Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

huangapple go评论80阅读模式
英文:

Azure Key Vault error message "AKV10000: Request is missing a Bearer or PoP token."

问题

我在Azure上有一个密钥保管库,并为应用程序注册添加了访问策略,具有秘密权限(获取、列出、设置、删除、恢复、备份、还原)。
我编写了Java代码:

String keyVaultUri = "https://myKeyVault.azure.net";

ClientSecretCredential paramClientSecretCredential = new ClientSecretCredentialBuilder()
        .clientId("MyApplicationId")
        .clientSecret("MyApplicationSecretKey")
        .tenantId("MyTenantId")
        .build();

SecretClient secretClient = new SecretClientBuilder()
    .vaultUrl(keyVaultUri)
    .credential(paramClientSecretCredential)
    .httpLogOptions(new HttpLogOptions().setLogLevel(HttpLogDetailLevel.BODY_AND_HEADERS))
    .buildClient();

KeyVaultSecret storedSecret = secretClient.getSecret("mySecret");

System.out.println("Secret value: " + storedSecret.getValue());

我使用以下Maven依赖项:

  1. azure-security-keyvault-secretss(版本4.6.2)
  2. azure-core(版本1.39.0)
  3. azure-identity(版本1.9.0-beta.1)

在我启动代码后,我收到了以下错误消息:状态码401,“{"error":{"code":"Unauthorized","message":"AKV10000: Request is missing a Bearer or PoP token."}}”

您有关于如何修复这个问题的建议吗?

英文:

I have Key Vault on Azure and I added Access policies for App registrations with Secret permissions (Get, List, Set, Delete, Recover, Backup, Restore)
I wrote Java code:

    String keyVaultUri = "https://myKeyVault.azure.net";

    ClientSecretCredential paramClientSecretCredential = new ClientSecretCredentialBuilder()
            .clientId("MyApplicationId")
            .clientSecret("MyApplicationSecretKey")
            .tenantId("MyTenantId")
            .build();

     SecretClient secretClient = new SecretClientBuilder()
        .vaultUrl(keyVaultUri)
        .credential(paramClientSecretCredential)
        .httpLogOptions(new HttpLogOptions().setLogLevel(HttpLogDetailLevel.BODY_AND_HEADERS))
        .buildClient();

     KeyVaultSecret storedSecret = secretClient.getSecret("mySecret");

     System.out.println("Secret value: "+storedSecret.getValue());

I'm using these Maven dependencies:

  1. azure-security-keyvault-secretss (version 4.6.2)
  2. azure-core (version 1.39.0)
  3. azure-identity (version 1.9.0-beta.1)

After I started my code I got this error message Status code 401, "{"error":{"code":"Unauthorized","message":"AKV10000: Request is missing a Bearer or PoP token."}}"

Do you have any suggestions on how to fix this?

答案1

得分: 0

我对您的代码进行了一些更改,成功获取了我的密钥保管库的密钥

代码:

import com.azure.identity.ClientSecretCredential;
import com.azure.identity.ClientSecretCredentialBuilder;
import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.SecretClientBuilder;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;

public class KeyVaultKam {
    public static void main(String[] args) {
        String keyVaultUri = "https://<keyvault-name>.vault.azure.net/";
        String secretName = "<secrete-name>";

        ClientSecretCredential credential = new ClientSecretCredentialBuilder()
                .clientId("<client-ID>")
                .clientSecret("<client-secrete>")
                .tenantId("<tenant-ID>")
                .build();

        SecretClient secretClient = new SecretClientBuilder()
                .vaultUrl(keyVaultUri)
                .credential(credential)
                .buildClient();

        try {
            KeyVaultSecret secret = secretClient.getSecret(secretName);
            System.out.println("Secret value: " + secret.getValue());
        } catch (Exception e) {
            System.out.println("Error retrieving secret: " + e.getMessage());
        }
    }
}

pom.xml:

我向pom.xml文件添加了以下依赖项

<dependencies>
    <dependency>
        <groupId>com.azure</groupId>
        <artifactId>azure-security-keyvault-secrets</artifactId>
        <version>4.6.2</version>
    </dependency>

    <dependency>
        <groupId>com.azure</groupId>
        <artifactId>azure-core</artifactId>
        <version>1.39.0</version>
    </dependency>

    <dependency>
        <groupId>com.azure</groupId>
        <artifactId>azure-identity</artifactId>
        <version>1.4.0</version>
    </dependency>
</dependencies>

我为客户端应用程序创建了如下的访问策略

Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

输出:

成功运行并且获取了我的密钥输出如下,

Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

英文:

I made some changes with your code and I got the secrete of my key vault at output.

Code:

import com.azure.identity.ClientSecretCredential;
import com.azure.identity.ClientSecretCredentialBuilder;
import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.SecretClientBuilder;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;

public class KeyVaultKam {
    public static void main(String[] args) {
        String keyVaultUri = &quot;https://&lt;keyvault-name&gt;.vault.azure.net/&quot;;
        String secretName = &quot;&lt;secrete-name&gt;&quot;;

        ClientSecretCredential credential = new ClientSecretCredentialBuilder()
                .clientId(&quot;&lt;client-ID&gt;&quot;)
                .clientSecret(&quot;&lt;client-secrete&gt;&quot;)
                .tenantId(&quot;&lt;tenant-ID&gt;&quot;)
                .build();

        SecretClient secretClient = new SecretClientBuilder()
                .vaultUrl(keyVaultUri)
                .credential(credential)
                .buildClient();

        try {
            KeyVaultSecret secret = secretClient.getSecret(secretName);
            System.out.println(&quot;Secret value: &quot; + secret.getValue());
        } catch (Exception e) {
            System.out.println(&quot;Error retrieving secret: &quot; + e.getMessage());
        }
    }
}

pom.xml:

I added below dependencies to the pom.xml file,

&lt;dependencies&gt;
     
        &lt;dependency&gt;
            &lt;groupId&gt;com.azure&lt;/groupId&gt;
            &lt;artifactId&gt;azure-security-keyvault-secrets&lt;/artifactId&gt;
            &lt;version&gt;4.6.2&lt;/version&gt;
        &lt;/dependency&gt;
        
        &lt;dependency&gt;
            &lt;groupId&gt;com.azure&lt;/groupId&gt;
            &lt;artifactId&gt;azure-core&lt;/artifactId&gt;
            &lt;version&gt;1.39.0&lt;/version&gt;
        &lt;/dependency&gt;
        
        &lt;dependency&gt;
            &lt;groupId&gt;com.azure&lt;/groupId&gt;
            &lt;artifactId&gt;azure-identity&lt;/artifactId&gt;
            &lt;version&gt;1.4.0&lt;/version&gt;
        &lt;/dependency&gt;
        
&lt;/dependencies&gt;

I created access policy for the client application as below,

Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

Output:

It runs successfully and got the output of my secrete as below,

Azure Key Vault错误消息 “AKV10000: 请求缺少Bearer或PoP令牌。”

huangapple
  • 本文由 发表于 2023年6月13日 18:29:10
  • 转载请务必保留本文链接:https://go.coder-hub.com/76463957.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定