gpt4 book ai didi

web-applications - 应用程序 '' 未配置为 Multi-Tenancy 应用程序

转载 作者:行者123 更新时间:2023-12-05 07:19:14 24 4
gpt4 key购买 nike

我正在尝试开发单租户应用程序,但在登录时收到以下错误消息:

“应用程序‘(app ID)’未配置为 Multi-Tenancy 应用程序。在‘2018 年 10 月 15 日’之后创建的此类应用程序不支持使用/common 端点。使用特定于租户的端点或将应用程序配置为 Multi-Tenancy 。”

  1. 我在 Azure AD 门户的“应用程序注册”=>“身份验证”=>“支持的帐户类型”部分下验证了“仅此组织目录中的帐户”(######仅 - 单租户)选项已被选中。

  2. 然后我在我的代码中确定了' https://login.microsoftonline.com/ {tenantID} 的端点正在使用中。换句话说,代码中的任何地方都没有提及“/common”端点。

    Private Shared appId As String = ConfigurationManager.AppSettings("ida:ClientId")
Private Shared appSecret As String = ConfigurationManager.AppSettings("ida:ClientSecret")
Private Shared redirectUri As String = ConfigurationManager.AppSettings("ida:PostLogoutRedirectUri")
Private Shared graphScopes As String = ConfigurationManager.AppSettings("ida:AppScopes")
Private Shared sAzureAdInstance As String = "https://login.microsoftonline.com/"
Private Shared sTenant As String = ConfigurationManager.AppSettings("ida:TenantId")
Private Shared sAuthority As String = sAzureAdInstance & sTenant

Public Sub ConfigureAuth(ByVal app As IAppBuilder)
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType)
app.UseCookieAuthentication(New CookieAuthenticationOptions())
app.UseOpenIdConnectAuthentication(New OpenIdConnectAuthenticationOptions With {
.ClientId = appId,
.Scope = $"openid email profile offline_access {graphScopes}",
** .Authority = sAuthority, **
.RedirectUri = redirectUri,
.PostLogoutRedirectUri = redirectUri,
.TokenValidationParameters = New TokenValidationParameters With {
.ValidateIssuer = False
},
.Notifications = New OpenIdConnectAuthenticationNotifications With {
.AuthenticationFailed = AddressOf OnAuthenticationFailedAsync,
.AuthorizationCodeReceived = AddressOf OnAuthorizationCodeReceivedAsync,
}
})

End Sub

我希望我的应用在单租户模式下运行。我找不到与此问题相关的有意义的文档。

编辑:

我已经在我的代码中隔离了错误的方法,下面的片段显示了它的上下文:

Dim signedInUser = New ClaimsPrincipal(notification.AuthenticationTicket.Identity)
Dim idClient As IConfidentialClientApplication = ConfidentialClientApplicationBuilder.Create(appId).WithRedirectUri(redirectUri).WithClientSecret(appSecret).Build()
Dim scopes As String() = graphScopes.Split(" "c)
'NOTE: The scopes string array contains the following two values: User.Read and Calendars.Read.
Dim authResult = Await idClient.AcquireTokenByAuthorizationCode(scopes, notification.Code).ExecuteAsync()
'EXECUTION HALTS HERE

我无法辨别 AcquireTokenByAuthorizationCode() 方法与错误消息之间的关联。我不太清楚哪里出了问题。

非常感谢任何帮助。

最佳答案

我对vb不是很熟悉,但是引用c#代码,可以手动指定权限:

app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
// The `Authority` represents the v2.0 endpoint - https://login.microsoftonline.com/common/v2.0
Authority = Globals.Authority,
ClientId = Globals.ClientId,
RedirectUri = Globals.RedirectUri,
PostLogoutRedirectUri = Globals.RedirectUri,
Scope = Globals.BasicSignInScopes + " Mail.Read", // a basic set of permissions for user sign in & profile access "openid profile offline_access"
TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = false,
// In a real application you would use IssuerValidator for additional checks, like making sure the user's organization has signed up for your app.
// IssuerValidator = (issuer, token, tvp) =>
// {
// //if(MyCustomTenantValidation(issuer))
// return issuer;
// //else
// // throw new SecurityTokenInvalidIssuerException("Invalid issuer");
// },
//NameClaimType = "name",
},
Notifications = new OpenIdConnectAuthenticationNotifications()
{
AuthorizationCodeReceived = OnAuthorizationCodeReceived,
AuthenticationFailed = OnAuthenticationFailed,
}
});

似乎默认使用https://login.microsoftonline.com/common/v2.0。因此,您可以将值更改为 https://login.microsoftonline.com/{your_tenant}/v2.0


更新:

可以新建一个vb web项目,选择使用Azure AD单租户认证。

enter image description here

enter image description here

然后你会得到一个可行的样本:

Partial Public Class Startup
Private Shared clientId As String = ConfigurationManager.AppSettings("ida:ClientId")
Private Shared aadInstance As String = EnsureTrailingSlash(ConfigurationManager.AppSettings("ida:AADInstance"))
Private Shared tenantId As String = ConfigurationManager.AppSettings("ida:TenantId")
Private Shared postLogoutRedirectUri As String = ConfigurationManager.AppSettings("ida:PostLogoutRedirectUri")
Private Shared authority As String = aadInstance & tenantId

Public Sub ConfigureAuth(app As IAppBuilder)
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType)

app.UseCookieAuthentication(New CookieAuthenticationOptions())

app.UseOpenIdConnectAuthentication(New OpenIdConnectAuthenticationOptions() With {
.ClientId = clientId,
.Authority = authority,
.PostLogoutRedirectUri = postLogoutRedirectUri
})
End Sub
*
*
End Class

也支持指定Authority。并且可以看到已经设置为aadInstance & tenantId

如果要使用 Azure AD v2,则需要使用 v2.0 端点。

关于web-applications - 应用程序 '' 未配置为 Multi-Tenancy 应用程序,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57864036/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com