我有一个 ASP.NET Webforms 应用程序,在其中使用与 Azure Active Directory 关联的 Azure Key Vault。我使用了这里找到的指南 https://azure.microsoft.com/en-us/documentation/articles/storage-encrypt-decrypt-blobs-key-vault/ 用于从 Azure Active Directory 为我的应用程序获取 token 并使用它来访问我的 key 保管库,我最终将其用于存储加密。应用程序第一次请求 token 时一切正常,但在 token 过期后(一小时后)。应用程序不会按其应有的方式检索新 token 。我正在使用最新的稳定版本 Microsoft.IdentityModel.Clients.ActiveDirectory 2.19.208020213,并且也尝试了最新的预版本 (3.5.208051316-alpha)。
GetToken 方法如下所示
Public Async Function GetToken(authority As String, resource As String, scope As String) As Task(Of String)
Dim authContext = New AuthenticationContext(authority)
Dim clientCred As New ClientCredential(CloudConfigurationManager.GetSetting("ClientID"), CloudConfigurationManager.GetSetting("ClientSecret"))
System.Diagnostics.Trace.TraceInformation("Attempting to acquire auth token")
Dim result As AuthenticationResult = await authContext.AcquireTokenAsync(resource, clientCred)
System.Diagnostics.Trace.TraceInformation("Auth returned")
If result Is Nothing Then
System.Diagnostics.Trace.TraceInformation("Auth was null")
Throw New InvalidOperationException("Failed to obtain the JWT token")
End If
System.Diagnostics.Trace.TraceInformation("Returning auth access token")
Return result.AccessToken
End Function
此处用于获取与 key 保管库的连接
Dim cloudResolver As New KeyVaultKeyResolver(AddressOf GetToken)
GetToken 方法仅卡在 AcquireTokenAsync 处。我已在 ADAL 中打开详细日志记录,这就是日志显示的内容,它会停止并且 GetToken 永远不会返回。
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: Looking up cache for a token...
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: An item matching the requested resource was found in the cache
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: An expired or near expiry token was found in the cache
-Application: 2015-09-21T17:12:13 PID[8884] Information 9/21/2015 5:12:13 PM: 19ce5dc3-d618-48e9-8bbd-c5b3ad31bfc2 - TokenCache: An old item was removed from the cache
此外,我尝试通过将 token 缓存设置为 Nothing 来关闭 token 缓存,然后 ADAL 甚至无法在第一次检索访问 token 。
最佳答案
我在这个类似的问题中找到了答案Azure KeyVault Active Directory AcquireTokenAsync timeout when called asynchronously
关键是删除其中任何一个并将其替换为等待
.GetAwaiter().GetResult()
例如,这是原来的
Dim theKey = cloudResolver.ResolveKeyAsync($"{CloudConfigurationManager.GetSetting("KeyVaultUrl")}Secret/", CancellationToken.None).GetAwaiter().GetResult()
已替换为
Dim theKey = await cloudResolver.ResolveKeyAsync($"{CloudConfigurationManager.GetSetting("KeyVaultUrl")}Secret/", CancellationToken.None)
关于asp.net - ADAL token 不刷新,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32701568/