How to validate token in Azure AD with Python

问题

1. I have registered two apps following this Azure AD demo from step1 to step 4.
2. And I git cloned Azure AD demo and ran it successfully.
3. But I want to request my custom API, so I replace the resource,but i get something wrong. The resource URI appears like http://<talent-id>/TodoListDaemon.

Now, I have two questions:

1. How do I set up a true resource?
2. How extra work in my custom api

回答1:

To validate the token you can use PyJWT and cryptography to support the RS256 algorithm. For fetching external information through HTTP you can use requests.

Try:

pip install pyjwt cryptography requests

Then validate the token using the App ID.

import jwt

app_id = 'd31a4d20-6c4a-1a40-b74d-1a3d461bb3d8'
access_token = 'XXXX'
token_header = jwt.get_unverified_header(access_token)

A number of others have already asked about this on Stack Overflow and you can refer to their threads. How to verify JWT id_token produced by MS Azure AD?

来源：https://stackoverflow.com/questions/51964173/how-to-validate-token-in-azure-ad-with-python