问题
I am trying to get AAD oauth 2.0 token by sending a post request but always getting the following error.(Please note using similar code in C# works perfectly and also using fiddler/postman)
Origin http://localhost:24310 not found in Access-Control-Allow-Origin header
function CallAAD()
{
var settings = {
"async": true,
"crossDomain": true,
"url": "https://login.microsoftonline.com/saurabhpersonalad.onmicrosoft.com/oauth2/token",
"method": "POST",
"headers": {
"content-type": "application/x-www-form-urlencoded",
"cache-control": "no-cache",
"Access-Control-Allow-Origin":"*"
},
"data": {
"grant_type": "client_credentials",
"client_id": "18cff243-e5f1-4e6e-9432-1790724eeb50",
"client_secret": "aUoWP9tNSDXblVvn/blmFkJtGyo8HM+YIb4JeIipdL8=",
"resource": "https://saurabhpersonalad.onmicrosoft.com/WebApplication6"
}
}
$.support.cors = true;
$.ajax(settings).done(function (response) {
debugger;
alert(response);
});
回答1:
client_credentials grant_type as that grant_type is for confidential clients who can keep the client secrets secure whereas jQuery is meant for browser based public clients. You might want to use your web app's backend to make calls to the web api with the client credentials.
However, to get AAD oauth 2.0 token on broswer clients, we suggest you to use azure-activedirectory-library-for-js which is a library in javascript for frontend to integrate AAD with a ease. You can refer to No 'Access-Control-Allow-Origin' header with Microsoft Online Auth for details.
来源:https://stackoverflow.com/questions/40976308/getting-azure-active-directory-token-javascript