Microsoft Graph 401未经授权使用访问令牌
无法从Microsoft Graph API获取数据。Microsoft Graph 401未经授权使用访问令牌
private String getUserNamesFromGraph() throws Exception { String bearerToken = "Bearer "+getAccessToken();
String url = "https://graph.microsoft.com/v1.0/users";
String returnData = null;
try {
URL apiURL = new URL(url);
URLConnection con = apiURL.openConnection();
con.setRequestProperty("Authorization", bearerToken);
con.setRequestProperty("Content-Type", "application/json");
BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
returnData = response.toString();
System.out.println(returnData);
} catch(Exception e) {
System.out.println(e);
}
return returnData;
}
private String getAccessToken() throws Exception {
String url = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// header
con.setRequestMethod("POST");
con.setRequestProperty("User-Agent", "eTarget API");
con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
String urlParameters = "client_id=***
APPLICATION ID FROM APPLICATION REGISTRATION PORTAL ***&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&client_secret=***
APPLICATION SECRET FROM APPLICATION REGISTRATION PORTAL ***&grant_type=client_credentials";
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(urlParameters);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL : " + url);
System.out.println("Post parameters : " + urlParameters);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
//print result
String returnData = response.toString();
System.out.println(returnData);
Map jsonTokenData = new Gson().fromJson(returnData, Map.class);
String accessToken = (String)jsonTokenData.get("access_token");
//System.out.println(accessToken);
return accessToken;
}
- 该应用程序是registered
- 我有一个方法
getAccessToken()是成功返回令牌 - 方法
getUserNamesFromGraph()访问然而返回401未经授权而不是预期的数据。
我已经经历了无数次的文档,尝试不同的变化和端点,但无济于事。任何想法赞赏。
回答:
为了让您的应用程序读取用户,必须明确授予用户User.Read.Allapplication permission。此权限需要管理员同意。 Here is one link其中解释了如何授予该权限。您必须调用该交互式同意对话框来授予您的应用程序权限。否则,您仍然会收到权限不足错误。
Then here is the complete list of different Microsoft Graph permissions。在你的情况下 - 一个没有用户交互的守护进程应用程序,你必须查看应用程序权限而不是**委托权限*。
一旦您授予适当的权限,您将能够查询用户。你做不是必须改变你的令牌请求的范围。保持原样:https://graph.microsoft.com/.default
一旦完成所有这些更改,可以使用https://jwt.ms来检查您的访问令牌。在那里,您可以提取所有索赔,并检查您的受众和范围索赔,以进一步了解为什么从Microsoft Graph获得401。
以上是 Microsoft Graph 401未经授权使用访问令牌 的全部内容, 来源链接: utcz.com/qa/264175.html
