Outlook Exchange Office 365:如何从访问令牌获取电子邮件地址?
[英]Outlook Exchange Office 365: How to get email address from access token?
问题描述
Currently, I am following this article https://dev.outlook.com/restapi/tutorial/dotnet . 
目前,我正在关注这篇文章https://dev.outlook.com/restapi/tutorial/dotnet 。 Everything works great expect I cannot retrieve the user's email address from acess-token. 一切都很好,期望我无法从访问令牌中检索用户的电子邮件地址。
private string GetEmailFromIdToken(string token) {
// JWT is made of three parts, separated by a '.'
// First part is the header
// Second part is the token
// Third part is the signature
string[] tokenParts = token.Split('.');
if (tokenParts.Length < 3) {
// Invalid token, return empty
}
// Token content is in the second part, in urlsafe base64
string encodedToken = tokenParts[1];
// Convert from urlsafe and add padding if needed
int leftovers = encodedToken.Length % 4;
if (leftovers == 2) {
encodedToken += "==";
} else if (leftovers == 3) {
encodedToken += "=";
}
encodedToken = encodedToken.Replace('-', '+').Replace('_', '/');
// Decode the string
var base64EncodedBytes = System.Convert.FromBase64String(encodedToken);
string decodedToken = System.Text.Encoding.UTF8.GetString(base64EncodedBytes);
// Load the decoded JSON into a dynamic object
dynamic jwt = Newtonsoft.Json.JsonConvert.DeserializeObject(decodedToken);
// User's email is in the preferred_username field
return jwt.preferred_username;
}
In some article people says to add "openid" 在一些文章中,人们说添加“openid”
private static string[] scopes = { "openid", "https://outlook.office.com/mail.read",
"https://outlook.office.com/calendars.read" };
in the scope. 在范围内。 However it still doesn't work. 但它仍然无效。 It doesn't even give a successful login, throws exception. 它甚至没有成功登录,抛出异常。 When I don't add the "openid", I get a successful login however preferred_username is empty. 当我不添加“openid”时,我获得了成功登录,但preferred_username为空。
2 个解决方案
解决方案1
2 已采纳 2016-05-17 06:47:02
That's a good catch! 这是一个很好的抓住!
You need to include the "profile" scope in order to read the preferred_username, 您需要包含“profile”范围才能读取preferred_username,
private static string[] scopes = { "profile",
"https://outlook.office.com/mail.read",
"https://outlook.office.com/calendars.read" };
Alternatively, try using the "contacts.read" scope 或者,尝试使用“contacts.read”范围
private static string[] scopes = { "https://outlook.office.com/contacts.read",
"https://outlook.office.com/mail.read",
"https://outlook.office.com/calendars.read" };
Find out more on the permission scopes in https://github.com/OfficeDev/microsoft-graph-docs/blob/master/content/authorization/permission_scopes.md 有关权限范围的更多信息, 请访问https://github.com/OfficeDev/microsoft-graph-docs/blob/master/content/authorization/permission_scopes.md
解决方案2
1 2016-05-17 13:19:22
I've seen some cases where the preferred_username claim isn't an SMTP address, so it's actually not the best way to get the user's email address. 我在某些情况下看到preferred_username声明不是SMTP地址,因此它实际上不是获取用户电子邮件地址的最佳方式。 I'd recommend instead of parsing the ID token, just make an API call to GET /Me , which should include an EmailAddress property. 我建议不要解析ID令牌,只需对GET /Me进行API调用,其中应包含EmailAddress属性。
I'm reworking the tutorial on dev.outlook.com to do this. 我正在重新编写dev.outlook.com上的教程来完成这项工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.