Azure函数Python应用-启用标识模型事件源,ShowPII属性

drkbr07n  于 2023-03-09  发布在  Python
关注(0)|答案(1)|浏览(98)

我在Azure Functions中托管的Python API的AAD身份验证方面遇到了一些问题。
官方文档建议“启用PII以查看从消息中删除的值”,以便能够检查Issuer和ValidIssuer。然而,文档仅引用.NET扩展名。对learn.microsoft.com的搜索也仅显示.NET开发人员的命中。如何为我的Python API应用程序激活它?
错误代码/返回JSON我卡住了:

{
    "code": 401,
    "message": "IDX10205: Issuer validation failed. Issuer: '[PII of type 'System.String' is hidden. 
               For more details, see https://aka.ms/IdentityModel/PII.]'. 
               Did not match: validationParameters.ValidIssuer: 
               '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]' 
               or validationParameters.ValidIssuers: '[PII of type 'System.String' 
               is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. 
               For more details, see https://aka.ms/IdentityModel/issuer-validation. "
}

host.json文件:

{
  "version": "2.0",
  "extensions": {
    "http": {
      "routePrefix": ""
    }
  }
}

本地设置json文件:

{
  "IsEncrypted": false,
  "Values": {
    "AzureWebJobsStorage": "",
    "FUNCTIONS_WORKER_RUNTIME": "python"
  }
}

我的应用程序/函数. json文件:

{
  "scriptFile": "__init__.py",   # see below for contents
  "disabled": false,
  "bindings": [
    {
      "authLevel": "anonymous",
      "type": "httpTrigger",
      "direction": "in",
      "name": "req",
      "methods": [
        "get",
        "post"
      ],
      "route": "{*route}"
    },
    {
      "type": "http",
      "direction": "out",
      "name": "$return"
    }
  ]
}

我的应用程序/初始化.py文件:

from ..FastAPIApp import app  # see below for contents

nest_asyncio.apply()
logger = logging.getLogger()

@app.get("/status")
async def index() -> Dict:
    return {
        "info": "API is working normally.",
    }

FastAPIApp/初始化.py文件:

import fastapi

app = fastapi.FastAPI()
ilmyapht

ilmyapht1#

来自MS论坛的回答(复制粘贴):
IdentityModelEventSource.ShowPII属性是Azure SDK for .NET的一部分,对于Python,MSAL for Python也是如此。而且似乎无法启用它,因为此文档对PII数据的日志记录有以下说明:
MSAL for Python不记录个人数据或组织数据。没有属性来打开或关闭个人或组织数据记录。

相关问题