Outlook Calendar API |无需用户操作即可获取事件 [英] Outlook Calendar API | Get events without user action
问题描述
Bonjour,
我已经尝试了几天使用Outlook Calendar(V2)API来检索与用户相关的事件.必须在没有用户干预的情况下完成事件的恢复(有关信息:我有他的密码).
I've been trying for a few days to use the Outlook Calendar (V2) API to retrieve events related to a user. The recovery of events must be done without the user's intervention (for information: I have his password).
我的网站(Drupal 8)必须连接到API并检索事件以将其显示给访问者.
My website (Drupal 8), must connect to the API and retrieve the events to display them to visitors.
- 因此,我检索了应用程序ID和应用程序密码.
- I have registered the application from the Application Registration Portal (using the user's account).
- So I retrieved the application ID and the application secret.
I saw that I could add a "Web API" platform but I didn't understand how to use it after adding it.
我尝试与Oauth2客户端(client_credentials)连接以获取令牌.我可以很好地获得令牌,但是当我使用它时,我使用的所有终止点都会返回错误.
I tried to connect with an Oauth2 client (client_credentials) to get the token. I get the token back well, but when I use it, all the termination points I use return an error.
获取令牌(client_credentials):
Get token (client_credentials) :
URL : https://login.microsoftonline.com/<tid>/oauth2/v2.0/token
Content-Type : application/x-www-form-urlencoded
client_id : <client_id>
client_secret : <client_secret>
scope : https://graph.microsoft.com/.default
grant_type : client_credentials
I tried the following scenarios (and others), without success:
URL : https://graph.microsoft.com/v1.0/me/events
Content-Type : application/json
Authorization : Bearer <access_token>
Error : Current authenticated context is not valid for this request. This occurs when a request is made to an endpoint that requires user sign-in....
URL : https://graph.microsoft.com/v1.0/users/events
Content-Type : application/json
Authorization : Bearer <access_token>
Error : The identity of the calling application could not be established.
我认为我错过了一个步骤(也许是管理员同意"),但是我希望用户尽可能不要采取任何行动.
I think I'm missing a step (maybe the "Administrator consent"), but I would like there to be no action from a user, if possible.
感谢您的帮助.
推荐答案
当应用程序需要使用自己的名称进行身份验证时,将使用客户端凭据.在这种情况下,您希望查看可以执行的特定用户的日历:
Client credentials are used when the application requires authentication in its own name. In this case you want to see the calendar of a specific user which you can do:
-如果您的应用程序获得了用户令牌,并以用户名调用图形
- either if your application gets a token for the user, and calls the graph in the name of the user
-或您已获得AAD租户管理员的同意,该应用程序可以查看任何用户的日历.
- or you have consent from the AAD tenant admin that the application can look at the calendar of any user.
- : 与我"有关,这表明应用程序已为用户获得令牌.它不能与客户端凭据一起使用(因为该应用程序没有事件).但是要使用此API,这是假设在应用程序注册中要求的 "User.Read"的门户网站权限(默认设置)
- : 假设您的用户所在的Azure Active Directory租户管理员已授予应用程序同意,以查看该租户中所有用户的所有事件权限,哪个管理员租户 会舍不得给.
- https://graph.microsoft.com/v1.0/me/events is about 'me', which suggest that the application got a token for a user. It cannot be used with client credentials (as the application does not have events). But to use this API, this supposes that requested, in the application registration portal permission for "User.Read" (which is given by default)
- https://graph.microsoft.com/v1.0/users/events supposes to that the Azure Active Directory tenant admin where your user is located has granted the application the consent to look at all the events for all the users in the tenant, which is a pretty big permission, which admin tenant would be reluctant to give.
如何授予您的应用权限:
How to give permissions to your app:
- 转到在您的应用页面中,查看 API权限.并为Microsoft Graph添加权限 日历.,然后选择添加权限,然后,如果您是租户的管理员,请选择 授予<租户名称的管理员同意
- Go to https://portal.azure.com/?Microsoft_AAD_RegisteredApps=true#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview and find your app
- In the pages for your app, look at API permissions. and add a permission for the Microsoft Graph Calendars.Read, and select Add permissions, then if you are an admin of the tenant select Grant admin consent for <name of the tenant>
您会使用哪种语言?我们强烈建议您使用身份验证库,不要直接违背协议.请参见
Which language do you develop in? we strongly recommend you use an auth library and don't go directly against the protocol. See https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-v2-libraries
这篇关于Outlook Calendar API |无需用户操作即可获取事件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
