堆栈内存溢出
  简体   繁体   English

如何在范围中包含 Microsoft 图形?

[英]How to include Microsoft graph in scopes?

 原文  2019-10-28 10:26:49       c#/ asp.net-core/ azure-active-directory/ microsoft-graph-api/ swagger-ui

问题描述

I am working on Azure AD and .net core application.我正在研究 Azure AD 和 .net 核心应用程序。 I have a swagger application which will do authentication and authorization.我有一个 swagger 应用程序,它将进行身份验证和授权。 Below is my swagger config.下面是我的 swagger 配置。

services.AddSwaggerGen(c =>
{
    c.SwaggerDoc("v1", new Info { Title = "My API", Version = "v1" });

    c.AddSecurityDefinition("oauth2", new OAuth2Scheme
    {
        Type = "oauth2",
        Flow = "implicit",
        AuthorizationUrl = swaggerUIOptions.AuthorizationUrl,
        TokenUrl = swaggerUIOptions.TokenUrl,
        Scopes = new Dictionary<string, string>
        { 
            { "Read", "https://graph.microsoft.com/user.read" }
        }
    });

    c.AddSecurityRequirement(new Dictionary<string, IEnumerable<string>>
    { 
        { "oauth2", new [] { "readAccess", "writeAccess" } }
    });
});

Below is my config in Configure.下面是我在配置中的配置。

app.UseSwaggerUI(c =>
{
    c.RoutePrefix = "swagger";
    c.OAuthClientId(swaggerUIOptions.ClientId);
    c.OAuthClientSecret(swaggerUIOptions.ClientSecret);
    c.OAuthRealm(azureActiveDirectoryOptions.ClientId);
    c.OAuthAppName("Swagger");
    c.SwaggerEndpoint("/swagger/v1/swagger.json", "My API V1");
});

Below are my AuthorizationUrl and TokenUrl下面是我的AuthorizationUrlTokenUrl

"AuthorizationUrl": "https://login.microsoftonline.com/tenantid/oauth2/v2.0/authorize",
"TokenUrl": "https://login.microsoftonline.com/tenantid/oauth2/v2.0/token"

Below is API permission set in azure ad.以下是 azure 广告中设置的 API 权限。 在此处输入图像描述

When I try to get token(I selected scope checkmark) in swagger I get below error.当我尝试在 swagger 中获取令牌(我选择了 scope 复选标记)时,出现以下错误。

The application swagger asked for Read that doesn't exist on the resource应用程序 swagger 要求读取资源上不存在

Also, I have one more app for back end APIs.此外,我还有一个用于后端 API 的应用程序。 When we try to get access token, can we the same token to call Graph APIs and backend APIs?当我们尝试获取访问令牌时,我们是否可以使用相同的令牌来调用 Graph API 和后端 API?

1 个解决方案

解决方案1
 0 已采纳  2019-10-29 01:19:57

The application swagger asked for Read that doesn't exist on the resource.应用程序 swagger 要求读取资源上不存在。

There is no Read permission under Microsoft Graph api. Microsoft Graph api 下没有Read权限。 You can use User.Read or https://graph.microsoft.com/User.Read您可以使用User.Readhttps://graph.microsoft.com/User.Read

Also, I have one more app for back end APIs.此外,我还有一个用于后端 API 的应用程序。 When we try to get access token, can we the same token to call Graph APIs and backend APIs?当我们尝试获取访问令牌时,我们是否可以使用相同的令牌来调用 Graph API 和后端 API?

You can use this token to call Graph APIs, but need to add the permissions for the api.您可以使用此令牌调用 Graph API,但需要添加 api 的权限。 You can not use the same token to call different apis under different resources.不同资源下不能使用同一个token调用不同的api。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 IdentityServer3 Microsoft Graph范围和流程 - IdentityServer3 Microsoft Graph scopes and flow Xamarin应用程序中的Microsoft Graph API范围 - Microsoft Graph API Scopes in a Xamarin application 无法更改 UWP 示例 Microsoft Graph 中的范围 - Unable to Change Scopes in UWP Sample Microsoft Graph 如何在具有多个范围和身份验证类型的 dotnet 核心应用程序中调用 Microsoft Graph - How to call Microsoft Graph in a dotnet core app with multiple scopes and auth types 在 Microsoft 图形查询 C# 中包含搜索 - Include search in Microsoft graph query C# 如何刷新 Microsoft Graph 的令牌 - How to refresh a token for Microsoft Graph 如何在 Microsoft Graph 中使用 DI - How to use DI with Microsoft Graph 如何使用Microsoft Graph Client添加扩展名? - How to add extensions using Microsoft Graph Client? 如何将 Microsoft Graph dateTimeTimeZone 转换为本地 DateTime? - How to convert Microsoft Graph dateTimeTimeZone to local DateTime? 如何使用Microsoft Graph创建通讯组? - How to create Distribution Group with Microsoft Graph?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM