个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
25
4
我正在尝试在我的 iOS 应用程序中与 Microsoft Graph 集成。我正在 XCode 上使用 Swift 进行开发。我按照本教程进行操作:
当我单击“连接”时,输入我的登录详细信息,它不断向我显示以下错误消息。我尝试过调试,它进入 acquireTokenInteractively() 并打印错误。
我已在 Microsoft 应用程序门户上注册了我的应用程序,在应用程序的功能选项卡上启用了钥匙串(keychain)共享等,但不太确定为什么这不起作用..
谢谢你的帮助。
import UIKit
import MSAL
class ViewController: UIViewController, UITextFieldDelegate, URLSessionDelegate {
// Update the below to your client ID you received in the portal. The below is for running the demo only
let kClientID = "a88969f1-61c7-4322-a9a0-9212bb96b782"
// These settings you don't need to edit unless you wish to attempt deeper scenarios with the app.
let kGraphURI = "https://graph.microsoft.com/v1.0/me/"
//let kScopes: [String] = ["https://graph.microsoft.com/user.read"]
let kAuthority = "https://login.microsoftonline.com/common"
var accessToken = String()
var applicationContext : MSALPublicClientApplication?
@IBOutlet weak var connectButton: UIButton!
@IBOutlet weak var signoutButton: UIButton!
@IBOutlet weak var loggingText: UITextView!
@IBAction func connectButtonTapped(_ sender: UIButton) {
print("Connect button tapped")
if self.currentAccount() == nil {
// We check to see if we have a current logged in account.
// If we don't, then we need to sign someone in.
self.acquireTokenInteractively()
} else {
self.acquireTokenSilently()
}
}
@IBAction func signoutButtonTapped(_ sender: UIButton) {
print("Signout button tapped")
guard let applicationContext = self.applicationContext else { return }
guard let account = self.currentAccount() else { return }
do {
/**
Removes all tokens from the cache for this application for the provided account
- account: The account to remove from the cache
*/
try applicationContext.remove(account)
self.loggingText.text = ""
self.signoutButton.isEnabled = false
} catch let error as NSError {
self.loggingText.text = "Received error signing account out: \(error)"
}
}
/**
Setup public client application in viewDidLoad
*/
override func viewDidLoad() {
super.viewDidLoad()
do {
/**
Initialize a MSALPublicClientApplication with a given clientID and authority
- clientId: The clientID of your application, you should get this from the app portal.
- authority: A URL indicating a directory that MSAL can use to obtain tokens. In Azure AD
it is of the form https://<instance/<tenant>, where <instance> is the
directory host (e.g. https://login.microsoftonline.com) and <tenant> is a
identifier within the directory itself (e.g. a domain associated to the
tenant, such as contoso.onmicrosoft.com, or the GUID representing the
TenantID property of the directory)
- error The error that occurred creating the application object, if any, if you're
not interested in the specific error pass in nil.
*/
guard let authorityURL = URL(string: kAuthority) else {
self.loggingText.text = "Unable to create authority URL"
return
}
let authority = try MSALAuthority(url: authorityURL)
self.applicationContext = try MSALPublicClientApplication(clientId: kClientID, authority: authority)
} catch let error {
self.loggingText.text = "Unable to create Application Context \(error)"
}
}
override func viewWillAppear(_ animated: Bool) {
super.viewWillAppear(animated)
signoutButton.isEnabled = !self.accessToken.isEmpty
}
/**
This button will invoke the authorization flow.
*/
@IBAction func callGraphButton(_ sender: UIButton) {
if self.currentAccount() == nil {
// We check to see if we have a current logged in account.
// If we don't, then we need to sign someone in.
self.acquireTokenInteractively()
} else {
self.acquireTokenSilently()
}
}
func getContentWithToken() {
// Specify the Graph API endpoint
let url = URL(string: kGraphURI)
var request = URLRequest(url: url!)
// Set the Authorization header for the request. We use Bearer tokens, so we specify Bearer + the token we got from the result
request.setValue("Bearer \(self.accessToken)", forHTTPHeaderField: "Authorization")
URLSession.shared.dataTask(with: request) { data, response, error in
if let error = error {
self.loggingText.text = "Couldn't get graph result: \(error)"
return
}
guard let result = try? JSONSerialization.jsonObject(with: data!, options: []) else {
self.loggingText.text = "Couldn't deserialize result JSON"
return
}
self.loggingText.text = "Result from Graph: \(result))"
}.resume()
}
func acquireTokenInteractively() {
guard let applicationContext = self.applicationContext else { return }
applicationContext.acquireToken(forScopes: ApplicationConstants.kScopes) { (result, error) in
if let error = error {
self.loggingText.text = "Could not acquire token: \(error)"
return
}
guard let result = result else {
self.loggingText.text = "Could not acquire token: No result returned"
return
}
self.accessToken = result.accessToken
self.loggingText.text = "Access token is \(self.accessToken)"
self.signoutButton.isEnabled = true
self.getContentWithToken()
}
}
func acquireTokenSilently() {
guard let applicationContext = self.applicationContext else { return }
/**
Acquire a token for an existing account silently
- forScopes: Permissions you want included in the access token received
in the result in the completionBlock. Not all scopes are
guaranteed to be included in the access token returned.
- account: An account object that we retrieved from the application object before that the
authentication flow will be locked down to.
- completionBlock: The completion block that will be called when the authentication
flow completes, or encounters an error.
*/
applicationContext.acquireTokenSilent(forScopes: ApplicationConstants.kScopes, account: self.currentAccount()!) { (result, error) in
if let error = error {
let nsError = error as NSError
// interactionRequired means we need to ask the user to sign-in. This usually happens
// when the user's Refresh Token is expired or if the user has changed their password
// among other possible reasons.
if (nsError.domain == MSALErrorDomain
&& nsError.code == MSALErrorCode.interactionRequired.rawValue) {
DispatchQueue.main.async {
self.acquireTokenInteractively()
}
} else {
self.loggingText.text = "Could not acquire token silently: \(error)"
}
return
}
guard let result = result else {
self.loggingText.text = "Could not acquire token: No result returned"
return
}
self.accessToken = result.accessToken
self.loggingText.text = "Refreshed Access token is \(self.accessToken)"
self.signoutButton.isEnabled = true
self.getContentWithToken()
}
}
func currentAccount() -> MSALAccount? {
guard let applicationContext = self.applicationContext else { return nil }
// We retrieve our current account by getting the first account from cache
// In multi-account applications, account should be retrieved by home account identifier or username instead
do {
