How to set the clientId and redirectUri in AD RMS system?

[iuliu8899]

I noticed that in release 1.6, this demo support adrms system. So I plan to use it in our company with our adrms service.

But the clientId and redirectUri confused me. For this console app, how to set clientId and redirectUri in the app.config file?

My environment: Our adrms system is configured with ADRMS MDE and ADFS and is working perfectly fine with Mac Office Word, Excel...

I tested to write random clientId and redirectUri, and run AddAdfsClient powershell command to add client settings as my config. When I run this demo in my environment, however, after I enter an user email, it throws Exception:

Microsoft.InformationProtection.Exceptions.NoAuthTokenException: Client application failed to provide authentication token for HTTP request. Failed with: System.AggregateException: 发生一个或多个错误。 --->

Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: The browser based authentication dialog failed to complete. Reason: The server or proxy was not found.

And I find in the mip_data\mip\logs\mip_sdk.miplog, it says:

Info 2020-12-28 20:47:56.958 auth_info_store.cpp:76 mipsdk-dotnet-protection-quickstart (3108) "Failed to find OAuth2 challenge in cache. Domain: rmsservice.contoso.com IssuerId: ''" mipns::AuthInfoStore::FindChallenge 4940

Info 2020-12-28 20:47:56.958 auth_request_transformer.cpp:48 mipsdk-dotnet-protection-quickstart (3108) "Failed to get auth token from cached auth header. Failed with: [InternalError: 'Cannot parse empty auth header or request URL']" mipns::AuthRequestTransformer::TransformRequestPriorToInitialSend 4940

Info 2020-12-28 20:47:56.958 http_director_impl.cpp:118 mipsdk-dotnet-protection-quickstart (3108) "Sending HTTP request: ID: 09075b65-de98-4e23-bd9b-036982baf53d;15b13130-9c32-4d79-a5d1-0dd0c4516469, Type: GET, Url: https://rmsservice.contoso.com/my/v1/templates, Body Size: 0, Headers['Accept'] = 'application/json', Headers['Content-Type'] = 'application/json', Headers['Accept-Language'] = '', Headers['x-ms-rms-platform-id'] = 'AppName=apptest;AppVersion=1.0;DevicePlatform=WindowsStore;SDKVersion=4.3;UniqueId=96731E97-2204-4D74-BEA5-75DCA53566C2;OsName=win;OsVersion=6-2-9200;MipVersion=1.6.103;'" mipns::HttpDirectorImpl::DoSendHttp 4940

Trace 2020-12-28 20:47:56.958 http_client_base.cpp:81 mipsdk-dotnet-protection-quickstart (3108) "Adding HTTP operation '09075b65-de98-4e23-bd9b-036982baf53d;15b13130-9c32-4d79-a5d1-0dd0c4516469'" mipns::HttpClientBase::AddOperation 4940

Trace 2020-12-28 20:47:57.896 oneds_impl.cpp:177 mipsdk-dotnet-protection-quickstart (3108) "Executing OneDS task 'OneDS_Task-1'" mipns::DoTaskDispatcherQueue::::operator () 8568

Trace 2020-12-28 20:47:57.896 default_task_dispatcher_delegate.cpp:23 mipsdk-dotnet-protection-quickstart (3108) "Dispatching task 'OneDS_Task-2' to event loop" mipns::DefaultTaskDispatcherDelegate::DispatchTask 8568

Trace 2020-12-28 20:47:57.896 oneds_impl.cpp:177 mipsdk-dotnet-protection-quickstart (3108) "Executing OneDS task 'OneDS_Task-2'" mipns::DoTaskDispatcherQueue::::operator () 820

Trace 2020-12-28 20:47:57.896 http_client_base.cpp:81 mipsdk-dotnet-protection-quickstart (3108) "Adding HTTP operation 'OneDS_HTTP-0'" mipns::HttpClientBase::AddOperation 820

Trace 2020-12-28 20:48:08.740 http_client_base.cpp:93 mipsdk-dotnet-protection-quickstart (3108) "Removing HTTP operation '09075b65-de98-4e23-bd9b-036982baf53d;15b13130-9c32-4d79-a5d1-0dd0c4516469'" mipns::HttpClientBase::RemoveOperation 9192

Info 2020-12-28 20:48:08.740 http_client_base.cpp:45 mipsdk-dotnet-protection-quickstart (3108) "HTTP response time (seconds): 11.7802 ID: 09075b65-de98-4e23-bd9b-036982baf53d;15b13130-9c32-4d79-a5d1-0dd0c4516469" mipns::HttpClientBase::SendAsync::::operator () 9192

and finally my/v1/templates returns 401 unauthorized.

I guess that's because the redirectUri isn't pointed to this quickstart demo thus it didn't bring the adfs token back. But how to set the redirectUri?

It confused me few weeks. Really appreciate for any help.

Thanks in advance.

[catmanjan]

I rolled back to 1.6 and I get the same issue, can't get the latest version to work with ADRMS either