Azure APIM：如果令牌验证失败，不返回错误

您可以使用给定的策略来处理验证失败错误，其中我显式设置状态和自定义消息。

<policies>
    <inbound>
        <base />
        <set-variable name="isTokenValid" value="false" />
        <set-variable name="access_token" value="*******" />
        <choose>
            <when condition="@((string)context.Variables["access_token"] != null)">
                <validate-jwt token-value="@((string)context.Variables["access_token"])" failed-validation-httpcode="401" failed-validation-error-message="Access token is invalid" output-token-variable-name="jwt-token">
                    <openid-config url="https://login.microsoftonline.com/******/v2.0/.well-known/openid-configuration" />
                </validate-jwt>
                <set-variable name="isTokenValid" value="true" />
            </when>
            <otherwise>
                <set-variable name="isTokenValid" value="false" />
            </otherwise>
        </choose>
    </inbound>
    <backend>
        <base />
    </backend>
    <outbound>
        <base />
    </outbound>
    <on-error>
        <base />
        <choose>
            <when condition="@(context.Variables["isTokenValid"] == "true")">
            </when>
            <otherwise>
                <!-- Do something else if the token validation failed -->
                <return-response>
                    <set-status code="200" reason="Invalid Token" />
                    <set-body>Proceed further</set-body>
                </return-response>
            </otherwise>
        </choose>
    </on-error>
</policies>