1
我正在研究当前项目,我们已经在使用Identity Server进行身份验证。在这里,我们使用Access令牌访问Microsoft Graph API以获取会议,个人资料图片和其他内容。Outlook 365 Rest API - 观众声明值无效
现在我们要对新的Outlook 365 API进行集成,以便读取和在将来编写任务。
我试图用已有的accessToken获得从Outlook RESTAPI Outlook任务:
{
"aud": "https://graph.microsoft.com",
"iss": "https://sts.windows.net/17e18230-55e1-4f60-8262-5c67e2b2ab11/",
"iat": 1145153145,
"nbf": 1491225024,
"exp": 1491258924,
"acr": "1",
"aio": "QSQA8/8DAFFFInSl+iIfvSXhA95NqTYRmKugpaLdvffNkba0L8N5x0U=",
"amr": [
"pwd"
],
"app_displayname": "AwesomeApp.Dev",
"appid": "0c2fgc75-f2ee-fas5-ae9f-fasd2s5d523fs",
"appidacr": "1",
"family_name": "Jesper Krægpøth Ryder",
"given_name": "Joshua",
"ipaddr": "208.67.222.222",
"name": "Joshua Jesper Krægpøth Ryder",
"oid": "a4586g1-d0215-3226-ar05-125463gasrqw5",
"platf": "3",
"puid": "654wf84yu3s1g6",
"scp": "Calendars.Read Calendars.Read.Shared Calendars.ReadWrite Directory.Read.All Files.ReadWrite Group.Read.All Mail.ReadWrite Mail.Send Tasks.Read User.Read User.ReadBasic.All User.ReadWrite",
"sub": "0s_x0JhaNb1QLpIM2Hldx7pSVkrpTgXKe4QPXXiRguQ",
"tid": "15e18430-54e9-4f60-8821-5c85e2b2ab77",
"unique_name": "[email protected]",
"upn": "[email protected]",
"uti": "65a2gasdrfasda_fasfa54153",
"ver": "1.0"
}
https://outlook.office.com/api/v2.0/me/tasks
错误消息:
Content-Length →0
Date →Tue, 04 Jul 2017 08:35:21 GMT
Server →Microsoft-IIS/10.0
WWW-Authenticate →Bearer client_id="00000002-0000-0ff1-ce00-000000000000",
trusted_issuers="[email protected]*",
token_types="app_asserted_user_v1 service_asserted_app_v1",
authorization_uri="https://login.windows.net/common/oauth2/authorize",
error="invalid_token",Basic Realm="",Basic Realm="",Basic Realm=""
X-BEServer →HE1PR0901MB1194
X-BackEndHttpStatus →401, 401
X-CalculatedBETarget →HE1PR0901MB1194.eurprd09.prod.outlook.com
X-CalculatedFETarget →HE1P190CU001.internal.outlook.com
X-DiagInfo →HE1PR0901MB1194
X-FEProxyInfo →HE1P190CA0005.EURP190.PROD.OUTLOOK.COM
X-FEServer →HE1P190CA0005, HE1PR0201CA0031
X-MSEdge-Ref →Ref A: C32D029EF8F84E68BF6327901BBED14F Ref B: HEL01EDGE0307
Ref C: Tue Jul 4 01:35:21 2017 PST
X-Powered-By →ASP.NET
request-id →2266567a-dd67-48f0-b3b4-72cfb5ee6b42
x-ms-diagnostics →2000003;reason="The audience claim value is invalid
'https://graph.microsoft.com'.";error_category="invalid_resource"
在我们使用的身份服务器中间件来处理我们的示波器,如下所示:
app.UseMicrosoftAccountAuthentication(new MicrosoftAccountOptions
{
AuthenticationScheme = "Microsoft",
DisplayName = "Microsoft",
SignInScheme = cookieScheme,
ClientId = Configuration.GetValue<string>("ExternalKeys:SecretMicrosoftClientId"),
ClientSecret = Configuration.GetValue<string>("ExternalKeys:SecretMicrosoftClientSecret"),
CallbackPath = new PathString("/signin-microsoft"),
Scope =
{
"offline_access",
"Calendars.Read",
"Calendars.Read.Shared",
"https://outlook.office.com/tasks.read"
},
SaveTokens = true,
});
当我们尝试登录时,系统会提示您提供其他任务访问要求。所以我们应该可以访问任务API。
其他人试图同时使用Microsoft图形API和新的Outlook 365 Rest API?
当我使用我的访问令牌调用时: https://graph.microsoft.com/v1.0/me/ 它的工作原理和我的用户返回。 但是,当我呼吁: https://outlook.office.com/api/v2.0/me/ 它所述失败。 我是否需要以某种方式转换我的访问令牌?或者使用我的访问令牌重新认证? 我可以使用用户名/密码创建任务。但这对用户来说并不好。 – Kiksen