未经授权在调用Dynamics 365端点时
[英]Unauthorized on calling Dynamics 365 endpoint
问题描述
I am calling a Dynamics 365 endpoint to execute a query: 
我正在调用Dynamics 365端点来执行查询:
https://dev-xxx-ssp.api.crm6.dynamics.com/api/data/v9.1/accounts?$select=name
To do this, I am authenticating with this code: 为此,我使用以下代码进行身份验证:
ClientCredential clientCredential = new ClientCredential("9cd8fe45-xxxx-xxxx-xxxx-e43ef81c803f", "abcdefghij");
AuthenticationContext authenticationContext = new AuthenticationContext("https://login.microsoftonline.com/our-domain.onmicrosoft.com");
AuthenticationResult authenticationResult = authenticationContext.AcquireTokenAsync("https://dev-xxx-ssp.api.crm6.dynamics.com/", clientCredential).Result;
I then initialise the HttpClient: 然后,我初始化HttpClient:
HttpClient client = new HttpClient();
client.BaseAddress = new Uri("https://dev-xxx-ssp.api.crm6.dynamics.com/");
client.DefaultRequestHeaders.Add("OData-MaxVersion", "4.0");
client.DefaultRequestHeaders.Add("OData-Version", "4.0");
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authenticationResult.AccessToken);
I can see after doing this that the HttpClient has an authorisation token, such as: 在执行此操作后,我可以看到HttpClient具有授权令牌,例如:
{Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IndVTG1ZZnNxZFF1V3RWXy1oeFZ0REpKWk00USIsImtpZCI6IndVTG1ZZnNxZFF1V3RWXy1oeFZ0REpKWk00USJ9.eyJhdWQiOiJodHRwczovL2Rldi1hZWMtc3NwLmFwaS5jcm02LmR5bmFtaWNzLmNvbS8iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC80NjkyNTg2OC1kYTNlLTRkODUtYjI2Ny02ZDdhM2U5NDdhM2MvIiwiaWF0IjoxNTQ0MTQyMTA4LCJuYmYiOjE1NDQxNDIxMDgsImV4cCI6MTU0NDE0NjAwOCwiYWlvIjoiNDJSZ1lMZ3VJSDNxejRSL3IzcVphcUl2emp0MUNBQT0iLCJhcHBpZCI6IjljZDhmZTQ1LTY5ZjItNGMzNi05ZmVmLWU0M2VmODFjODAzZiIsImFwcGlkYWNyIjoiMSIsImlkcCI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0LzQ2OTI1ODY4LWRhM2UtNGQ4NS1iMjY3LTZkN2EzZTk0N2EzYy8iLCJvaWQiOiJmZWQzZjU3My01NTlkLTQ1ZjUtYjQxZC1kNzZlMzQ3NTFlZDAiLCJzdWIiOiJmZWQzZjU3My01NTlkLTQ1ZjUtYjQxZC1kNzZlMzQ3NTFlZDAiLCJ0aWQiOiI0NjkyNTg2OC1kYTNlLTRkODUtYjI2Ny02ZDdhM2U5NDdhM2MiLCJ1dGkiOiJuaEdRcGtaVGswQ0ZoaGRrUUJRSkFBIiwidmVyIjoiMS4wIn0.AN8CcEBluMJPBtpbqv4Q6V3dO75Y8whoBRw_Nk6u4RhbWAz1BRIIeIBNGBNneJ0Zlnfh-7_W_TH_jAiQNIJxmGhQLOTFKYxXvvq3ksS-efqdGZlwY0dU7LGM-nxDxVZhfnW18F2yBE0skRLMmB27RyCHbIkU6S5HKTfq8LEIvCaUILh00wSItTXFX1ew14T3_6yZ81x_A-d1cc_oPPbRssIlXmD8ybYVfCjc_v57TuyR1pLf2HnlK04w2ioB0KJ545BCD6nJyuC0iL_2YKdGuHxHIrbRZShu-SGihXmugRgBYl3kF-zCDiWlxAIz9F2WyMWylM1qfDnIUZrgDowxbQ}
I then execute a query: 然后执行查询:
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, "https://dev-xxx-ssp.api.crm6.dynamics.com/api/data/v9.1/accounts?$select=name");
request.Headers.Add("Prefer", "odata.maxpagesize=10");
request.Headers.Add("Prefer", "odata.include-annotations=OData.Community.Display.V1.FormattedValue");
HttpResponseMessage response = this.Client.SendAsync(request).Result;
if (response.StatusCode == HttpStatusCode.OK)
{
// ...
} else {
throw new Exception(String.Concat("Dynamics query returned unexpected status: ", response.StatusCode.ToString())
}
I get an Unauthorised StatusCode at this point, which I trap in my if branch and throw as an exception. 此时,我得到了未经授权的StatusCode,我将其困在if分支中并作为异常抛出。
Any idea on how to fix this? 关于如何解决此问题的任何想法?
1 个解决方案
解决方案1
0 2018-12-08 20:23:24
Probably logged in with the wrong user who doesn't have the access right. 可能以没有访问权限的错误用户身份登录。 User info can be acquired and checked like this: 可以这样获取和检查用户信息:
UserInfo user = authenticationResult.UserInfo;
Adding PromptBehavior.Always enum as a parameter to AcquireToken() method forces the sign-in dialog to prompt even if a token exists in the cache. 将PromptBehavior.Always枚举添加为AcquireToken()方法的参数将强制登录对话框进行提示,即使缓存中存在令牌也是如此。 So you can try other identities. 因此,您可以尝试其他身份。
AuthenticationResult authenticationResult
= authenticationContext.AcquireToken(resource, applicationId, new Uri(redirectUrl), PromptBehavior.Always);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.