从角度AD客户端获取工作台的有效承载令牌 [英] Getting a valid bearer token for workbench from a an angular AD client

问题描述

我已按照本指南：

https://github.com/Azure-Samples/active-directory-angularjs-singlepageapp

https://github.com/Azure-Samples/active-directory-angularjs-singlepageapp

我连接成功。我想将持票人令牌发送到我的C＃服务器并使用它来调用我的工作台功能。

and I connect successfully. I would like to send the bearer token to my C# server and use it to call my workbench functions.

我正在尝试使用我在邮差调用中从角度获得的持票人令牌是未经授权的。 重要的是要提到我给了我的角度客户端AD访问我的工作台实例并且它仍然无法工作，这导致我向
提出一些问题：

I am trying to use the bearer token I get from angular in a postman call and it is unauthorized.  It is important to mention that I gave my angular client on AD permission to access my workbench instance and it's still not working, that leads me to some questions:

我试过了使用本指南中的.NET客户端：

I have tried using a .NET client from this guide:

http://blog.pomiager.com/post/using-rest-api-in-azure-workbench-blockchain 

http://blog.pomiager.com/post/using-rest-api-in-azure-workbench-blockchain 

并且它有效。我在此注意到，在AuthenticationContext对象中，它接收使用客户端ID和客户端密钥的凭据。我注意到在角度AD示例中我们从不使用秘密。但问题是，当查看指南
来创建自己的工作台UI时，在authService.js中，它也不会将秘密作为参数。从这里可以看出：

and it works. I notice here that in the AuthenticationContext object it receives credentials that is using the Client ID and the Client Secret. I notice that in the angular AD example we never use the secret. But the thing is that, when looking at the guide to create your own workbench UI, in the authService.js, it never takes the secret as a parameter as well. As can be seen here:

https://github.com/Azure-Samples/blockchain/blob/master/blockchain-development-kit/connect/web/workbench/custom-ux -sample / src / services / authService.js

https://github.com/Azure-Samples/blockchain/blob/master/blockchain-development-kit/connect/web/workbench/custom-ux-sample/src/services/authService.js

如何从angularJS AD示例中为工作台创建有效的承载令牌？重要的是要注意角度AD示例有一个使用租户和受众的C＃后端，但从不要求凭证

How can I create a valid bearer token for the workbench from the angularJS AD example? It's important to note that the angular AD example has a C# backend that uses the Tenant and Audience but never asks for a credentials as well

谢谢

推荐答案

这是一个更多的Active Directory问题。它会在正确的论坛上获得更大的吸引力。有了这个说你不一定需要使用客户端秘密。请在此页面上输入令牌，以便您可以通过比较两个令牌来检查您的权限：  Jason
Web令牌调试器

This is more of an Active Directory question. It would get more traction on the right forum. With that said you do not necessarily need to use client secret. Please enter a token on this page so you can check your permissions by comparing both tokens: Jason Web Token Debugger

这篇关于从角度AD客户端获取工作台的有效承载令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！