[英]Graph API for C#: 401 - Unauthorized: Access is denied due to invalid credentials. on /planner/plans
[英]Unauthorized: Access is denied due to invalid credentials . Microsoft Graph API for sharepoint
我正在使用以下代码:
string cSecret = "XXXXXXXXXXXX";
string cId = "XXXXXXXXXXXXXXX";
var scopes = new string[] { "https://graph.microsoft.com/.default" };
var confidentialClient = ConfidentialClientApplicationBuilder
.Create(cId)
.WithRedirectUri($"https://login.microsoftonline.com/XXXXX.onmicrosoft.com/v2.0")
.WithClientSecret(cSecret)
.Build();
string requestUrl;
GraphServiceClient graphClient =
new GraphServiceClient(new DelegateAuthenticationProvider(async (requestMessage) =>
{
var authResult = await confidentialClient
.AcquireTokenForClient(scopes)
.ExecuteAsync();
// Add the access token in the Authorization header of the API request.
requestMessage.Headers.Authorization =
new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", authResult.AccessToken);
}));
requestUrl = "https://graph.microsoft.com/beta/search/query";
var searchRequest = new
{
requests = new[]
{
new
{
entityTypes = new[] {"microsoft.graph.driveItem"},
query = new
{
query_string = new
{
query = "policy AND filetype:docx"
}
},
from = 0,
size = 25
}
}
};
//construct a request
var message = new HttpRequestMessage(HttpMethod.Post, requestUrl);
var jsonPayload = graphClient.HttpProvider.Serializer.SerializeObject(searchRequest);
message.Content = new StringContent(jsonPayload, Encoding.UTF8, "application/json");
await graphClient.AuthenticationProvider.AuthenticateRequestAsync(message);
var response = await graphClient.HttpProvider.SendAsync(message);
//process response
var content = await response.Content.ReadAsStringAsync();
var result = JObject.Parse(content);
var searchItems = result["value"].First["hitsContainers"].First["hits"].Select(item =>
{
var itemUrl = (string)item["_source"]["webUrl"];
return itemUrl;
});
当我运行此代码时,出现此异常:
未经授权:由于凭据无效,访问被拒绝。 您无权使用您提供的凭据查看此目录或页面。 我已设置应用权限https://graph.microsoft.com/Sites.Read.All 。
请帮忙。
查询 API 当前不支持应用程序身份验证。 请参阅搜索文档,您将需要根据您要搜索的内容列出的委派权限:
旁注,通常授权的格式为“ https://login.microsoftonline.com/XXXXX.onmicrosoft.com/v2.0 ”,而不是Redirect Uri 。 您可能需要更改 ConfidentialClientApplicationBuilder 以使用.WithAuthority() 。 然后,您可以使用.WithRedirectUri(...)使用应用程序注册中设置的值(如果您有一个,因为它们是可选的)。
请参阅示例中的代码片段:
var redirectUri = "https://localhost:8080";
var authority = $"https://login.microsoftonline.com/{config["tenantId"]}/v2.0";
List<string> scopes = new List<string>();
scopes.Add("https://graph.microsoft.com/.default");
var cca = ConfidentialClientApplicationBuilder.Create(clientId)
.WithAuthority(authority)
.WithRedirectUri(redirectUri)
.WithClientSecret(clientSecret)
.Build();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.