使用ADAL.js获取ADFS本地令牌

huangapple go评论91阅读模式
英文:

get ADFS on-promise Token using ADAL.js

问题

我想知道ADAL.js是否适用于ADFS和本地AD,事实上,我需要获取ADFS的Id_Token并将其传递到SharePoint REST API的标头中。

根据ADAL.js文章,我发现它使用Azure参数:

@property {string} tenant - 您的目标租户
@property {string} clientId - Azure Active Directory分配给您的应用程序的客户端ID
@property {string} redirectUri - 您期望接收令牌的端点默认为`window.location.href`
@property {string} instance - Azure Active Directory实例默认为`https://login.microsoftonline.com/`
@property {Array} endpoints - 用于自动附加令牌在webApi调用中的{Endpoint-ResourceId}集合
@property {Boolean} popUp - 将此设置为true以启用在弹出窗口中进行登录而不是完全重定向默认为`false`

事实上,我正在使用本地Active Directory和ADFS,作为开发者,我无法访问AD和ADFS,是否有一种方法只使用用户电子邮件获取ID令牌(以避免强制用户设置登录名和密码)?

所以有人有一个示例可以做到这一点吗?

英文:

I wonder if ADAL.js works on ADFS and AD on-premise or not.
Actually, I need to get the Id_Token of ADFS and pass it in the headers of SharePoint REST API.

following the acticle ADAL.js i found it using Azure parameters:

 @property {string} tenant - Your target tenant.
     *  @property {string} clientId - Client ID assigned to your app by Azure Active Directory.
     *  @property {string} redirectUri - Endpoint at which you expect to receive tokens.Defaults to `window.location.href`.
     *  @property {string} instance - Azure Active Directory Instance.Defaults to `https://login.microsoftonline.com/`.
     *  @property {Array} endpoints - Collection of {Endpoint-ResourceId} used for automatically attaching tokens in webApi calls.
     *  @property {Boolean} popUp - Set this to true to enable login in a popup winodow instead of a full redirect.Defaults to `false`.

In fact am using Active directory and ADFS on-premise, As a developer, I don't have access to AD and ADFS neither, and is there a way to get the ID_token using user email only (in order to not oblige the user to set login and password)

So any one have a sample a way to do this ?

答案1

得分: 1

因为该项目是为Azure AD而设计的,所以你看到Azure AD参数。

这篇文章向你展示如何更改一些参数,使其适用于ADFS。

如果你查看文章左侧的树形结构,你会发现MSAL库在你的服务器2019上安装了ADFS也可以使用。

请注意,ADAL / MSAL仅用于Azure AD / Azure AD B2C / ADFS。

id_token是由OpenID Connect规定的,要获取它,你必须进行身份验证。

如果你想使用IDP,请查看identityserver4,但我不知道ADAL库是否与其兼容。

你为什么要使用ADAL?

英文:

The reason that you see the Azure AD parameters is because the project is for Azure AD.

The article shows you how to change some of the parameters so that it works on ADFS.

If you look at the tree structure on the left of the article, you'll see that the MSAL libraries also work if you have ADFS on Server 2019.

Note that ADAL / MSAL are only for Azure AD / Azure AD B2C / ADFS use.

The id_token is prescribed by OpenID Connect and to get it you have to authenticate.

If you want an IDP to use, look at identityserver4 but I don't know if the ADAL library with work against that.

Why do you want to use ADAL?

huangapple
  • 本文由 发表于 2020年1月6日 18:51:44
  • 转载请务必保留本文链接:https://go.coder-hub.com/59610776.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定