问题描述
我目前正在使用Google的Starlette应用程序使用Authlib正常登录Google,但是Azure在执行此操作时会抛出此无效的声明“ iss”错误:
await client.parse_id_token(request,token)
请帮忙。谷歌搜索,我什么也没发现。
完整的代码段如下:
async def do_azure_login(request: Request) -> Any:
redirect_uri = request.url_for('authz_azure').replace(' ','')
azure = OAUTH.create_client('azure')
return await azure.authorize_redirect(request,redirect_uri)
async def authz_azure(request: Request) -> HTMLResponse:
return await authz(request,OAUTH.azure)
async def authz(request: Request,client: OAuth) -> HTMLResponse:
token = await client.authorize_access_token(request)
user = dict(await client.parse_id_token(request,token))
request.session['username'] = user['email']
request.session['first_name'] = user.get('given_name','')
request.session['last_name'] = user.get('family_name','')
response = TEMPLATING_ENGINE.TemplateResponse(
name='app.html',context={
'request': request
}
)
return response
我认为问题可能在于使用这些:
AZURE_CONF_URL = (
'https://login.microsoftonline.com/common/v2.0/.well-kNown/openid-configuration'
)
AZURE_AUTHZ_URL = (
'https://login.microsoftonline.com/common/oauth2/authorize'
)
问题应该是放置在AZURE_CONF_URL链接中的“发出者”:“ https://login.microsoftonline.com/{tenantid}/v2.0”。我见过同样的问题。