let cachedAccounts = try applicationContext.allAccounts()
if !cachedAccounts.isEmpty {
return cachedAccounts.first
}
} catch let error as NSError {
self.loggingText.text = "Didn't find any accounts in cache: \(error)"
}
return nil
}
}
//
struct ApplicationConstants {
static let ResourceId = "https://graph.microsoft.com"
static let kAuthority = "https://login.microsoftonline.com/common/oauth2/v2.0"
static let kGraphURI = "https://graph.microsoft.com/v1.0/me/"
static let kScopes = ["https://graph.microsoft.com/Mail.ReadWrite",
"https://graph.microsoft.com/Mail.Send",
"https://graph.microsoft.com/Files.ReadWrite",
"https://graph.microsoft.com/User.ReadBasic.All"]
static var kClientID = "6d5a8e6d-0281-4003-8feb-43a9ca39d4d2"
enum MSGraphError: Error {
case nsErrorType(error: NSError)
}
}
最佳答案
您需要确保已将正确的标识符添加到钥匙串(keychain)共享组中。默认值为 com.microsoft.adalcache。
关于ios - MSAL - 尝试对 Microsoft Graph 登录进行身份验证时无法将项目设置到钥匙串(keychain)中,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53298417/
25
4
0
SQLite、Content provider 和 Shared Preference 之间的所有已知区别。 但我想知道什么时候需要根据情况使用 SQLite 或 Content Provider 或
警告:我正在使用一个我无法完全控制的后端,所以我正在努力解决 Backbone 中的一些注意事项,这些注意事项可能在其他地方更好地解决......不幸的是,我别无选择,只能在这里处理它们! 所以,我的
我一整天都在挣扎。我的预输入搜索表达式与远程 json 数据完美配合。但是当我尝试使用相同的 json 数据作为预取数据时,建议为空。点击第一个标志后,我收到预定义消息“无法找到任何内容...”,结果
我正在制作一个模拟 NHL 选秀彩票的程序,其中屏幕右侧应该有一个 JTextField,并且在左侧绘制弹跳的选秀球。我创建了一个名为 Ball 的类,它实现了 Runnable,并在我的主 Draf
这个问题已经有答案了: How can I calculate a time span in Java and format the output? (18 个回答) 已关闭 9 年前。 这是我的代码
我有一个 ASP.NET Web API 应用程序在我的本地 IIS 实例上运行。 Web 应用程序配置有 CORS。我调用的 Web API 方法类似于: [POST("/API/{foo}/{ba
我将用户输入的时间和日期作为: DatePicker dp = (DatePicker) findViewById(R.id.datePicker); TimePicker tp = (TimePic
放宽“邻居”的标准是否足够,或者是否有其他标准行动可以采取? 最佳答案 如果所有相邻解决方案都是 Tabu,则听起来您的 Tabu 列表的大小太长或您的释放策略太严格。一个好的 Tabu 列表长度是
我正在阅读来自 cppreference 的代码示例: #include #include #include #include template void print_queue(T& q)
我快疯了,我试图理解工具提示的行为,但没有成功。 1. 第一个问题是当我尝试通过插件(按钮 1)在点击事件中使用它时 -> 如果您转到 Fiddle,您会在“内容”内看到该函数' 每次点击都会调用该属
我在功能组件中有以下代码: const [ folder, setFolder ] = useState([]); const folderData = useContext(FolderContex
我在使用预签名网址和 AFNetworking 3.0 从 S3 获取图像时遇到问题。我可以使用 NSMutableURLRequest 和 NSURLSession 获取图像,但是当我使用 AFHT
我正在使用 Oracle ojdbc 12 和 Java 8 处理 Oracle UCP 管理器的问题。当 UCP 池启动失败时,我希望关闭它创建的连接。 当池初始化期间遇到 ORA-02391:超过
关闭。此题需要details or clarity 。目前不接受答案。 想要改进这个问题吗?通过 editing this post 添加详细信息并澄清问题. 已关闭 9 年前。 Improve
引用这个plunker: https://plnkr.co/edit/GWsbdDWVvBYNMqyxzlLY?p=preview 我在 styles.css 文件和 src/app.ts 文件中指定
为什么我的条形这么细?我尝试将宽度设置为 1,它们变得非常厚。我不知道还能尝试什么。默认厚度为 0.8,这是应该的样子吗? import matplotlib.pyplot as plt import
当我编写时,查询按预期执行: SELECT id, day2.count - day1.count AS diff FROM day1 NATURAL JOIN day2; 但我真正想要的是右连接。当
我有以下时间数据: 0 08/01/16 13:07:46,335437 1 18/02/16 08:40:40,565575 2 14/01/16 22:2
一些背景知识 -我的 NodeJS 服务器在端口 3001 上运行,我的 React 应用程序在端口 3000 上运行。我在 React 应用程序 package.json 中设置了一个代理来代理对端
我面临着一个愚蠢的问题。我试图在我的 Angular 应用程序中延迟加载我的图像,我已经尝试过这个2: 但是他们都设置了 src attr 而不是 data-src,我在这里遗漏了什么吗?保留 d
我是一名优秀的程序员,十分优秀!