Oauth 2.0 Microsoft Graph API身份验证错误格式
我正在使用oauth2/token对我的应用程序进行身份验证并获取访问令牌。下面是运行良好的java代码Oauth 2.0 Microsoft Graph API身份验证错误格式,oauth-2.0,office365,azure-active-directory,microsoft-graph-api,azure-ad-graph-api,Oauth 2.0,Office365,Azure Active Directory,Microsoft Graph Api,Azure Ad Graph Api,我正在使用oauth2/token对我的应用程序进行身份验证并获取访问令牌。下面是运行良好的java代码 private String getToken() throws Exception { String access_token = ""; String url = "https://login.windows.net/MyApplication_ID_here/oauth2/token"; HttpClient client = H
private String getToken() throws Exception {
String access_token = "";
String url = "https://login.windows.net/MyApplication_ID_here/oauth2/token";
HttpClient client = HttpClients.createDefault();
HttpPost post = new HttpPost(url);
post.setHeader("Content-Type", "application/x-www-form-urlencoded");
List<NameValuePair> urlParameters = new ArrayList<NameValuePair>();
urlParameters.add(new BasicNameValuePair("grant_type", "client_credentials"));
urlParameters.add(new BasicNameValuePair("client_id", "MyApplication_ID_here"));
urlParameters.add(new BasicNameValuePair("client_secret", "MyApplication_secret_here"));
urlParameters.add(new BasicNameValuePair("resource", "https://graph.microsoft.com"));
post.setEntity(new UrlEncodedFormEntity(urlParameters));
HttpResponse response = client.execute(post);
System.out.println("Sending 'POST' request to URL : " + url);
System.out.println("Post parameters : " + post.getEntity());
System.out.println("Response Code : " + response.getStatusLine().getStatusCode());
String responseAsString = EntityUtils.toString(response.getEntity());
System.out.println(responseAsString);
try {
access_token = responseAsString.split(",")[6].split("\"")[3]; // get the access_token from response
} catch (Exception e) {
e.printStackTrace();
return null;
}
return access_token;
}
private void getMemberOf()
{
HttpClient httpclient = HttpClients.createDefault();
try
{
URIBuilder builder = new URIBuilder("https://graph.windows.net/MyApplication_ID_here/users/test@testABC.onmicrosoft.com/memberOf?api-version=1.6");
URI uri = builder.build();
HttpGet request = new HttpGet(uri);
request.addHeader("Authorization", "Bearer " + access_token);
request.addHeader("Content-Type", "application/json");
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
System.out.println("Response Code : " + response.getStatusLine().getStatusCode());
if (entity != null) {
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
e.getMessage();
}
}
{"token_type":"Bearer","expires_in":"3599","ext_expires_in":"0","expires_on":"1493011626","not_before":"1493007726","resource":"https://graph.microsoft.com","access_token":"eyJ0e..."}
Response Code : 401
{"odata.error":{"code":"Authentication_MissingOrMalformed","message":{"lang":"en","value":"Access Token missing or malformed."},"date":"2017-04-24T04:39:38","requestId":"c5aa2abe-9b37-4611-8db1-107e3ec08c14","values":null}}
有人能告诉我上述要求的哪一部分是错误的吗?我没有正确设置访问令牌吗?根据您的代码,您的访问令牌用于资源“”(Microsoft Graph API),但访问令牌用于“”(AAD Graph API):
如果要调用Azure AD graph api,则需要获取Azure AD graph api的访问令牌。我在通过AD graph api对Azure AD B2C服务执行CRUD操作以进行用户管理时遇到此问题 其想法是获取资源“graph.windows.net”的访问令牌,而不是按照建议使用我的租户应用程序Id URI
*可能会帮助那些面临同样问题并来到这里的人谢谢!!!!更改urlParameters.add(新的BasicNameValuePair(“资源”)后);添加到urlParameters.add(新的BasicNameValuePair(“资源”);现在一切都好了
URIBuilder builder = new URIBuilder("https://graph.windows.net/MyApplication_ID_here/users/test@testABC.onmicrosoft.com/memberOf?api-version=1.6");