问题
ADAL.js does not work in IE when acquiring token for remote endpoint. The sample "https://github.com/AzureADSamples/SinglePageApp-WebAPI-AngularJS-DotNet" suggests to uncomment line of code: "cacheLocation: 'localStorage', // enable this for IE, as sessionStorage does not work for localhost." But apparently it doesn't help. Running the application side by side in IE and Chrome. Chrome works just fine. IE logs this error to console:
Error :login_required Error description:AADSTS50058: User account identifier is not provided.
Again, this is only the case when ADAL is trying to acquire a token for a remote endpoint (some other WebAPI - which is registered and working fine). I created and issue https://github.com/AzureADSamples/SinglePageApp-WebAPI-AngularJS-DotNet/issues/3, but maybe someone can suggest some answers in the community. Hopefully, I am not missing something really obvious here.
All of this is done for localhost, though apps (client and webapi) are properly registered in Azure AD (chrome works fine)
Any help would be greatly appreciated, Thanks
Thanks,
回答1:
Adal.js uses iframes to get CORS API tokens for resources other than the SPA's own backend. Iframe request needs to access the browser's cookies to authenticate with AAD and get the access token. Cookies are not accessible when you run in localhost from IE. You need fully qualified domain name like http://test.azurewebsite.com to access cookies from iframe in IE. Sample explains the steps to deploy your app to Azure websites. You can follow those to test for IE. Chrome does not have this restriction.
来源:https://stackoverflow.com/questions/29040399/adal-js-does-not-work-in-ie-when-acquiring-token-for-remote-endpoint