ios - MSAL - 使用 Swift 4.2 在 iOS 中验证令牌时遇到问题
问题描述
我无法解决这个问题。请帮我。
我正在尝试实现这一点,但仍然无法成功。虽然我尝试了多种 Stack-Overflow 解决方案以及下面提到的网址......
https://docs.microsoft.com/en-us/intune/app-sdk-ios
https://github.com/AzureAD/microsoft-authentication-library-for-objc
https://github.com/AzureAD/microsoft-authentication-library-for-objc#installation
我遇到以下问题:
TID=2641259 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03] Default app's access group: "Masked(not-null)".
TID=2641259 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03] Using "Masked(not-null)" Team ID.
TID=2641259 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03] Init MSIDKeychainTokenCache with keychainGroup: Masked(not-null)
TID=2641259 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] -[MSALPublicClientApplication acquireTokenWithParameters:(
"User.Read"
)
extraScopesToConsent:(null)
account:Masked(null)
loginHint:Masked(null)
promptType:MSALPromptTypePromptIfNecessary
extraQueryParameters:(null)
authority:(null)
webviewType:MSALWebviewTypeDefault
customWebview:No
correlationId:(null)
capabilities:(null)
claimsRequest:(null)]
TID=2641259 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] Checking broker install state for version V2-broker
2020-07-17 10:38:03.586934+0530 XYZ MSAL_App[58046:2641259] -canOpenURL: failed for URL: "msauthv2://broker" - error: "The operation couldn’t be completed. (OSStatus error -10814.)"
TID=2641259 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03] Scheme msauthv2 for broker not present
TID=2641259 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] Beginning interactive flow.
TID=2641259 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] Resolving authority: Masked(not-null), upn: Masked(null)
TID=2641341 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] No cached preferred_network for authority
TID=2641341 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:03 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] Waiting on Authority Validation Queue
2020-07-17 10:38:04.082442+0530 XYZ MSAL_App[58046:2641334] TIC SSL Trust Error [1:0x600002076a00]: 3:0
2020-07-17 10:38:04.091317+0530 XYZ MSAL_App[58046:2641334] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9807)
2020-07-17 10:38:04.091652+0530 XYZ MSAL_App[58046:2641334] Task <D71F58E1-89B6-4C4D-AD1C-51F07303E19B>.<1> HTTP load failed (error code: -1202 [3:-9807])
2020-07-17 10:38:04.092249+0530 XYZ MSAL_App[58046:2641345] Task <D71F58E1-89B6-4C4D-AD1C-51F07303E19B>.<1> finished with error - code: -1202
TID=2641334 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:04 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] Resolved authority, validated: NO, error: -1202
TID=2641334 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:04 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] Interactive flow finished result (null), error: -1202 error domain: NSURLErrorDomain
TID=2641334 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:04 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] acquireToken returning with error: (NSURLErrorDomain, -1202) Masked(not-null)
TID=2641341 MSAL 1.0.0 iOS Sim 12.1 [2020-07-17 05:08:04 - C2508177-7B64-4BE9-9F95-98BE60F27A77] [MSAL] Returned from Authority Validation Queue
App error: Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “login.microsoftonline.com” which could put your confidential information at risk." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x600002775170>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSErrorFailingURLKey=https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize, NSErrorFailingURLStringKey=https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize, NSErrorPeerCertificateChainKey=(
"<cert(0x7f8f430ea000) s: stamp2.login.microsoftonline.com i: XYZ Primary Proxy SSL Interception Service>"
), NSErrorClientCertificateStateKey=0, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “login.microsoftonline.com” which could put your confidential information at risk., _kCFStreamErrorDomainKey=3, NSUnderlyingError=0x600001b03fc0 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9807, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x600002775170>, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9807, kCFStreamPropertySSLPeerCertificates=(
"<cert(0x7f8f430ea000) s: stamp2.login.microsoftonline.com i: XYZ Primary Proxy SSL Interception Service>"
)}}, _kCFStreamErrorCodeKey=-9807}
2020-07-17 10:40:03.652983+0530 XYZ MSAL_App[58046:2641344] Received XPC error Connection interrupted for message type 3 kCFNetworkAgentXPCMessageTypePACQuery
2020-07-17 10:40:03.653307+0530 XYZ MSAL_App[58046:2641344] Received XPC error Connection invalid for message type 3 kCFNetworkAgentXPCMessageTypePACQuery
除此之外,我试图信任 SSL pinning 证书......但它仍然给我同样的问题。
//MARK: - Trust SSL Pinning
extension MSALViewController: URLSessionDelegate {
func configureURLSession() {
self.defaultSession = URLSession(configuration: URLSessionConfiguration.default, delegate: self, delegateQueue: nil)
}
func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Swift.Void) {
if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust) {
if let trust = challenge.protectionSpace.serverTrust,
let pem = Bundle.main.path(forResource: microsoftonlineCert, ofType: "cer"),
let data = NSData(contentsOfFile: pem),
let cert = SecCertificateCreateWithData(nil, data) {
let certs = [cert]
SecTrustSetAnchorCertificates(trust, certs as CFArray)
completionHandler(URLSession.AuthChallengeDisposition.useCredential, URLCredential(trust: trust))
return
}
else{
print("In Else Condition!")
}
}
else{
print("In Else Condition!")
}
// Pinning failed
completionHandler(URLSession.AuthChallengeDisposition.cancelAuthenticationChallenge, nil)
}
}
我的系统配置:
- Mac OS : macOS High Sierra
- XCode Ver : Version 10.1 (10B61)
请帮我。
解决方案
推荐阅读
- rabbitmq - RabbitMq 忽略 Channel.basicQos()
- python - 使用 Python 从 MySQL 数据库中访问特定表
- python - 将一小时内的每个值分组为一个值,这是它的平均值
- sql - 检查当前年份的列中的默认值在不同的列中指定
- ios - 无法快速从 JSON 中正确提取数据
- php - 没有插件的自定义用户角色的自定义 Wordpress 仪表板
- javascript - 当我获得带有 chrome 扩展名的按钮的 DOM 时,如何进行“点击”?
- scala - 为什么 AdminClient 不抛出异常?
- c# - 在 C# 中实现对象列表的排序以及更改对象索引的方法
- javascript - 有没有办法让我的底图在谷歌地图 api v3 中变亮