ADAL.js - "随机数不一样不确定" [英] ADAL.js - "Nonce is not same as undefined"
问题描述
我目前有与ADAL.js(v1.0.7)库的麻烦。当我的时间体面段后装入我的应用程序,我得到一个登录错误,指出现时不一样的定义。看在code之后,我想知道如果我错过了最佳实践。据我所知,我按照@vibronet的此处。我应该刷新用户配置文件,或退出,或其他什么东西?
I am currently having trouble with the ADAL.js (v1.0.7) library. When I load my app after a decent period of time I get a login error stating "Nonce is not same as undefined." After looking over the code, I am wondering if I am missing a best practice. To my knowledge, I have followed the suggestions of @vibronet here. Should I be refreshing the user profile, or logging out, or something else?
我的配置是这样的:
window.config = {
instance: 'https://login.microsoftonline.com/',
tenant: 'blahblahblah.onmicrosoft.com',
clientId: 'GUID',
postLogoutRedirectUri: window.location.origin,
cacheLocation: 'localStorage'
};
this.authContext = new window.AuthenticationContext(window.config);
var isCallback = this.authContext.isCallback(window.location.hash);
this.authContext.handleWindowCallback();
if (isCallback && !this.authContext.getLoginError()) {
window.location = this.authContext._getItem(this.authContext.CONSTANTS.STORAGE.LOGIN_REQUEST);
}
如果出现了不活动一段时间,主叫this.authContext.login(后)发生错误。为了得到我叫this.authContext.getLoginError()。误差
If there has been an extended period of inactivity, the error occurs after calling this.authContext.login(). In order to get the error I call this.authContext.getLoginError().
我得到为什么随机数是不同的,但我想重置,或造成一个全新的登录情况发生。
I get why the nonce is different, but I want to "reset" it or cause a brand new login to happen.
请让我知道我能提供什么其他相关信息。
Please let me know what other relevant information I can provide.
推荐答案
更新:
好像解决方案已经在博客文章您提供了提供。下面是引用。
Seems like solution has been provided in blog post you provide. below is the quote.
关键是要回去的权力要求一个道理,就像我们会
做在往返的应用方案,但在一个隐藏的iframe这样做。如果
还有与权威现有会话(这可能是
再presented由饼干 - 但它是在的域的cookie
权威,而不是应用程序的),我们就可以得到一个新的令牌不
任何UX。甚至有一个特定参数,提示为无,这让
Azure的AD知道我们想要得到的令牌没有UX,如果
能不能做到,我们希望得到一个错误回来。在这里,还有的要求。
The trick is to go back to the authority asking for a token, like we’d do in the roundtrip apps scenario, but doing so in a hidden iframe. If there is still an existing session with the authority (which might be represented by a cookie – but it is a cookie in the domain of the authority, NOT the app’s) we will be able to get a new token without any UX. There is even a specific parameter, prompt=none, which lets Azure AD know that we want to get the token without a UX, and if it can’t be done we want to get an error back. Here there’s the request.
previous答案:
Previous answer:
我没有完全按照你的code做了什么。但是从博客文章,好像下面您使用OAuth 2.0
i am not fully follow what your code does. but as from blog post, seems like underneath you are using OAuth 2.0
在你说的时候有不活动的周期误差发生的,我的猜测是令牌已经无效,你将需要刷新令牌。不知道是否有让你刷新的方式。但通常在服务器端,一旦你验证,OAuth 2.0用户供应商将交给你一个令牌和一个刷新令牌,令牌是否过期,可以使用刷新令牌来获得一个新的。
when you said error happen when there is period of inactivity, my guess is token has been invalid, and you will need to refresh the token. Not sure if there is a way for you to refresh it. But normally on server side once you authenticated, OAuth 2.0 provider will hand over you a token and a refresh token, if token is expired, you can use refresh token to get a new one.
这篇关于ADAL.js - "随机数不一样不确定"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
