admin管理员组

文章数量:1287556

I am writing an api gateway that reaches through Azure. So far I have been able to get a bearer token from msal-node, and then use that to retrieve a bearer token for the application but, now I am stuck with 2 bearer tokens if I include the microsoft token the application denies access and if I send the application token I cant get past microsoft auth.

I am trying to script this out and then abstract the different parts into their own services so this code is pretty rough.

async function getAuth(req, res) {
const config = {
    auth: {
        clientId: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
        authority: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
        clientSecret: 'xxxxxxxxxxxxxxxxxxxxxxxxx'
    }
};
var client = new ConfidentialClientApplication(config);
var request = {
    scopes: ['https://xxxxxxxxxxxxx/.default'],
};
let authResponse = await client.acquireTokenByClientCredential(request);
console.log(authResponse);
const myHeaders = new Headers();
myHeaders.append("Accept", "application/json");
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Bearer " + authResponse.accessToken);
const raw = JSON.stringify({
    "AppKey": "xxxxxxxxxxxxxxxxxxxxxx",
    "UserName": "xxxxxxxxxx",
    "Password": "xxxxxxxxxxxxxxxx"
});
const requestOptions = {
    method: "POST",
    headers: myHeaders,
    body: raw,
    redirect: "follow"
};
const response = await fetch("https://xxxxxxxxxxxxxx/api/security/token/v2", requestOptions);
const result = await response.text();
console.log(result);
const app_at = JSON.parse(result)

const myHeaders2 = new Headers();
myHeaders2.append("Accept", "application/json");
myHeaders2.append("Authorization", `Bearer ${authResponse.accessToken}`);
//myHeaders2.append("Authorization", "Bearer " + app_at.AccessToken);
//how to apply both headers? including the bearer from msal passes through AAD but gets denied by the app sending the app bearer gets denied access by AAD
const requestOptions2 = {
    method: "GET",
    headers: myHeaders2,
    redirect: "follow",
};
console.log(requestOptions2);
try {
  const response2 = await fetch("https://xxxxxxxxxxxxxxxx/uiserver0/api/v2/services", requestOptions2);
  console.log(response2);
  
  const result2 = await response2.text();
  res.end(result2);
} catch (error2) {
    console.error(error2);
};}

Am I missing something conceptually in this process?

本文标签: expressExpressJS msalnode handling multiple bearer tokensStack Overflow

版权声明:本文标题:express - ExpressJS msal-node handling multiple bearer tokens - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741241458a2364059.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。