Microsoft Graph:仅允许“单页应用程序”进行跨域令牌兑换
Sir*_*iri 8 javascript azure cors microsoft-graph-api
我想在 Microsoft Graph 中的文档授权和登录 OneDrive之后兑换访问令牌的代码
这是我用于此步骤的 API
发布https://login.microsoftonline.com/common/oauth2/v2.0/token
我已经在 Postman 上测试了 API,它工作得很好。
在 Postman 上测试兑换代码
但是当我尝试使用 JavaScript 代码时,出现错误“仅允许‘单页应用程序’进行跨域令牌兑换”,
{
"error":"invalid_request",
"error_description":"AADSTS90023: Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type.\r\nTrace ID: 57ebcf82-278c-4375-a4db-b81ab567fc00\r\nCorrelation ID: 5a80b3fa-1e0d-4265-8fbe-5e22df198bee\r\nTimestamp: 2021-04-26 10:26:36Z",
"error_codes":[
90023
],
"timestamp":"2021-04-26 10:26:36Z",
"trace_id":"57ebcf82-278c-4375-a4db-b81ab567fc00",
"correlation_id":"5a80b3fa-1e0d-4265-8fbe-5e22df198bee"
}
因此,我尝试通过添加标头以允许来源来解决此问题,但它不起作用。以下是我的编码。我的网站托管在 firebase 上。
function RedeemToken(){
var myHeaders = new Headers();
myHeaders.append("Access-Control-Allow-Origin", "*");
myHeaders.append("Access-Control-Allow-Methods", "POST");
myHeaders.append("Access-Control-Allow-Headers", "Content-Type");
myHeaders.append("Access-Control-Max-Age", "3600");
myHeaders.append("Content-Type", "application/x-www-form-urlencoded");
var urlencoded = new URLSearchParams();
urlencoded.append("client_id", "XXXX");
urlencoded.append("redirect_uri", "https://XXXX.web.app/LinkToAuthen.html");
urlencoded.append("client_secret", "XXXX");
urlencoded.append("code", XXXX);
urlencoded.append("grant_type", "authorization_code");
var requestOptions = {
method: 'POST',
headers: myHeaders,
body: urlencoded,
redirect: 'follow'
};
fetch("https://login.microsoftonline.com/common/oauth2/v2.0/token", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
}
| 归档时间: |
|
| 查看次数: |
19688 次 |
| 最近记录: |