Ani*_*kar 4 javascript azure angularjs azure-active-directory adal.js
如何adal.js在AngularJS中使用https://management.azure.com我的JavaScript代码为观众获取承载令牌?
我在AD中创建了一个客户端应用程序,并设置其权限以允许其访问“ Windows Azure服务管理API”。我的angularjs代码如下:
adalService.init(
{
instance: "https://login.windows.net/",
tenant: "<something>.onmicrosoft.com",
clientId: "<some id>",
cacheLocation: 'localStorage',
redirectUri: 'http://localhost:63691/index.html#/configure',
endpoints: {
/* 'target endpoint to be called': 'target endpoint's resource ID' */
'https://management.azure.com/subscriptions?api-version=2014-04-01': 'https://management.azure.com/'
}
},
$httpProvider
);
如果我使用此adalService在POSTMAN中收到的令牌来调用https://management.azure.com/subscriptions?api-version=2014-04-01,则会收到以下错误:
The access token has been obtained from wrong audience or resource '<some id>'.
It should exactly match (including forward slash) with one of the allowed audiences 'https://management.core.windows.net/','https://management.azure.com/'.
好的,所以我在这里浏览了ADAL.JS的源代码后找到了解决方案。在第137行,它查看config.loginResource将config对象传递给init()函数时是否已设置它。
将其放置在任何卡住的人那里:
如果您需要令牌来声明“ https://management.azure.com/ ”(或任何其他资源URI)的所有权,则可以在初始化AuthenticationContext时设置受众群体,如下所示:
app.config(['$routeProvider', '$httpProvider', 'adalAuthenticationServiceProvider', function ($routeProvider, $httpProvider, adalService) {
adalService.init(
{
instance: "https://login.microsoftonline.com/",
tenant: "<something>.onmicrosoft.com",
clientId: "<client-id>",
cacheLocation: 'localStorage', //optional
redirectUri: '<redirect-uri>',
loginResource: 'https://management.azure.com/' //to set AUDIENCE
},
$httpProvider
);
}]);
| 归档时间: |
|
| 查看次数: |
3740 次 |
| 最近记录: |