离线Azure移动应用WEBSITE_AUTH_SIGNING_KEY [英] Azure Mobile Apps offline WEBSITE_AUTH_SIGNING_KEY

问题描述

脱机尝试Azure移动应用程序(在Visual Studio和具有SSL的本地IIS中)时，必须提供Azure的WEBSITE_AUTH_SIGNING_KEY的替代品作为JWT令牌的SigningKey.

When trying the Azure Mobile Apps offline (in Visual Studio and local IIS with SSL), one has to supply an alternative to Azure's WEBSITE_AUTH_SIGNING_KEY as the SigningKey for the JWT tokens.

如何生成开发者SigningKey?

How can you generate a dev SigningKey?

推荐答案

为了在本地测试经过身份验证的终结点，您需要使用与用于生成身份验证令牌(JWT)相同的签名密钥.

In order to test authenticated endpoints locally you need to use the same signing key that was used to generate the auth token (JWT).

如果要在您的云站点上登录，这意味着您必须在本地使用相同的签名密钥来验证令牌.您可以通过访问https://{yoursite} .scm.azurewebsites.net/env并搜索WEBSITE_AUTH_SIGNING_KEY来找到它.请注意，您不应在出厂的任何代码中对此密钥进行硬编码(例如，从仅用于测试的配置文件中读取值).

If you are logging in against your cloud site, this means that locally you must validate the token using the same signing key. You can find this by going to https://{yoursite}.scm.azurewebsites.net/env and searching for WEBSITE_AUTH_SIGNING_KEY. Note that you should not hard-code this key in any code that you ship (for example, read the value from a config file only used for testing).

用于创建自己的密钥-您需要使用SHA256哈希作为签名密钥.我通常使用 http://www.xorbin.com/tools/sha256-hash-calculator 生成他们.

For creating your own key -- You need to use a SHA256 hash as a signing key. I typically use http://www.xorbin.com/tools/sha256-hash-calculator for generating them.

这篇关于离线Azure移动应用WEBSITE_AUTH_SIGNING_KEY的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！