结合使用Azure Traffic Manager和Mobile App [英] Using Azure traffic manager with Mobile App
问题描述
Azure Traffic Manager是否可以与移动应用程序一起专门用于社交登录?我已经配置了一个流量管理器和两个应用程序服务(例如mobileapp1和mobileapp2)来使用它,它们似乎与邮递员和响应工作得很好,并且一切正常.现在,我已经在xamarin客户端应用程序中将流量管理器的URL声明为客户端,并且当我登录到Azure时,该应用程序将引发异常.登录facebook后,当我使用此行将令牌传递给服务器时
var user = await client.LoginAsync(MobileServiceAuthenticationProvider.Facebook, token);
它在此行引发异常,表明操作无效.
继续对此提出疑问..我有两个移动应用程序与一个流量管理器连接.他们两个都配置了facebook登录名.那么,它应该工作吗?如果在用户注册时将他/她重定向到mobileapp1并在那里进行了Azure身份验证,而在随后的某些尝试中,将用户重定向到mobileapp2,会发生什么情况. mobileapp2的身份数据库是否了解用户?这是当我使用移动应用而非B2C随附的身份验证服务时.
根据您的代码,您正在使用 jwt.io 来解码令牌:
对于JWT令牌,它将使用 您可以使用提琴手捕获网络跟踪. Azure Traffic Manager是否可以与移动应用程序一起专门用于社交登录? 对于自定义身份验证,您可以在web.config文件中配置符号密钥.为了进行社交登录并使用azure提供的身份验证,您无法在不同的移动应用之间共享签名密钥.此外,如果将 UPDATE1: 经过一些试验,我发现您可以在移动应用程序的设置>应用程序设置"刀片下指定 注意:签名密钥必须为SHA-256哈希字符串,您可以在两个移动应用之间同步密钥或生成自定义密钥.配置设置后,您可以利用kudu检查最新的 UPDATE2: 我的问题是弄清楚如何将社交身份验证与两个不同的移动应用程序一起使用,其中流量管理器正在根据性能进行重定向 作为正式的文档提到了有关流量路由方法 Performance 的信息,如下所示: 性能:当端点位于不同地理位置并且希望最终用户使用最低网络延迟的情况下,请选择性能". 我做了一些测试,您可以参考一下.这是我的流量管理器配置文件下的端点: 注意:我的两个移动应用为我的MSA身份验证配置了相同的 对于我的 对于 Performance 路由方法,我的所有请求都将路由到 对于加权路由方法,我为两个端点配置了相同的WEIGHT.根据我的测试,具有与 Can Azure Traffic Manager be used with Mobile Apps specially with social login? I have configured a traffic manager and two app services (say, mobileapp1 and mobileapp2) to work with it.They seem to work pretty nice with postman and the response and everything is working. Now, I have declared traffic manager's URL as client in xamarin client app and the app throws exception when I am logging in into azure. After logging in facebook, when I am passing the token to server using this line it throws an exception at this line saying invalid operation. In continuation to this doubt.. I have two mobile apps connected with one traffic manager. Both of them have facebook login configured. So, is it supposed to work? What happens if, when the user is registering he/she is redirected to mobileapp1 and azure authentication is done there while in some subsequent attempts user is redirected to mobileapp2. Does the identity database of mobileapp2 know about the user? This is when I am using the authentication service that comes with mobile app and not B2C. Based on your code, you are using Client-managed authentication with Azure Mobile Apps. For App Service Authentication / Authorization, such as mobile client type, a JSON web token (JWT) would be issued to the client and the it would be presented in the For the JWT token, it would use the Each Mobile App has the different Your You could use fiddler to capture the network trace. Can Azure Traffic Manager be used with Mobile Apps specially with social login? For custom authentication, you could configure the sign key in your web.config file. For social login and use the authentication provided by azure, you could no share the sign key between different mobile apps. Moreover, if you set UPDATE1: After some trials, I found you could specific the Note: The signing key needs to be a SHA-256 hashed string, you could sync the key between your two mobile apps or generate your custom key. After configure the setting, you could leverage kudu to check the newest UPDATE2: my problem is figuring out how to use social auth with two different mobile apps where redirection by traffic manager is happening on the basis of performance As the official documentation mentions about the traffic routing method Performance as follows: Performance: Select Performance when you have endpoints in different geographic locations and you want end users to use the "closest" endpoint in terms of the lowest network latency. I did some test, you could refer to it. Here is the Endpoints under my Traffic Manager profile: Note: My two mobile apps have configured the same For my For the Performance routing method, all my requests would be routed to For the Weighted routing method, I configured the same WEIGHT for my two endpoints. Per my test, the requests with the same 这篇关于结合使用Azure Traffic Manager和Mobile App的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!WEBSITE_AUTH_SIGNING_KEY环境变量对audience,issuer,Claims进行签名.有关更多详细信息,您可以参考
Routing method设置为Geographic并且您的移动应用程序位于不同的地理位置,则我认为您的方案可能会按预期工作.WEBSITE_AUTH_SIGNING_KEY设置,以覆盖WEBSITE_AUTH_SIGNING_KEY环境变量,如下所示:WEBSITE_AUTH_SIGNING_KEY.
Client Id,并在设置>应用程序设置"下为编码/解码令牌设置了相同的WEBSITE_AUTH_SIGNING_KEY值./p>
/api/values API端点,我只返回了WEBSITE_HOSTNAME环境变量,如下所示:return Request.CreateResponse(new { WEBSITE_HOSTNAME =Environment.GetEnvironmentVariable("WEBSITE_HOSTNAME") });
bruce-mobile02.azurewebsites.net:x-zumo-auth标头值附加的AuthenticationToken相同的请求以进行授权的请求将被路由到我的两个端点,如下所示:var user = await client.LoginAsync(MobileServiceAuthenticationProvider.Facebook, token);
x-zumo-auth header when sending request to mobile backend. For more details, you could refer to How authentication works in App Service. Here is a JWT token when using Azure traffic manager with Mobile App, we could use jwt.io to decode the token:WEBSITE_AUTH_SIGNING_KEY environment variable to sign audience, issuer, Claims. For more details, you could refer to here about how to use custom authentication for your application.WEBSITE_AUTH_SIGNING_KEY, you could use kudu and click Environment to find the it. Moreover, I tried to update my two mobile apps to use the same sign key, but failed for no permission.LoginAsync would send the following request:POST https://<yourname>.trafficmanager.net/.auth/login/facebook
Body {"access_token":"<access_token_from_facebook>"}
Routing method to Geographic and your mobile apps are in different Geographic locations, I assume that your scenario may work as expected.WEBSITE_AUTH_SIGNING_KEY setting under the "SETTING > Application settings" blade of your mobile app to override the WEBSITE_AUTH_SIGNING_KEY environment variable as follows:WEBSITE_AUTH_SIGNING_KEY.
Client Id for my MSA authentication and set the same WEBSITE_AUTH_SIGNING_KEY value under "SETTINGS > Application settings" for encoding / decoding the token./api/values API endpoint, I just return the WEBSITE_HOSTNAME environment variable as follows:return Request.CreateResponse(new { WEBSITE_HOSTNAME =Environment.GetEnvironmentVariable("WEBSITE_HOSTNAME") });
bruce-mobile02.azurewebsites.net:AuthenticationToken that attached as the x-zumo-auth header value for authorization would be routed to my two endpoints as follows:
