堆棧內存溢出
  簡體   English   中英

EWS GetUserPhoto 委托給 App-Only 身份驗證

[英]EWS GetUserPhoto Delegated to App-Only Authentication

 原文  2021-02-18 05:58:02       c#/ oauth-2.0/ azure-active-directory/ office365/ exchangewebservices

問題描述

我目前正在使用委托身份驗證來獲取用戶照片,如下所示:

var pcaOptions = new PublicClientApplicationOptions
{
    ClientId = "ClientID",
    TenantId = "TenantId"
};

var pca = PublicClientApplicationBuilder.CreateWithApplicationOptions(pcaOptions).Build();
var ewsScopes = new string[] { "https://outlook.office365.com/EWS.AccessAsUser.All" };
var authResult = await pca.AcquireTokenInteractive(ewsScopes).ExecuteAsync();

string email = "SomeEmail@email.com";
HttpWebRequest request = WebRequest.Create(string.Format("https://outlook.office365.com/EWS/Exchange.asmx/s/GetUserPhoto?email={0}&size=HR648x648", email)) as HttpWebRequest;
request.Headers.Add("Authorization", "Bearer " + authResult.AccessToken);

using (HttpWebResponse response = request.GetResponse() as HttpWebResponse){
    Stream stream = response.GetResponseStream();
    using (MemoryStream ms = new MemoryStream())
    {
        string encodedPhoto = Convert.ToBase64String((ms.ToArray()));
    }
}

我正在嘗試更改為使用 App-Only Authentication。 我設法獲得了訪問令牌,但似乎不能以與委托身份驗證相同的方式完成。

以下是我為切換到使用 App-Only 身份驗證所做的操作。

var cca = ConfidentialClientApplicationBuilder
                .Create("ClientID")
                .WithClientSecret("ClientSecret")
                .WithTenantId("TenantID")
                .Build();

var ewsScopes = new string[] { "https://outlook.office365.com/.default" };
var authResult = await cca.AcquireTokenForClient(ewsScopes).ExecuteAsync();

string email = "SomeEmail@email.com";
HttpWebRequest request = WebRequest.Create(string.Format("https://outlook.office365.com/EWS/Exchange.asmx/s/GetUserPhoto?email={0}&size=HR648x648", email)) as HttpWebRequest;
request.Headers.Add("Authorization", "Bearer " + authResult.AccessToken);

using (HttpWebResponse response = request.GetResponse() as HttpWebResponse){
//Error: The remote server returned an error: (400) Bad Request.
    Stream stream = response.GetResponseStream();
    using (MemoryStream ms = new MemoryStream())
    {
        string encodedPhoto = Convert.ToBase64String((ms.ToArray()));
    }
}

錯誤:遠程服務器返回錯誤:(400)錯誤請求。

編輯:更新為使用 SOAP 操作如下,但我收到此錯誤:“遠程服務器返回錯誤:(500)內部服務器錯誤。”

有什么我可能錯過的嗎?

var cca = ConfidentialClientApplicationBuilder
                .Create("ClientID")
                .WithClientSecret("ClientSecret")
                .WithTenantId("TenantID")
                .Build();

var ewsScopes = new string[] { "https://outlook.office365.com/.default" };
var authResult = await cca.AcquireTokenForClient(ewsScopes).ExecuteAsync();

HttpWebRequest request = WebRequest.Create("https://outlook.office365.com/EWS/Exchange.asmx") as HttpWebRequest;
request.Headers.Add("Authorization", "Bearer " + authResult.AccessToken);
request.Method = "POST";

XmlDocument SOAPReqBody = new XmlDocument();

SOAPReqBody.LoadXml(@"<?xml version=""1.0"" encoding=""utf-8"" ?>
                    <soap:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:soap=""http://schemas.xmlsoap.org/soap/envelope/"" xmlns:t=""https://schemas.microsoft.com/exchange/services/2006/types"" xmlns:m=""https://schemas.microsoft.com/exchange/services/2006/messages"">
                        <soap:Header>
                        <t:RequestServerVersion Version=""Exchange2013""/>
                        <t:ExchangeImpersonation>
                            <t:ConnectingSID>
                            <t:PrimarySmtpAddress>impersonatedUser@mail.com</t:PrimarySmtpAddress>
                            </t:ConnectingSID>
                        </t:ExchangeImpersonation>
                        </soap:Header>
                        <soap:Body>
                        <m:GetUserPhoto>
                            <m:Email>UserEmail@mail.com</m:Email>
                            <m:SizeRequested>HR648x648</m:SizeRequested>
                        </m:GetUserPhoto>
                        </soap:Body>
                    </soap:Envelope>");

