Cordova AAD服务器流身份验证在Android和iOS上挂起 [英] Cordova AAD server flow authentication hangs on Android and iOS
问题描述
我一直在尝试解决这个问题一个多星期,没有任何进展。我无法使用Cordova Azure移动应用程序插件和.NET / C#后端进行身份验证。
我关注此
当我执行Cordova应用程式并在连接时将其传送到Android或iOS装置 公共网络,我收到Cordova WebView(InAppBrowser),它要求我的凭据。我输入我的用户名,按密码文本框,重新启动。
我错过了什么?为什么当连接到公共网络时在Ripple中获得第二个提示,为什么只尝试验证用户名后Cordova WebView显示空白屏幕?
Azure移动应用CORS设置:
Azure Mobile App AAD验证设置
Azure资源浏览器设置:
Azure Active Directory由 Express 创建的WebApp Active Directory管理模式
委托权限集是默认权限集:登录并阅读用户个人资料
网络在代理上设置。然后,您正在代理代理,后端没有看到所需的网址,而是显示代理的网址。
我怀疑这是在正常移动情况下工作正常的事情之一。在实际设备上运行应用程序,而不是在公共网络上。
I've been trying to solve this issue for over a week now with no progress whatsoever. I’m having trouble authenticating using Cordova Azure Mobile App plugin and .NET/C# back-end.
I'm following this tutorial on creating a Cordova app for Android/iOS. I added Azure Active Directory as my provider for authentication based on this tutorial. I downloaded the quickstart projects from the Azure Portal for Cordova and .NET/C# back-end.
I deployed the Azure mobile app back-end and updated the Resource Explorer to allow https://localhost:4000 and https://{myazurewebsite}.azurewebsites.net by adding the URL’s in allowedExternalRedirectUrls. I also updated CORS to allow those same URL’s. I added my Single Sign-On Reply URL to be https://{myazurewebsite}.azurewebsites.net/.auth/login/aad/callback. I ensured that my Cordova app has the InAppBrowser and Azure Mobile Apps plugin installed. I updated the Content-Security-Policy to point to https://login.windows.net and https://{myazurewebsite}.azurewebsites.net. I updated my onDeviceReady() function to be:
function onDeviceReady() {
// Create a connection reference to our Azure Mobile Apps backend
client = new WindowsAzure.MobileServiceClient('https://{myazurewebsite}.azurewebsites.net');
// Login to the service
client.login('aad')
.then(function () {
// BEGINNING OF ORIGINAL CODE
// Create a table reference
todoItemTable = client.getTable('todoitem');
// Refresh the todoItems
refreshDisplay();
// Wire up the UI Event Handler for the Add Item
$('#add-item').submit(addItemHandler);
$('#refresh').on('click', refreshDisplay);
// END OF ORIGINAL CODE
}, handleError);
}
When I execute the Cordova app in Ripple while connected to my work LAN, the app loads into Ripple and then a second window opens asking me for my AAD credentials. I enter my username, tab off, and the redirect starts to happen and I am successfully authenticated and able to interact with the ToDoItems from the tutorial.
When I execute the Cordova app in Ripple while connected to a public network, the app loads into Ripple and then a second window opens asking me for my AAD credentials. I enter my username, tab off, and the redirect starts to happen and the I am presented with an additional prompt shown in the image below:
When I execute the Cordova app and send it to an Android or iOS device while connected to a public network, I receive the Cordova WebView (InAppBrowser) which asks for my credentials. I enter my username, press the password text box, and the redirect starts. It then just goes to a blank white page and hangs there.
Am I missing something? Why do I get a second prompt in Ripple when connected to a public network and why does the Cordova WebView show a blank screen after trying to authenticate the user name only?
Azure Mobile App CORS settings:
Azure Mobile App AAD Authentication settings
Azure Resource Explorer settings:
Azure Active Directory WebApp created by Express setting Active Directory Management Mode The delegate permission set is the default one: Sign in and read user profile
It looks like the public network is set up on a proxy. You are then proxying a proxy and the backend is not seeing the URL it expects - instead, it is seeing the URL of the proxy.
I suspect this is one of those things that will work fine in a "normal" mobile situation. Run the app on a real device instead when you are on the public network.
这篇关于Cordova AAD服务器流身份验证在Android和iOS上挂起的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!