我在基于WebApp-graph-user sample的应用中收到以下错误堆栈。我只是尝试登录并获取User.ReadBasic.All图权限的令牌。我检查了所有进入AcquireTokenByAuthorizationCode的参数,它们看起来都很好(没有空值)。该应用程序是使用.net core 3.1的MVC Web应用程序。
堆栈:
NullReferenceException:对象引用未设置为对象的实例。
Microsoft.Identity.Client.Internal.ClientCredentialWrapper.get_Thumbprint()
Microsoft.Identity.Client.Internal.JsonWebToken + JWTHeaderWithCertificate..ctor(ClientCredentialWrapper凭据,布尔sendCertificate)
Microsoft.Identity.Client.Internal.JsonWebToken.EncodeHeaderToJson(ClientCredentialWrapper凭据,布尔sendCertificate)
Microsoft.Identity.Client.Internal.JsonWebToken.Encode(ClientCredentialWrapper凭据,布尔sendCertificate)
Microsoft.Identity.Client.Internal.JsonWebToken.Sign(ClientCredentialWrapper凭据,布尔sendCertificate)
Microsoft.Identity.Client.Internal.Requests.ClientCredentialHelper.CreateClientCredentialBodyParameters(ICoreLogger记录器,ICryptographyManager cryptographyManager,ClientCredentialWrapper clientCredential,字符串clientId,AuthorityEndpoints端点,布尔型sendX5C)
Microsoft.Identity.Client.OAuth2.TokenClient.SendTokenRequestAsync(IDictionary AdditionalBodyParameters,字符串scopeOverride,字符串tokenEndpointOverride,CancellationToken cancelledToken)
Microsoft.Identity.Client.Internal.Requests.RequestBase.SendTokenRequestAsync(字符串tokenEndpoint,IDictionary AdditionalBodyParameters,CancellationToken cancelledToken)
Microsoft.Identity.Client.Internal.Requests.ConfidentialAuthCodeRequest.ExecuteAsync(CancellationToken cancellingToken)
Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancelledToken)
Microsoft.Identity.Client.ApiConfig.Executors.ConfidentialClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters,AcquireTokenByAuthorizationCodeParametersauthorizationCodeParameters,CancellationToken cancelledToken)
TokenAcquisition.cs中的Microsoft.Identity.Web.TokenAcquisition.AddAccountToCacheFromAuthorizationCodeAsync(AuthorizationCodeReceivedContext上下文,IEnumerable范围)
+
var result =等待申请
WebAppServiceCollectionExtensions.cs中的Microsoft.Identity.Web.WebAppServiceCollectionExtensions + <> c__DisplayClass2_1 +
代码: 从TokenAcquisition.cs-第127行
// Do not share the access token with ASP.NET Core otherwise ASP.NET will cache it and will not send the OAuth 2.0 request in
// case a further call to AcquireTokenByAuthorizationCodeAsync in the future is required for incremental consent (getting a code requesting more scopes)
// Share the ID Token though
var result = await application
.AcquireTokenByAuthorizationCode(scopes.Except(_scopesRequestedByMsal), context.ProtocolMessage.Code)
.ExecuteAsync()
.ConfigureAwait(false);
context.HandleCodeRedemption(null, result.IdToken);
答案 0 :(得分:0)
已解决:这是由于配置错误而导致的空客户端机密值,如此处所述:https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/1476