using (Stream stream = request.GetRequestStream())
{
      SOAPReqBody.Save(stream);
}

using (HttpWebResponse response = request.GetResponse() as HttpWebResponse){
//The remote server returned an error: (500) Internal Server Error.
    Stream stream = response.GetResponseStream();
    using (MemoryStream ms = new MemoryStream())
    {
        string encodedPhoto = Convert.ToBase64String((ms.ToArray()));
    }
}

1 個解決方案

解決方案1
 1 已采納  2021-02-19 02:01:23

EWS 中的應用程序令牌要求您模擬已知用戶(當您請求然后獲取該身份時),因此您需要使用 SOAP 操作https://docs.microsoft.com/en-us/exchange/client-developer /web-service-reference/getuserphoto-operation然后模擬一個真實用戶(如果你有應用程序策略,你需要小心哪一個,否則租戶中的任何用戶都應該工作)例如

       var cca = ConfidentialClientApplicationBuilder
                        .Create("d4")
                        .WithClientSecret("s")
                        .WithTenantId("x")
                        .Build();

        var ewsScopes = new string[] { "https://outlook.office365.com/.default" };
        var authResult = cca.AcquireTokenForClient(ewsScopes).ExecuteAsync().Result;


        HttpWebRequest request = WebRequest.Create("https://outlook.office365.com/EWS/Exchange.asmx") as HttpWebRequest;
        request.Headers.Add("Authorization", "Bearer " + authResult.AccessToken);
        request.Method = "POST";

        XmlDocument SOAPReqBody = new XmlDocument();

        SOAPReqBody.LoadXml(@"<?xml version=""1.0"" encoding=""utf-8""?>
        <soap:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:m=""http://schemas.microsoft.com/exchange/services/2006/messages"" xmlns:t=""http://schemas.microsoft.com/exchange/services/2006/types"" xmlns:soap=""http://schemas.xmlsoap.org/soap/envelope/"">
          <soap:Header>
            <t:RequestServerVersion Version=""Exchange2016"" />
            <t:ExchangeImpersonation>
              <t:ConnectingSID>
                <t:SmtpAddress>user@domain.com</t:SmtpAddress>
              </t:ConnectingSID>
            </t:ExchangeImpersonation>
          </soap:Header>
          <soap:Body>
            <m:GetUserPhoto>
              <m:Email>user@domain.com</m:Email>
              <m:SizeRequested>HR48x48</m:SizeRequested>
            </m:GetUserPhoto>
          </soap:Body>
        </soap:Envelope>");

        using (Stream stream = request.GetRequestStream())
        {
            SOAPReqBody.Save(stream);
        }

        using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)
        {
            //The remote server returned an error: (500) Internal Server Error.
            Stream stream = response.GetResponseStream();
            XmlDocument Response = new XmlDocument();
            Response.Load(stream);
            var PictureDataNodes = Response.GetElementsByTagName("PictureData");
            Byte[] PictureData = Convert.FromBase64String(PictureDataNodes[0].InnerText);
            File.WriteAllBytes("c:\\temp\\pictest.jpg", PictureData);
        }
    }

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 SharePoint 僅應用程序身份驗證拋出“遠程服務器返回錯誤:(401)未經授權。” EWS GetUserPhoto 從基本身份驗證切換到 OAuth 委托文件夾的EWS通知 Office 365僅應用程序令牌刷新/更新 是否可以僅使用 REST API 為一個站點獲取 SharePoint 僅應用程序主體? 代碼:BadRequest 消息:/me 請求僅對委托身份驗證流程有效 Office365 API:僅適用於應用的OAuth2 AccessToken要求 為什么我在通過 Azure AD App-Only 授予訪問權限時收到 401 Unauthorized? Microsoft Graph API 身份驗證錯誤(錯誤描述:/me request is only valid with delegated authentication flow) 使用委托身份驗證獲取不記名令牌
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM