2023年6月13日 18:29:10go评论108阅读模式

英文:

Azure Key Vault error message "AKV10000: Request is missing a Bearer or PoP token."

问题

我在Azure上有一个密钥保管库，并为应用程序注册添加了访问策略，具有秘密权限（获取、列出、设置、删除、恢复、备份、还原）。
我编写了Java代码：

String keyVaultUri = "https://myKeyVault.azure.net";
ClientSecretCredential paramClientSecretCredential = new ClientSecretCredentialBuilder()
        .clientId("MyApplicationId")
        .clientSecret("MyApplicationSecretKey")
        .tenantId("MyTenantId")
        .build();
SecretClient secretClient = new SecretClientBuilder()
    .vaultUrl(keyVaultUri)
    .credential(paramClientSecretCredential)
    .httpLogOptions(new HttpLogOptions().setLogLevel(HttpLogDetailLevel.BODY_AND_HEADERS))
    .buildClient();
KeyVaultSecret storedSecret = secretClient.getSecret("mySecret");
System.out.println("Secret value: " + storedSecret.getValue());

我使用以下Maven依赖项：

azure-security-keyvault-secretss（版本4.6.2）
azure-core（版本1.39.0）
azure-identity（版本1.9.0-beta.1）

在我启动代码后，我收到了以下错误消息：状态码401，“{"error":{"code":"Unauthorized","message":"AKV10000: Request is missing a Bearer or PoP token."}}”

您有关于如何修复这个问题的建议吗？

英文:

I have Key Vault on Azure and I added Access policies for App registrations with Secret permissions (Get, List, Set, Delete, Recover, Backup, Restore)
I wrote Java code:

    String keyVaultUri = &quot;https://myKeyVault.azure.net&quot;;
    ClientSecretCredential paramClientSecretCredential = new ClientSecretCredentialBuilder()
            .clientId(&quot;MyApplicationId&quot;)
            .clientSecret(&quot;MyApplicationSecretKey&quot;)
            .tenantId(&quot;MyTenantId&quot;)
            .build();
     SecretClient secretClient = new SecretClientBuilder()
        .vaultUrl(keyVaultUri)
        .credential(paramClientSecretCredential)
        .httpLogOptions(new HttpLogOptions().setLogLevel(HttpLogDetailLevel.BODY_AND_HEADERS))
        .buildClient();
     KeyVaultSecret storedSecret = secretClient.getSecret(&quot;mySecret&quot;);
     System.out.println(&quot;Secret value: &quot;+storedSecret.getValue());

I'm using these Maven dependencies:

azure-security-keyvault-secretss (version 4.6.2)
azure-core (version 1.39.0)
azure-identity (version 1.9.0-beta.1)

After I started my code I got this error message Status code 401, "{"error":{"code":"Unauthorized","message":"AKV10000: Request is missing a Bearer or PoP token."}}"

Do you have any suggestions on how to fix this?

答案1

得分: 0

我对您的代码进行了一些更改，成功获取了我的密钥保管库的密钥。

代码:

import com.azure.identity.ClientSecretCredential;
import com.azure.identity.ClientSecretCredentialBuilder;
import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.SecretClientBuilder;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
public class KeyVaultKam {
    public static void main(String[] args) {
        String keyVaultUri = "https://<keyvault-name>.vault.azure.net/";
        String secretName = "<secrete-name>";
        ClientSecretCredential credential = new ClientSecretCredentialBuilder()
                .clientId("<client-ID>")
                .clientSecret("<client-secrete>")
                .tenantId("<tenant-ID>")
                .build();
        SecretClient secretClient = new SecretClientBuilder()
                .vaultUrl(keyVaultUri)
                .credential(credential)
                .buildClient();
        try {
            KeyVaultSecret secret = secretClient.getSecret(secretName);
            System.out.println("Secret value: " + secret.getValue());
        } catch (Exception e) {
            System.out.println("Error retrieving secret: " + e.getMessage());
        }
    }
}

pom.xml:

我向pom.xml文件添加了以下依赖项：

<dependencies>
    <dependency>
        <groupId>com.azure</groupId>
        <artifactId>azure-security-keyvault-secrets</artifactId>
        <version>4.6.2</version>
    </dependency>
    <dependency>
        <groupId>com.azure</groupId>
        <artifactId>azure-core</artifactId>
        <version>1.39.0</version>
    </dependency>
    <dependency>
        <groupId>com.azure</groupId>
        <artifactId>azure-identity</artifactId>
        <version>1.4.0</version>
    </dependency>
</dependencies>

我为客户端应用程序创建了如下的访问策略，

Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

输出:

它成功运行并且获取了我的密钥输出如下，

Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

英文:

I made some changes with your code and I got the secrete of my key vault at output.

Code:

import com.azure.identity.ClientSecretCredential;
import com.azure.identity.ClientSecretCredentialBuilder;
import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.SecretClientBuilder;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
public class KeyVaultKam {
    public static void main(String[] args) {
        String keyVaultUri = &quot;https://&lt;keyvault-name&gt;.vault.azure.net/&quot;;
        String secretName = &quot;&lt;secrete-name&gt;&quot;;
        ClientSecretCredential credential = new ClientSecretCredentialBuilder()
                .clientId(&quot;&lt;client-ID&gt;&quot;)
                .clientSecret(&quot;&lt;client-secrete&gt;&quot;)
                .tenantId(&quot;&lt;tenant-ID&gt;&quot;)
                .build();
        SecretClient secretClient = new SecretClientBuilder()
                .vaultUrl(keyVaultUri)
                .credential(credential)
                .buildClient();
        try {
            KeyVaultSecret secret = secretClient.getSecret(secretName);
            System.out.println(&quot;Secret value: &quot; + secret.getValue());
        } catch (Exception e) {
            System.out.println(&quot;Error retrieving secret: &quot; + e.getMessage());
        }
    }
}

pom.xml:

I added below dependencies to the pom.xml file,

&lt;dependencies&gt;
     
        &lt;dependency&gt;
            &lt;groupId&gt;com.azure&lt;/groupId&gt;
            &lt;artifactId&gt;azure-security-keyvault-secrets&lt;/artifactId&gt;
            &lt;version&gt;4.6.2&lt;/version&gt;
        &lt;/dependency&gt;
        
        &lt;dependency&gt;
            &lt;groupId&gt;com.azure&lt;/groupId&gt;
            &lt;artifactId&gt;azure-core&lt;/artifactId&gt;
            &lt;version&gt;1.39.0&lt;/version&gt;
        &lt;/dependency&gt;
        
        &lt;dependency&gt;
            &lt;groupId&gt;com.azure&lt;/groupId&gt;
            &lt;artifactId&gt;azure-identity&lt;/artifactId&gt;
            &lt;version&gt;1.4.0&lt;/version&gt;
        &lt;/dependency&gt;
        
&lt;/dependencies&gt;

I created access policy for the client application as below,

Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

Output:

It runs successfully and got the output of my secrete as below,

Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

问题

答案1

如何使用端点将一个事物的列表列表分配给另一个事物的列表。

失败的配置：@BeforeMethod setUp：java.lang.NullPointerException

两个具有“拥有关系”的Java实体可以使用同一个表吗？

用OpenGL ES在安卓上绘制矩形不起作用。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

发表评论