[英]Unable to access Microsoft Graph API after getting OAuth access_token
我正在使用adal.js通过Microsoft OAuth生成访问令牌,但是每当我尝试使用访问令牌来调用https://graph.microsoft.com/v1.0/me端点(或graph.windows)时,我都会使用它。净),我收到以下错误消息: Authentication_MissingOrMalformed:缺少访问令牌或格式错误。
关于如何解决此问题的任何想法? 这是我在JS中的配置:
<script src="https://secure.aadcdn.microsoftonline-p.com/lib/1.0.12/js/adal.min.js"></script>
<script>
var authContext = new AuthenticationContext({
instance: 'https://login.microsoft.com/',
tenant: 'xxxxxx-xxxxxxx-xxxxxx-xxxxxx', //COMMON OR YOUR TENANT ID
clientId: 'xxxxxx-xxxxxxx-xxxxxx-xxxxxx', //REPLACE WITH YOUR CLIENT ID
redirectUri: '/login.php', //REPLACE WITH YOUR REDIRECT URL
callback: getUser,
popUp: true,
cacheLocation: 'localStorage'
});
...
authContext.login();
// SET COOKIE
var newToken = authContext.getCachedToken('tenantid-xxxxxxx-xxxxxx-xxxxxx');
var now = new Date();
now.setTime(now.getTime() + 1 * 3600 * 1000);
document.cookie = "token="+newToken+"; expires=" + now.toUTCString() + "; path=/";
</script>
这就是我尝试在我的PHP脚本中提取/使用令牌的方式:
<?php
// Get the token
$token = $_COOKIE['token'];
// Set headers
$headers = array(
"Authorization: Bearer " . $token,
'Content-Type: application/json'
);
// Make request to Graph API
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://graph.windows.net/mywebsite.org/me?api-version=1.6");
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
$response = json_decode($response);
curl_close($ch);
echo "<pre>";
var_dump($response);
echo "</pre>";
?>
它所做的只是返回此错误: Authentication_MissingOrMalformed:访问令牌丢失或格式错误。
我怎样才能解决这个问题?? 没有指定正确的资源是否有问题?
若要成功调用Azure AD Graph REST,我们需要获取Azure AD Graph的令牌。
要检查令牌对于Azure AD图是否正确,可以打印令牌并从此处解析它。
令牌中的aud声明应为https://graph.windows.net 。 如果不匹配,则需要使用acquireToken来获取令牌,而不是从缓存中获取令牌。 并且resource参数应为https://graph.windows.net 。
从Azure获取令牌以访问Microsoft Graph后无法调用函数
[英]Unable to call function after getting token back from Azure to access Microsoft Graph
Twitter API调用仅使用javascript获取OAuth的access_token
[英]Twitter API call to get access_token of OAuth only with javascript
如何在纯客户端应用程序中从Google OAuth 2.0 API刷新access_token?
[英]How to refresh access_token from Google OAuth 2.0 API in a pure client-side application?
使用node.js处理Jawbone API OAuth access_token(快捷方式和通行证)
[英]Jawbone API OAuth access_token handling with node.js (express & passport)
Facebook Graph API的access_token构成什么安全威胁?
[英]What security threats does the access_token for Facebook Graph API pose?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.