.net AzureAdB2C中间件必须提供“ClientId”选项

aydmsdu9  于 2023-04-07  发布在  .NET
关注(0)|答案(2)|浏览(173)

我有一个Angular 的应用程序,能够与Azure B2C进行身份验证,但也有一个自定义的Web API,但当添加中间件的.NET核心Web API时,我得到了“必须提供客户端ID,这是在appsettings中?这就像appsettings没有绑定。
我在Azure中配置了所有的东西,包括expose API,scope,给予permissions等。
我现在只使用本地帐户,所以我没有任何其他身份提供程序设置,所以应该与来自Web API的clientid一起工作。

//tried this 
services.AddMicrosoftIdentityWebApiAuthentication(Configuration, "AzureAdB2C");

//this as well
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
        .AddMicrosoftIdentityWebApi(Configuration.GetSection("AzureAdB2C"));

{
  "AzureAdB2C": {
    "Instance": "https://{domain}.b2clogin.com/",
    "ClientId": "11111111-1111-1111-1111-111111111111", 
    "Domain": "{domain}.onmicrosoft.com",
    "SignUpSignInPolicyId": "b2c_1_SignupSign"    
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AllowedHosts": "*"
}


    Request starting HTTP/1.1 GET http://localhost:5000/weatherforecast
fail: Microsoft.AspNetCore.Server.Kestrel[13]
      Connection id "0HM729054ALE1", Request id "0HM729054ALE1:00000001": An unhandled exception was thrown by the application.
Microsoft.Extensions.Options.OptionsValidationException: IDW10106: The 'ClientId' option must be provided.

启动

using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;

using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Identity.Web;

namespace WepApi1
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            //services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            //    .AddMicrosoftIdentityWebApi(Configuration.GetSection("AzureAdB2C"));

            services.AddMicrosoftIdentityWebApiAuthentication(Configuration, "AzureAdB2C");

            services.AddAuthorization();

            services.AddControllers();
                       
            services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
            {
                builder.WithOrigins("http://localhost:4200")
                       .AllowAnyMethod()
                       .AllowAnyHeader()
                       .AllowCredentials()
                       .SetIsOriginAllowed((host) => true);
            }));

          

        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            app.UseRouting();

            app.UseAuthentication();
          
            app.UseAuthorization();

            app.UseCors("CorsPolicy");

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllers();
            });
        }
    }
}
0kjbasz6

0kjbasz61#

好吧,整个问题原来是Kestrel。只要我使用IIS Express一切工作。不真实

tmb3ates

tmb3ates2#

我的依赖注入看起来像这样:

builder.Services.AddMicrosoftIdentityWebApiAuthentication(builder.Configuration);

这是我的appsettings.json

{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "AllowedHosts": "*",
  "ConnectionStrings": {
    "Default": "[YOUR CONNECTION STRING HERE]"
  },
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "[YOUR APP DOMAIN HERE]",
    "TenantId": "[YOUR APP'S HERE]",
    "ClientId": "[YOUR APP'S HERE]",
    "Scopes": {
      "Read": [ "[YOUR APP'S].Read" ],
      "Write": [ "[YOUR APP'S].ReadWrite" ]
    },
    "AppPermissions": {
      "Read": [ "[YOUR APP'S].Read.All" ],
      "Write": [ "[YOUR APP'S].ReadWrite.All" ]
    }
  }
}

忘记将AzureAd设置添加到appsettings.json文件也会导致此错误。

相关问题