我的所有身份验证设置都按预期工作,但由于某种原因,bicep 无法在网络应用程序上启用令牌库,我是否遗漏了什么?
我也尝试过没有 azureBlobStorage: {} 和 fileSystem: {} 仍然没有成功。 也通过 cli 尝试过,但不起作用。
az webapp auth update --resource-group AP-AZ-PROD-USE2-hapc29-RG --name apuse2hapc29proai01web --enable-token-store true
无法识别的参数:--enable-token-store true
resource WebApp_Auth 'Microsoft.Web/sites/config@2022-09-01' = {
name: 'authsettingsV2'
parent: WebApp
properties: {
globalValidation: {
requireAuthentication: true
unauthenticatedClientAction: 'RedirectToLoginPage'
redirectToProvider: 'azureactivedirectory'
}
httpSettings: {
forwardProxy: {
convention: 'Standard'
}
requireHttps: true
routes: {
apiPrefix: '/.auth'
}
}
identityProviders: {
azureActiveDirectory: {
enabled: true
login: {
disableWWWAuthenticate: false
}
registration: {
clientId: appregistrationid
clientSecretSettingName: 'AUTH_CLIENT_SECRET'
openIdIssuer: 'https://login.microsoftonline.com/xxxxxxx'
}
validation: {
allowedAudiences: []
defaultAuthorizationPolicy: {
allowedPrincipals: {}
}
jwtClaimChecks: {}
}
}
login: {
allowedExternalRedirectUrls: []
cookieExpiration: {
convention: 'FixedTime'
timeToExpiration: '08:00:00'
}
nonce: {
nonceExpirationInterval: '00:05:00'
validateNonce: true
}
preserveUrlFragmentsForLogins: false
routes: {}
tokenStore: {
azureBlobStorage: {}
enabled: true
fileSystem: {}
tokenRefreshExtensionHours: 72
}
}
}
}
}
根据微软的文档,正确使用的参数是
--token-store {false, true}
另外,请查看此 Microsoft.Web/sites/config 'authsettingsV2',它可以帮助仔细检查要使用的二头肌模板和值
tokenStore: {
azureBlobStorage: {
sasUrlSettingName: 'string'
}
enabled: bool
fileSystem: {
directory: 'string'
}
tokenRefreshExtensionHours: int