Postman 获得Azure Synapse承载令牌

dba5bblo  于 2023-01-09  发布在  Postman
关注(0)|答案(1)|浏览(176)

我正在尝试使用Postman获取Azure Synapse承载令牌。我已关注此Postman链接/视频并成功拨打电话:
Azure管理Rest API:https://management.azure.com/subscriptions/{{subscriptionId}}/resourcegroups?api-version=2020-09-01
根据Microsoft文档和PowerShell,我已成功获得Synapse承载令牌并调用:
https://mysynapseworkspace.dev.azuresynapse.net/pipelines?api-version=2020-12-01
PowerShell:注意:终结点为https://dev.azuresynapse.net/创建Azure APP服务主体
az登录--服务主体--用户名"appid"--密码"pasword"--租户"tenantid"
az帐户获取访问令牌--资源https://dev.azuresynapse.net/
在Postman链接示例中,预请求脚本

pm.test("Check for collectionVariables", function () {
let vars = ['clientId', 'clientSecret', 'tenantId', 'subscriptionId'];
vars.forEach(function (item, index, array) {
    console.log(item, index);
    pm.expect(pm.collectionVariables.get(item), item + " variable not set").to.not.be.undefined;
    pm.expect(pm.collectionVariables.get(item), item + " variable not set").to.not.be.empty; 
});

if (!pm.collectionVariables.get("bearerToken") || Date.now() > new Date(pm.collectionVariables.get("bearerTokenExpiresOn") * 1000)) {
    pm.sendRequest({
        url: 'https://login.microsoftonline.com/' + pm.collectionVariables.get("tenantId") + '/oauth2/token',
        method: 'POST',
        header: 'Content-Type: application/x-www-form-urlencoded',
        body: {
            mode: 'urlencoded',
            urlencoded: [
                { key: "grant_type", value: "client_credentials", disabled: false },
                { key: "client_id", value: pm.collectionVariables.get("clientId"), disabled: false },
                { key: "client_secret", value: pm.collectionVariables.get("clientSecret"), disabled: false },
                { key: "resource", value: pm.collectionVariables.get("resource") || "https://management.azure.com/", disabled: false }
            ]
        }
    }, function (err, res) {
        if (err) {
            console.log(err);
        } else {
            let resJson = res.json();
            pm.collectionVariables.set("bearerTokenExpiresOn", resJson.expires_on);
            pm.collectionVariables.set("bearerToken", resJson.access_token);
        }
    });
}

});
我修改了Pre-Request-Script语句:
The PostMan Variable: resource = dev.azuresynapse.net

{ key: "resource", value: pm.collectionVariables.get("resource") || "https://dev.azuresynapse.net/", disabled: false }

发布失败:

{
"code": "AuthenticationFailed",
"message": "Token Authentication failed - IDX12741: JWT: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]' must have three segments (JWS) or five segments (JWE)."

}
有什么问题吗?谢谢

ekqde3dh

ekqde3dh1#

我试图在我的环境中重现同样的事情,并得到以下结果:

    • 带承载令牌的PowerShell:**

shell 脚本:

$applicationID = '4381xxxxxxxxxxxfa606b3edf' 
$clientSecret = '4KI8Qxxxxxxxxxxxxxxxx6sQcKw'
$tenantId = 'fb134080xxxxxxxxxxxxx3a0c218f3b0'          
$url = "https://login.microsoftonline.com/$tenantId/oauth2/token" 
$resource = "https://graph.microsoft.com/" 
$restbody = @{
        grant_type = 'client_credentials' 
        client_id = $applicationID 
        client_secret = $clientSecret 
        resource = $resource 
} 
# Get the return Auth Token 
$token = Invoke-RestMethod -Method POST -Uri $url -Body $restbody Write-Host "Authenticated - token retrieved of type " $($token.token_type)
$token

    • 或者**
    • 我使用以下参数通过 Postman 生成了承载令牌:**
POST
https://login.microsoftonline.com/fb1380-e4d2-xxxxx-f3a0c218f3b0/oauth2/v2.0/token
  
client_id:4KIxxxxxx2CS2UasSu9zTXhrMNQy6sQcKw  
scope:https://management.azure.com/.default 
client_secret: 4KI8Q~7xxxxxxxxxzTXhrMNQy6sQcKw
grant_type:client_credentials
    • 答复:**

相关问题