在Azure AD上安全的AngularJS SPA访问CORS WebAPI [英] AngularJS SPA access CORS WebAPI secured on Azure AD

问题描述

我按照示例SinglePageApp-DotNet进行操作，并且工作正常。

I followed the example SinglePageApp-DotNet and it worked fine.

然后，我想制作单页应用程序以调用CORS启用Web api。这两个应用程序均受AAD保护，并已部署到Azure网站，但我无法使其正常运行。我遵循了 https://github.com/omercs/corsapisample 和 https://github.com/matvelloso/AngularJSCORS 到每个单词，但我收到此请求的授权被拒绝错误。

Then I want to make the single page application to call a CORS enable web api. Both applications are secured by AAD and deployed to Azure websites, I can't make it work. I followed the examples of https://github.com/omercs/corsapisample and https://github.com/matvelloso/AngularJSCORS to every words, but I got 'Authorization has been denied for this request' error.

当我禁用控制器动作的[Authorize]属性时，它就起作用了。因此，我认为CORS设置正确。从日志中，我可以看到CORS预检（OPTION调用）成功。

When I disabled the [Authorize] attribute for the controller action, it worked. So I think the CORS setting is correct. From the log I can see that the CORS preflight (OPTION call) was successful.

有什么办法解决问题吗？非常感谢您的帮助。

Any idea how to solve the problem? Thanks very much for your help.

推荐答案

仅供参考。现在，我们有一个官方示例，演示如何将CORS与ADAL JS和Angular结合使用。您可以在 https://github.com/AzureADSamples/SinglePageApp-WebAPI中找到代码和详细说明。 -AngularJS-DotNet

FYI. We now have an official sample demonstrating how to use CORS with ADAL JS and Angular. You can find code and detailed instructions in https://github.com/AzureADSamples/SinglePageApp-WebAPI-AngularJS-DotNet

这篇关于在Azure AD上安全的AngularJS SPA访问CORS WebAPI的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！