得到 #error=unsupported_response_type&error_description=AADSTS70005: with token request [英] getting #error=unsupported_response_type&error_description=AADSTS70005: with token request
问题描述
我正在尝试在 IOS 应用程序中实现 OAuth2 隐式授权流程.在这种情况下,它需要令牌请求而不是代码请求,因为您无法在本机应用程序中安全地共享客户端密码.
所以这样的请求会产生一个登录表单:
https://login.windows.net/<tenantid>/oauth2/authorize?api-version=1.0&client_id=<client id>&response_type=token&redirect_uri=shp-apps://localhost:44300/?ReturnUrl=%2F&resource=https://graph.windows.net
成功登录后出现此错误:
#error=unsupported_response_type&error_description=AADSTS70005: response_type 'token'应用程序不支持追踪+ID:9008e580-2798-4b6c-a6bf-2bf614b61f64相关性+ID:ceb9bb4b-34a4-4441-801f-377f534543b1时间戳:2014-08-26+16%3a24%3a24Z
这真的正确吗,不支持令牌request_type?或者还有什么我需要做的吗?该应用程序设置为本机应用程序.我已经能够在同一个活动目录中的不同应用程序中执行代码"response_type.
Azure AD 确实不支持隐式授权流.对于您的 iOS 应用,请使用支持刷新令牌的授权代码授予流程.您不需要自己编写 OAuth 流程 - 请改用我们的 iOS/OSX SDK:https://github.com/AzureAD/azure-activedirectory-library-for-objc
Philip,请继续关注隐式授权流程 - 我们正在关注它.
希望这会有所帮助.
更新:Azure AD 现在支持隐式授权 OAuth 流.请参阅:https://github.com/AzureADSamples/SinglePageApp-AngularJS-DotNetp>
I am trying to implement a OAuth2 implicit grant flow in an IOS app. In this case it requires a token request instead of a code request because you can't share the client secret in a native app safely.
so a request like this yields a login form:
https://login.windows.net/<tenantid>/oauth2/authorize?api-version=1.0&client_id=<client id>&response_type=token&redirect_uri=shp-apps://localhost:44300/?ReturnUrl=%2F&resource=https://graph.windows.net
After successfully login I get this error:
#error=unsupported_response_type&error_description=AADSTS70005: response_type 'token'
is not supported for the application
Trace+ID: 9008e580-2798-4b6c-a6bf-2bf614b61f64
Correlation+ID: ceb9bb4b-34a4-4441-801f-377f534543b1
Timestamp: 2014-08-26+16%3a24%3a24Z
Is this actually correct, the token request_type is not supported? or is there something else that I need to do? The application is setup as a native app. I have already been able to do a 'code' response_type in a different application in the same active directory.
Implicit grant flow is indeed not supported yet by Azure AD. For your iOS app, use the authorization code grant flow with refresh token support. You don't need to write the OAuth flow on your own - use our iOS/OSX SDK instead: https://github.com/AzureAD/azure-activedirectory-library-for-objc
Philip, stay tuned on the implicit grant flow - it is on our radar.
Hope this helps.
UPDATE: Azure AD now suports implicit grant OAuth flow. see: https://github.com/AzureADSamples/SinglePageApp-AngularJS-DotNet
这篇关于得到 #error=unsupported_response_type&error_description=AADSTS70005: with token request的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!