业务中心: Oauth2身份验证
业务中心: Oauth2身份验证
提问于 2022-08-29 16:43:35
我正在尝试配置商业中心之间的集成,前提是19.6和Azure AD。
用户身份验证工作良好
但是,当我尝试OAuth2服务的配置以服务时,按照指令,我无法连接到服务。
我从https://login.microsoftonline.com//OAuth2/v2.0/令牌获得令牌
但是,当我作为Berear令牌传递给时,我得到了错误:
"error": {
"code": "Unknown",
"message": "IDX10501: Signature validation failed. Unable to match key: \nkid: 'System.String'.\nExceptions caught:\n 'System.Text.StringBuilder'. \ntoken: 'System.IdentityModel.Tokens.Jwt.JwtSecurityToken'. CorrelationId: <Guid>."
}在服务器事件查看器上,我有一个错误:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-DynamicsNAV-Server" Guid="{85423fd1-c021-5a63-f214-c4819f8809f3}" />
<EventID>216</EventID>
<Version>1</Version>
<Level>2</Level>
<Task>13</Task>
<Opcode>0</Opcode>
<Keywords>0x4000f00000000001</Keywords>
<TimeCreated SystemTime="2022-08-29T16:17:45.774819400Z" />
<EventRecordID>437</EventRecordID>
<Correlation />
<Execution ProcessID="4064" ThreadID="5832" />
<Channel>Microsoft-DynamicsNAV-Server/Admin</Channel>
<Computer>The computer FQDN</Computer>
<Security UserID="Business Central Service User Id" />
</System>
- <EventData>
<Data Name="serverInstanceName">BC190</Data>
<Data Name="navTenantId" />
<Data Name="environmentName" />
<Data Name="environmentType" />
/*
* 提示:该行代码过长,系统自动注释不进行高亮。一键复制会移除系统注释
* <Data Name="message">Type: Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException Message: IDX10501: Signature validation failed. Unable to match key: kid: 'System.String'. Exceptions caught: 'System.Text.StringBuilder'. token: 'System.IdentityModel.Tokens.Jwt.JwtSecurityToken'. StackTrace: at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at Microsoft.Dynamics.Nav.Runtime.NavJwtSecurityTokenFactory.CreateAndValidateWithAudienceList(String serializedToken, FederationMetadataProvider federationMetadataProvider, IEnumerable`1 allowedAudiences, String tokenId, NavDiagnostics diagnostics) at Microsoft.Dynamics.Nav.Service.WebServiceBearerAuthenticator.TryAuthenticateUser(String authorizationHeader, Uri requestUrl) at Microsoft.Dynamics.Nav.Service.ServiceAuthenticationHelper.AuthenticateForServiceCall(Uri uri, String authorizationValue, Func`3 createException, IEnumerable`1 bearerValidationExtensions, String userAadObjectIdToImpersonate) at Microsoft.Dynamics.Nav.Service.OwinAuthenticationHelper.AuthenticateForServiceCall(IOwinRequest request, Func`3 createException, IEnumerable`1 bearerValidationExtensions) at Microsoft.Dynamics.Nav.Service.OData.Extensions.HttpRequestMessageExtensions.Authenticate(HttpRequestMessage request) at System.Lazy`1.CreateValue() at System.Lazy`1.LazyInitValue() at Microsoft.Dynamics.Nav.Service.OData.NavServiceEnvironment.CreateNavService(NavCancellationToken cancellationToken) at Microsoft.Dynamics.Nav.Service.OData.Modeling.NavODataCachedModelBuilder`2.Build(INavServiceEnvironment serviceEnvironment) at Microsoft.Dynamics.Nav.Service.OData.V4.NavODataV4RouteBuilder.GetEdmModelWithLogging(IServiceProvider serviceProvider) at lambda_method(Closure , ServiceProviderEngineScope ) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider) at Microsoft.AspNet.OData.Routing.DefaultODataPathHandler.Parse(String serviceRoot, String odataPath, IServiceProvider requestContainer, Boolean template) at Microsoft.AspNet.OData.Routing.DefaultODataPathHandler.Parse(String serviceRoot, String odataPath, IServiceProvider requestContainer) at Microsoft.Dynamics.Nav.Service.OData.V4.NavODataV4PathHandler.Parse(String serviceRoot, String odataPath, IServiceProvider requestContainer) at Microsoft.Dynamics.Nav.Service.OData.V4.NavODataV4RouteConstraint.Match(HttpRequestMessage request, IHttpRoute route, String parameterName, IDictionary`2 values, HttpRouteDirection routeDirection) at System.Web.Http.Routing.HttpRoute.ProcessConstraint(HttpRequestMessage request, Object constraint, String parameterName, HttpRouteValueDictionary values, HttpRouteDirection routeDirection) at System.Web.Http.Routing.HttpRoute.ProcessConstraints(HttpRequestMessage request, HttpRouteValueDictionary values, HttpRouteDirection routeDirection) at System.Web.Http.Routing.HttpRoute.GetRouteData(String virtualPathRoot, HttpRequestMessage request) at System.Web.Http.HttpRouteCollection.GetRouteData(HttpRequestMessage request) at System.Web.Http.Dispatcher.HttpRoutingDispatcher.