python - Azure Functions Python 应用程序 - 启用 IdentityModelEventSource.ShowPII 属性

Question

我在 Azure Functions 中托管的 Python API 的 AAD 身份验证方面遇到一些问题。

official documentation建议“启用 PII 以查看从消息中删除的值”，以便能够检查颁发者和有效颁发者。该文档仅引用 .NET然而扩展。搜索 learn.microsoft.com也仅显示 .NET 开发人员的热门内容。 如何为我的 Python API 应用程序激活它？

我陷入困境的错误代码/返回 JSON:

{
    "code": 401,
    "message": "IDX10205: Issuer validation failed. Issuer: '[PII of type 'System.String' is hidden. 
               For more details, see https://aka.ms/IdentityModel/PII.]'. 
               Did not match: validationParameters.ValidIssuer: 
               '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]' 
               or validationParameters.ValidIssuers: '[PII of type 'System.String' 
               is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. 
               For more details, see https://aka.ms/IdentityModel/issuer-validation. "
}

host.json 文件:

{
  "version": "2.0",
  "extensions": {
    "http": {
      "routePrefix": ""
    }
  }
}

local.settings.json 文件:

{
  "IsEncrypted": false,
  "Values": {
    "AzureWebJobsStorage": "",
    "FUNCTIONS_WORKER_RUNTIME": "python"
  }
}

MyApp/function.json 文件:

{
  "scriptFile": "__init__.py",   # see below for contents
  "disabled": false,
  "bindings": [
    {
      "authLevel": "anonymous",
      "type": "httpTrigger",
      "direction": "in",
      "name": "req",
      "methods": [
        "get",
        "post"
      ],
      "route": "{*route}"
    },
    {
      "type": "http",
      "direction": "out",
      "name": "$return"
    }
  ]
}

MyApp/__ init __.py 文件:

from ..FastAPIApp import app  # see below for contents

nest_asyncio.apply()
logger = logging.getLogger()


@app.get("/status")
async def index() -> Dict:
    return {
        "info": "API is working normally.",
    }

FastAPIApp/__ init __.py 文件:

import fastapi

app = fastapi.FastAPI()

Answer 1

来自MS论坛的回答(复制粘贴):

The IdentityModelEventSource.ShowPII property is part of Azure SDK for .NET and the same for Python would be MSAL for Python. And it doesn't seem possible to enable it as this doc states the following about the logging of PII data:

MSAL for Python does not log personal data or organizational data. There is no property to turn personal or organization data logging on or off.