log*_*nit 5 java adal microsoft-graph-api
无法从 Microsoft Graph API 获取数据。
private String getUserNamesFromGraph() throws Exception {
String bearerToken = "Bearer "+getAccessToken();
String url = "https://graph.microsoft.com/v1.0/users";
String returnData = null;
try {
URL apiURL = new URL(url);
URLConnection con = apiURL.openConnection();
con.setRequestProperty("Authorization", bearerToken);
con.setRequestProperty("Content-Type", "application/json");
BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
returnData = response.toString();
System.out.println(returnData);
} catch(Exception e) {
System.out.println(e);
}
return returnData;
}
private String getAccessToken() throws Exception {
String url = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// header
con.setRequestMethod("POST");
con.setRequestProperty("User-Agent", "eTarget API");
con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
String urlParameters = "client_id=***
APPLICATION ID FROM APPLICATION REGISTRATION PORTAL ***&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&client_secret=***
APPLICATION SECRET FROM APPLICATION REGISTRATION PORTAL ***&grant_type=client_credentials";
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(urlParameters);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL : " + url);
System.out.println("Post parameters : " + urlParameters);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
//print result
String returnData = response.toString();
System.out.println(returnData);
Map jsonTokenData = new Gson().fromJson(returnData, Map.class);
String accessToken = (String)jsonTokenData.get("access_token");
//System.out.println(accessToken);
return accessToken;
}
getAccessToken()成功返回访问令牌的方法getUserNamesFromGraph()然而,该方法返回 401 Unauthorized 而不是预期的数据。我已经无数次浏览了文档,尝试了不同的变体和端点,但无济于事。任何想法表示赞赏。
为了让您的应用程序读取用户,它必须明确授予User.Read.All application permission. 此权限需要管理员同意。这是一个解释如何授予该权限的链接。您必须调用该交互式同意对话框来授予您的应用程序权限。否则,您仍会收到权限不足错误。
然后这里是不同 Microsoft Graph 权限的完整列表。在您的情况下 - 没有用户交互的守护程序应用程序,您必须查看应用程序权限而不是 **委派权限*。
授予适当的权限后,您将能够查询用户。你不会有改变的范围在你的令牌请求。保持原状: https://graph.microsoft.com/.default
完成所有这些更改后,您可以使用https://jwt.ms检查您的访问令牌。您可以在那里提取所有声明并检查您的受众和范围声明,以进一步了解您从 Microsoft Graph 获得 401 的原因。
| 归档时间: |
|
| 查看次数: |
10452 次 |
| 最近记录: |