使用msal抛出来访问sharepoint REST api 401 [英] accessing sharepoint REST apis using msal throws 401
问题描述
如果我转到 https://developer.microsoft.com/zh-cn/graph/graph-explorer#并使用如下网址:
If i go to https://developer.microsoft.com/en-us/graph/graph-explorer# and use URL like:
https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items I can see request succeeds.
现在,如果我使用来自github https://github的有角度的应用程序. com/AzureAD/microsoft-authentication-library-for-js
Now if i use the angular app from github https://github.com/AzureAD/microsoft-authentication-library-for-js
和类似的代码
private sharePointHost: string = "https://4development106.sharepoint.com/sites/DBSchenker/_api/web/lists/getByTitle('OEC_Docs')/items"
getDocuments(token){
const httpOptions = {
headers: new HttpHeaders({
'Accept': 'application/json;odata=verbose'
,'Authorization' : "Bearer " + token
})
};
this.http.get(this.sharePointHost, httpOptions).subscribe(
(resp) => console.log("respon is::: " + JSON.stringify(resp)),
(err) => console.log("error:::" + JSON.stringify(err))
)
}
它抛出:
error:::`{"headers":{"normalizedNames":{},"lazyUpdate":null},"status":401,"statusText":"OK","url":"https://4development106.sharepoint.com/sites/DBSchenker/_api/web/lists/getByTitle('OEC_Docs')/items","ok":false,"name":"HttpErrorResponse","message":"Http failure response for https://4development106.sharepoint.com/sites/DBSchenker/_api/web/lists/getByTitle('OEC_Docs')/items: 401 OK","error":{"error_description":"Invalid JWT token. No certificate thumbprint specified in token header."}}`
将主机更改为(在graph api资源管理器中有效)
changing the host to (which works in graph api explorer)
private sharePointHost: string = "https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items"
抛出
error:::{"headers":{"normalizedNames":{},"lazyUpdate":null},"status":401,"statusText":"Unauthorized","url":"https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items","ok":false,"name":"HttpErrorResponse","message":"Http failure response for https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items: 401 Unauthorized","error":{"error":{"code":"InvalidAuthenticationToken","message":"Access token validation failure.","innerError":{"request-id":"f5a77afc-0d92-49a0-92c4-e727e056d0a9","date":"2018-10-30T01:42:02"}}}}
不确定我在做什么错
推荐答案
我遇到了同样的问题.我唯一能找到的解决方案是暂时使用ADAL而不是MSAL .我不太清楚为什么,但是SharePoint Online似乎只能按照您使用ADAL的方式工作.
I've been having the same problem. The only solution I could find was to use ADAL instead of MSAL for the time being. I'm not quite sure why, but SharePoint Online only seems to work with ADAL the way you're using it.
最初,我认为可能是由于MSAL中的公共"端点引起的,但是切换到仅此组织目录中的帐户(...)"也不能解决问题.
Initially I thought it might be because of the "common" endpoint in MSAL, but switching to "Accounts in this organizational directory only (...)" didn't solve the problem either.
您可能还想看看 https: //github.com/AzureAD/microsoft-authentication-library-for-js/issues/521 来解决类似问题(尽管这也不能解决我的问题).
You might also want to take a look at https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/521 for a similar issue (though this didn't resolve my issue as well).
这篇关于使用msal抛出来访问sharepoint REST api 401的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
