访问令牌-生成授权码

时间:2020-10-23 13:46:15

标签: azure-ad-b2c

我正在关注文档https://docs.microsoft.com/en-us/azure/active-directory-b2c/access-tokens

但是,在替换下面的所有占位符之后,它不会生成授权代码。我在Postman上收到的消息如下:当我尝试在浏览器上访问时,什么都没有返回。

<noscript>
        <div id="no_js">
            <div class="error_container">
                <div>
                    <h1>We can't sign you in</h1>
                    <p>Your browser is currently set to block JavaScript. You need to allow JavaScript to use this
                        service.</p>
                    <p>To learn how to allow JavaScript or to find out whether your browser supports JavaScript, check
                        the online help in your web browser.</p>
                </div>
            </div>
        </div>
    </noscript>

GET https://<tenant-name>.b2clogin.com/tfp/<tenant-name>.onmicrosoft.com/<policy-name>/oauth2/v2.0/authorize?
client_id=<application-ID>
&nonce=anyRandomValue
&redirect_uri=https://jwt.ms
&scope=https://<tenant-name>.onmicrosoft.com/api/read
&response_type=code

2 个答案:

答案 0 :(得分:1)

使用浏览器发出以下请求后,请将范围设置为scope=https%3A%2F%2Fcontoso.onmicrosoft.com%2Fapi%2Fread%20openid%20offline_access,并更新租户和客户ID 

GET https://<tenant-name>.b2clogin.com/tfp/<tenant-name>.onmicrosoft.com/<policy-name>/oauth2/v2.0/authorize?
client_id=<application-ID>
&nonce=anyRandomValue
&redirect_uri=https://jwt.ms
&scope=https%3A%2F%2Fcontoso.onmicrosoft.com%2Fapi%2Fread%20openid%20offline_access
&response_type=code

您将在URL中收到包含以下授权码的响应

https://jwt.ms/?code=eyJraWQiOiJjcGltY29yZV8wOTI1MjAxNSIsInZlciI6IjEuMC...

enter image description here

在上述响应URL中成功接收授权代码后,复制代码值并发出发布请求以获取访问令牌

POST <tenant-name>.onmicrosoft.com/<policy-name>/oauth2/v2.0/token HTTP/1.1
Host: <tenant-name>.b2clogin.com
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code
&client_id=<application-ID>
&scope=https%3A%2F%2Fcontoso.onmicrosoft.com%2Fapi%2Fread%20openid%20offline_access
&code=eyJraWQiOiJjcGltY29yZV8wOTI1MjAxNSIsInZlciI6IjEuMC...
&redirect_uri=https://jwt.ms
&client_secret=2hMG2-_:y12n10vwH...

enter image description here 将代码替换为您在第一个请求的响应中收到的授权代码,并使用“客户端”应用程序的client_secret。

答案 1 :(得分:0)

显然,仅当您以私有模式打开浏览器以生成针对我的情况下的授权代码时,记录的过程才有效

相关问题
最新问题