WAAD不会刷新从JavaScript访问令牌 [英] WAAD doesn't refresh access token from javascript

问题描述

有关应用程序验证用户使用Windows Azure活动目录（WAAD），无法从JavaScript刷新令牌。

For applications that authenticate users with Windows Azure Active Directory(WAAD), unable to refresh token from javascript.

所有的资源被授权属性的保护，使呼叫login.windows.net/{0~~V}如果令牌已过期。如果请求是从页面加载它工作正常，但如果该请求是从JavaScript Ajax调用它无法发出呼叫到login.windows.net/{0~~V}。它返回一个状态302和消息

All the resources are protected by Authorize attribute makes calls to login.windows.net/{0} if token is expired. If the request is from page load it works as expected but if the request is from javascript ajax call it is unable make call to login.windows.net/{0}. It returns with status 302 and message

XMLHtt prequest无法加载 https://login.windows.net/xxx 。 没有访问控制 - 允许 - 原产地标头的请求的资源present。原产地'XXX'，因此没有允许访问。

XMLHttpRequest cannot load https://login.windows.net/xxx. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'xxx' is therefore not allowed access.

如何从JavaScript调用刷新令牌？

How to refresh the token from javascript calls?

推荐答案

它看起来像你的方法更适合于Web UX确保您的Web API。 看看ADAL JS处理JavaScript的驱动应用程序的更可靠的方法：的http://www.cloudidentity.com/blog/2014/10/28/adal-javascript-and-angularjs-deep-dive/ 对于如何标记更新工程的说明，请参阅该职位链接视频 HTH 诉

It looks like you secured your web API with a method more suited for web UX. Take a look at ADAL JS for a more reliable way of dealing with javascript driven apps: http://www.cloudidentity.com/blog/2014/10/28/adal-javascript-and-angularjs-deep-dive/ For an explanation of how token renewal works, see the video linked in that post HTH V.

这篇关于WAAD不会刷新从JavaScript访问令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！