48B-1947-41F1-AAC4-33A6C533019E] Unsuccessful token response, error MaskedError(MSIDErrorDomain, -51100)
%@ TID=4379306 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:32:50 - E1C7D48B-1947-41F1-AAC4-33A6C533019E] [MSAL] Interactive flow finished result (null), error: -51100 error domain: MSIDErrorDomain
%@ TID=4379306 MSAL 0.5.0 iOS Sim 12.2 [2019-08-07 11:32:50 - E1C7D48B-1947-41F1-AAC4-33A6C533019E] [MSAL] acquireToken returning with error: (MSALErrorDomain, -50000) Masked(not-null)
Could not acquire token: Optional(Error Domain=MSALErrorDomain Code=-50000 "(null)" UserInfo={MSALErrorDescriptionKey=Authentication response received without expected accessToken, MSALInternalErrorCodeKey=-42008, MSALCorrelationIDKey=E1C7D48B-1947-41F1-AAC4-33A6C533019E})

1 个答案:

答案 0 :(得分:0)

截至2020年7月17日,要使示例生效,需要注意的事情很少:

    来自thishttps://docs.microsoft.com/en-us/samples/azure-samples/active-directory-b2c-ios-swift-native-msal/microsoft-authentication-library-b2c-ios/
  1. 文档有误。

他们说:

<key>CFBundleURLSchemes</key>
            <array>
                <string>msalyour-client-id-here</string>
            </array>

示例为:msal

那是不正确的。正确的格式为https://github.com/Azure-Samples/active-directory-b2c-ios-swift-native-msal

尤其是:msauth。[BUNDLE_ID]格式

此外,请确保在门户网站上,重定向为“ msauth。[BUNDLE_ID]:// auth”格式

这应该可以解决问题。

就我个人而言,我在没有给予许可的情况下犯了一个错误,错误51100就是我。

相关问题
最新问题