使用 PublicClientApplication、Web 或 SPA 的正确平台是什么? [英] What is correct platform for using the PublicClientApplication, Web or SPA?

问题描述

我使用的是

然后我得到

<块引用>

AADSTS9002325:需要用于代码交换的证明密钥跨域授权码兑换.

当我使用 Web 时:

我明白了:

<块引用>

"xxx:请求正文必须包含以下参数:client_assertion"或'client_secret'. 跟踪 ID:xxx 相关 ID:xxx 时间戳:2021-03-0309:59:07Z - 相关 ID:xxx -跟踪 ID:xxx"

也许我不明白，但我只需要一个平台，对吗?

我还测试了两者都启用，但遇到了您在上面看到的相同问题.我的 Azure 门户可能有问题吗?因为除了删除和添加平台，我什么都没做.

并且确定 Allow public client flow 设置为 Yes.

解决方案

好的，我从 PublicClientApplication 切换到 ConfidentialClientApplication 并添加了 clientSecret到配置:

const publicClientConfig = {授权:{客户 ID:xxx"，权限:https://login.microsoftonline.com/common"，redirectUri: "http://localhost:3000/redirect",clientSecret:xxx"},缓存:{缓存插件},};

然后在 Azure 中移除 SPA 平台并添加一个新的 Web 平台:

现在可以再次正常工作了.

所以示例 silent-flow 已经过时了.已经在这里提到它.

I was using the silent-flow example and everything worked out fine. But then I saw that I have created 2 (Web & SPA) platforms. So I decided to do a cleanup. As I thought I just use the Web platform, I just deleted the SPA. But then the trouble came as I'm now getting always an error when trying to login.

So this is the current state when I have only one platform enabled.

When using SPA:

then I get

AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption.

And when I use Web:

I get:

"xxx: The request body must contain the following parameter: 'client_assertion' or 'client_secret'. Trace ID: xxx Correlation ID: xxx Timestamp: 2021-03-03 09:59:07Z - Correlation ID: xxx - Trace ID: xxx"

Maybe I do not understand something, but I only need one platform, correct?

I also tested with both enabled but getting the same issue you see above. Is my Azure Portal buggy maybe? Because I did not change anything except removing and adding platforms.

And for sure the setting Allow public client flows is set to Yes.

解决方案

Ok, I switched from PublicClientApplication to ConfidentialClientApplication and added the clientSecret to the config:

const publicClientConfig = {
  auth: {
    clientId: "xxx",
    authority: "https://login.microsoftonline.com/common",
    redirectUri: "http://localhost:3000/redirect",
    clientSecret: "xxx"
  },
  cache: {
    cachePlugin
  },
};

Then removed the SPA platform in Azure and added a fresh Web platform:

Now works without any issues again.

So the example silent-flow is outdated. Already mentioned it here.

这篇关于使用 PublicClientApplication、Web 或 SPA 的正确平台是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！