Irw*_*win 5 sharepoint microsoft-graph
我正在尝试通过Microsoft Graph从sharepoint列表中获取项目列表.这是我用来获取应用程序令牌的方法:
public async Task<string> GetAppToken(string tenantId, string clientId, string clientSecret)
{
var host = "https://login.microsoftonline.com";
var tokenUri = $"/{tenantId}/oauth2/v2.0/token";
var contentType = "application/x-www-form-urlencoded";
var requestedResource = "https%3A%2F%2Fgraph.microsoft.com%2F.default";//&resource=https%3A%2F%2Fgraph.microsoft.com%2F.default
var request = $"grant_type=client_credentials&client_id={clientId}&client_secret={clientSecret}&scope={requestedResource}";
var resultContent = "fail";
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(host);
var content = new StringContent(request, Encoding.UTF8, contentType);
var result = await client.PostAsync(tokenUri, content);
resultContent = await result.Content.ReadAsStringAsync();
}
var json = JsonConvert.DeserializeObject<dynamic>(resultContent);
return json.access_token;
}
返回的访问令牌包含以下角色:
"Mail.ReadWrite",
"Device.ReadWrite.All",
"User.ReadWrite.All",
"Domain.ReadWrite.All",
"Calendars.Read",
"Group.Read.All",
"Directory.ReadWrite.All",
"MailboxSettings.Read",
"Contacts.ReadWrite",
"Group.ReadWrite.All",
"Notes.Read.All",
"User.Invite.All",
"Files.ReadWrite.All",
"Directory.Read.All",
"User.Read.All",
"Files.Read.All",
"Mail.Read",
"Calendars.ReadWrite",
"Mail.Send",
"MailboxSettings.ReadWrite",
"Contacts.Read",
"IdentityRiskEvent.Read.All",
"Member.Read.Hidden",
"Reports.Read.All",
"Notes.ReadWrite.All"
这是我用来发出请求的代码:
token = await GetAppToken();
var client = new HttpClient();
var queryString = new NameValueCollection();
client.DefaultRequestHeaders.Authorization
= new AuthenticationHeaderValue("Bearer", token);
var uri = $"https://graph.microsoft.com/beta";
var path = $"/sites/{siteId}/lists/{listId}/items";
var responseString = string.Empty;
try
{
var response = await client.GetAsync($"{uri}{path}");
if (response.Content != null)
{
responseString = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseString);
}
}
catch (Exception ex)
{
Console.Write(ex.ToString());
}
此网址用于生成响应:
> var path =
> "/sites/[sitecol-guid],[site-guid]/lists/[list-guid]/items";
但即使列表中有项目,值集合也是空的.这是实际的json结果:
{
"@odata.context":"graph.microsoft.com/beta/$metadata#sites(??'host, site-id')/lists('list-id')/items",
"value":[]
}
我也尝试了这种格式的列表请求:
var path = "https://graph.microsoft.com/beta/sharepoint:/{list-path}"
这产生了一个有效的json响应,详细说明了列表信息,但是当我在/ items段上添加时,我收到了这个错误:
"找不到该段'项目'的资源.",
我错过了什么?
这是我花了一段时间才从文档中弄清楚的。
首先,在Microsoft Graph Explorer上运行之前,不要以编程方式执行任何操作- 这只是浪费时间。
其次,测试版还没有为您的生产系统做好准备,因此虽然它运行良好,但不要依赖它,而是使用 REST API v1.0。
如果您知道站点和列表的 ID,则所有 URL 都将以以下之一开头:
https://graph.microsoft.com/v1.0/sites/{siteId}/lists/{listId}/
https://graph.microsoft.com/beta/sites/{siteId}/lists/{listId}/
注意:在下面的示例中,我给出了通用 URL,然后是对我有用的真实世界 URL - 这样您就可以看到格式是什么样的。
如果您不知道listId,假设我们正在查看根站点中的列表,我们可以通过在Microsoft Graph Explorer中使用此 URL并单击Run Query来获取它们:
https://graph.microsoft.com/v1.0/sites/{siteId}/lists
https://graph.microsoft.com/v1.0/sites/root/lists
如果要获取列表中的所有列,请将此 URL 粘贴到Microsoft Graph Explorer中,然后单击“运行查询”
https://graph.microsoft.com/v1.0/sites/{siteId}/lists/{listId}/columns
https://graph.microsoft.com/v1.0/sites/root/lists/ff34268a-d9ff-49c0-99a9-75c6b2eee62e/columns
这会返回类似于以下内容的内容:
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#sites('root')/lists('ff34268a-d9ff-49c0-99a9-75c6b2eee62e')/columns",
"value": [
{
"columnGroup": "Custom Columns",
"description": "",
"displayName": "Title",
"enforceUniqueValues": false,
"hidden": false,
"id": "fa564e0f-0c70-4ab9-b863-0177e6ddd247",
"indexed": false,
"name": "Title",
"readOnly": false,
"required": true,
"text": {
"allowMultipleLines": false,
"appendChangesToExistingText": false,
"linesForEditing": 0,
"maxLength": 255
}
},
...