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Net.Http.DelegatingHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Web.Http.HttpServer.<SendAsync>d__24.MoveNext() Source: System.IdentityModel.Tokens.Jwt HResult: -2146233088 StackTrace: at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at Microsoft.Dynamics.Nav.Runtime.NavJwtSecurityTokenFactory.CreateAndValidateWithAudienceList(String serializedToken, FederationMetadataProvider federationMetadataProvider, IEnumerable`1 allowedAudiences, String tokenId, NavDiagnostics diagnostics) at Microsoft.Dynamics.Nav.Service.WebServiceBearerAuthenticator.TryAuthenticateUser(String authorizationHeader, Uri requestUrl) at Microsoft.Dynamics.Nav.Service.ServiceAuthenticationHelper.AuthenticateForServiceCall(Uri uri, String authorizationValue, Func`3 createException, IEnumerable`1 bearerValidationExtensions, String userAadObjectIdToImpersonate) at Microsoft.Dynamics.Nav.Service.OwinAuthenticationHelper.AuthenticateForServiceCall(IOwinRequest request, Func`3 createException, IEnumerable`1 bearerValidationExtensions) at Microsoft.Dynamics.Nav.Service.OData.Extensions.HttpRequestMessageExtensions.Authenticate(HttpRequestMessage request) at System.Lazy`1.CreateValue() at System.Lazy`1.LazyInitValue() at Microsoft.Dynamics.Nav.Service.OData.NavServiceEnvironment.CreateNavService(NavCancellationToken cancellationToken) at Microsoft.Dynamics.Nav.Service.OData.Modeling.NavODataCachedModelBuilder`2.Build(INavServiceEnvironment serviceEnvironment) at Microsoft.Dynamics.Nav.Service.OData.V4.NavODataV4RouteBuilder.GetEdmModelWithLogging(IServiceProvider serviceProvider) at lambda_method(Closure , ServiceProviderEngineScope ) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider) at Microsoft.AspNet.OData.Routing.DefaultODataPathHandler.Parse(String serviceRoot, String odataPath, IServiceProvider requestContainer, Boolean template) at Microsoft.AspNet.OData.Routing.DefaultODataPathHandler.Parse(String serviceRoot, String odataPath, IServiceProvider requestContainer) at Microsoft.Dynamics.Nav.Service.OData.V4.NavODataV4PathHandler.Parse(String serviceRoot, String odataPath, IServiceProvider requestContainer) at Microsoft.Dynamics.Nav.Service.OData.V4.NavODataV4RouteConstraint.Match(HttpRequestMessage request, IHttpRoute route, String parameterName, IDictionary`2 values, HttpRouteDirection routeDirection) at System.Web.Http.Routing.HttpRoute.ProcessConstraint(HttpRequestMessage request, Object constraint, String parameterName, HttpRouteValueDictionary values, HttpRouteDirection routeDirection) at System.Web.Http.Routing.HttpRoute.ProcessConstraints(HttpRequestMessage request, HttpRouteValueDictionary values, HttpRouteDirection routeDirection) at System.Web.Http.Routing.HttpRoute.GetRouteData(String virtualPathRoot, HttpRequestMessage request) at System.Web.Http.HttpRouteCollection.GetRouteData(HttpRequestMessage request) at System.Web.Http.Dispatcher.HttpRoutingDispatcher.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Net.Http.DelegatingHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Web.Http.HttpServer.<SendAsync>d__24.MoveNext()</Data>
*/
</EventData>
</Event>知道如何解决或调查这个问题吗?
谢谢洛伦佐·特伦托-意大利
回答 1
Stack Overflow用户
发布于 2022-09-12 13:45:54
今天也犯了同样的错误。
最后,我们设法解决了这个问题。我们现在能够与BC在Prem上沟通。这是我们应用程序注册中的一个配置错误。因此,首先,您必须检查您的要求与邮递员,并解决这些错误。
在“公开一个API”下的应用程序注册中,我们必须添加一个范围"default“。此外,我们还必须在"API权限“下添加此范围。在BC,我们不得不在"Azure Active Directory应用程序“下”授予访问权“。在您的请求中,您必须将范围设置为"api://YOURAPPID/“。
解决办法是首先使它与邮递员一起工作。如果您直接从您的应用程序尝试它,您将得到错误,这将导致您错误的假设。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/73532020
复制相关文章
相似问题
腾讯云开发者
