什么是使用PublicClientApplication，Web或SPA的正确平台? [英] What is correct platform for using the PublicClientApplication, Web or SPA?

问题描述

我正在使用

然后我得到

AADSTS9002325:代码交换证明密钥是必需的跨域授权码的兑换.

当我使用 Web 时:

我得到:

" xxx:请求正文必须包含以下参数:"client_assertion"或'client_secret'.\ r \ n跟踪ID:xxx \ r \ n相关ID:xxx \ r \ n时间戳:2021-03-0309:59:07Z-相关ID:xxx-跟踪ID:xxx"

也许我听不懂什么，但是我只需要一个平台，对吗?

我也测试了两者是否都启用，但是遇到了与上面相同的问题.我的Azure门户越野车可能是吗?因为除了删除和添加平台外，我什么都没做.

并确保将设置允许公共客户端流设置为是.

解决方案

好，我从 PublicClientApplication 切换到 ConfidentialClientApplication ，并添加了 clientSecret 到配置:

  const publicClientConfig = {身份验证:{clientId:"xxx"，授权:"https://login.microsoftonline.com/common"，redirectUri:"http://localhost:3000/redirect"，clientSecret:"xxx"；}，缓存:{cachePlugin}，}; 

然后在Azure中删除了 SPA 平台，并添加了一个新的 Web 平台:

现在可以正常工作了.

因此，示例静音流已过时.此处.

I was using the silent-flow example and everything worked out fine. But then I saw that I have created 2 (Web & SPA) platforms. So I decided to do a cleanup. As I thought I just use the Web platform, I just deleted the SPA. But then the trouble came as I'm now getting always an error when trying to login.

So this is the current state when I have only one platform enabled.

When using SPA:

then I get

AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption.

And when I use Web:

I get:

"xxx: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.\r\nTrace ID: xxx\r\nCorrelation ID: xxx\r\nTimestamp: 2021-03-03 09:59:07Z - Correlation ID: xxx - Trace ID: xxx"

Maybe I do not understand something, but I only need one platform, correct?

I also tested with both enabled but getting the same issue you see above. Is my Azure Portal buggy maybe? Because I did not change anything except removing and adding platforms.

And for sure the setting Allow public client flows is set to Yes.

解决方案

Ok, I switched from PublicClientApplication to ConfidentialClientApplication and added the clientSecret to the config:

const publicClientConfig = {
  auth: {
    clientId: "xxx",
    authority: "https://login.microsoftonline.com/common",
    redirectUri: "http://localhost:3000/redirect",
    clientSecret: "xxx"
  },
  cache: {
    cachePlugin
  },
};

Then removed the SPA platform in Azure and added a fresh Web platform:

Now works without any issues again.

So the example silent-flow is outdated. Already mentioned it here.

这篇关于什么是使用PublicClientApplication，Web或SPA的正确平台?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！