]
}
要获取列表中内容的值,请使用以下命令:
https://graph.microsoft.com/v1.0/sites/{siteId}/lists/{listId}/items?expand=fields
https://graph.microsoft.com/v1.0/sites/root/lists/ff34268a-d9ff-49c0-99a9-75c6b2eee62e/items?expand=fields
请注意expand=fields实际添加列表中项目值的查询
这会返回类似于以下内容的内容:
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#sites('root')/lists('ff34268a-d9ff-49c0-99a9-75c6b2eee62e')/items",
"value": [
{
"@odata.etag": "\"6a84a626-dae9-40eb-9c6d-899c6a05ffa8,3\"",
"createdDateTime": "2017-01-03T11:11:42Z",
"eTag": "\"6a84a626-dae9-40eb-9c6d-899c6a05ffa8,3\"",
"id": "1",
"lastModifiedDateTime": "2017-01-10T18:24:58Z",
"webUrl": "https://myexample.sharepoint.com/Lists/Some%20Contacts/1_.000",
"createdBy": {
"user": {
...
}
},
"lastModifiedBy": {
"user": {
...
}
},
"parentReference": {},
"contentType": {
"id": "0x010062202D579C40994CA18FDBA6760B9545"
},
"fields@odata.context": "https://graph.microsoft.com/v1.0/$metadata#sites('root')/lists('ff34268a-d9ff-49c0-99a9-75c6b2eee62e')/items('1')/fields/$entity",
"fields": {
"@odata.etag": "\"6a84a626-dae9-40eb-9c6d-899c6a05ffa8,3\"",
"Title": "Dr",
"First_x0020_Name": "David",
"Surname": "Simpson",
"Location": "Nottingham",
"First_x0020_Created": "2017-01-03T08:00:00Z",
"Age@odata.type": "#Single",
"Age": 25,
"id": "1",
"ContentType": "Item",
"Modified": "2017-01-10T18:24:58Z",
"Created": "2017-01-03T11:11:42Z",
"AuthorLookupId": "11",
"EditorLookupId": "11",
"_UIVersionString": "1.0",
"Attachments": false,
"Edit": "",
"LinkTitleNoMenu": "Dr",
"LinkTitle": "Dr",
"ItemChildCount": "0",
"FolderChildCount": "0",
"_ComplianceFlags": "",
"_ComplianceTag": "",
"_ComplianceTagWrittenTime": "",
"_ComplianceTagUserId": ""
}
},
...
]
}
虽然我使用的是图表的 v1.0,但 beta 版的工作原理是一样的。
在我的实际应用程序中,我将其用作offline_access Sites.ReadWrite.AllOAuth 舞蹈的范围。前者允许令牌刷新;后者用于访问 Microsoft Graph 中的 SharePoint Online。
您的授权 URL 应如下所示:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
?client_id=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX
&response_type=code
&redirect_uri=https%3A%2F%example.ngrok.io%2Foauth2%2Fcallback
&response_mode=query
&scope=offline_access+openid+Sites.ReadWrite.All
&prompt=consent
旁白:确保您使用的是 Microsoft Graph API(位于https://graph.microsoft.com/)而不是 Azure AD Graph API(位于https://graph.windows.net/)。如果您在 OAuth 舞蹈中放置了错误的范围,就会发生不好的事情。
使用 Microsoft Graph API 的一个好处是,您不必费心事先在 Azure 门户中添加任何权限,因为您只需将权限添加到 OAuth 范围和重新身份验证中即可。这要容易得多。
| 归档时间: |
|
| 查看次数: |
686 次 |
| 最近记录: |