OneDrive代码流公共客户端无法发送客户端密钥-Node.js [英] OneDrive Code Flow Public clients can't send a client secret - Node.js
问题描述
嘿,我想创建对我的onedrive帐户的访问权限,以便从家用PC窗口通过node.js上传文件.
hey guys I want to create access to my onedrive account to upload file via node.js from my home pc windows.
我在 https://apps.dev.microsoft.com
上创建了一个应用
另外,我还在此处创建了一个客户端密码,并添加了一个Web平台,并将重定向URL从本地主机更改为 https://login.live.com/oauth20_desktop.srf
I created a app at https://apps.dev.microsoft.com
Also I created a client secret there and added a web platform and changed the redirect url from localhost to https://login.live.com/oauth20_desktop.srf
然后我在浏览器中使用了此链接 https://登录. live.com/oauth20_authorize.srf?client_id=ab82982b-4dxxxxxxxxxxxxxxxxx&scope=files.readwrite.all&response_type=code
Then I used this link in my browser https://login.live.com/oauth20_authorize.srf?client_id=ab82982b-4dxxxxxxxxxxxxxxxxx&scope=files.readwrite.all&response_type=code
我的浏览器中的网址更改为 https://login. live.com/oauth20_desktop.srf?code=M494a5b9fxxxxxxxxxxxxxxxxxxxxxxx&lc=1031
The Url from my browser changed to https://login.live.com/oauth20_desktop.srf?code=M494a5b9fxxxxxxxxxxxxxxxxxxxxxxx&lc=1031
然后我像他们在
与
request({
uri: "https://login.microsoftonline.com/common/oauth2/v2.0/token?"
+ "&client_id=ab82982b-4dbe-4c6b-a1fe-2d60d01709fd&"
+ "client_secret=TkYZhYyuEiSoqhCxbh4Dqh3"
+ "&code=M494a5b9f-5577-3454-a78c-cef649a512c0"
+ "&grant_type=authorization_code",
method: "POST",
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
}
}, function(error, response, body) {
console.log('body: ', body);
});
但是输出是
body: {"error":"invalid_request","error_description":"AADSTS90014: The
request body must contain the following parameter: 'grant_type'.\r\nTrace
ID:
de2c2dxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\r\nCorrelation ID:
de2f8b83xxxxxxxxxxxxxxxxxxxxxxxxx\r\nTimestamp: 2017-07-31 13:40:52Z","error_codes":[90014]
,"timestamp":"2017-07-31 13:40:52Z","trace_id":"de2c2da2xxxxxxxxxxxxxxxxxxx","correlation_id":"de2f8b8xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"}
请帮助我努力解决这个API令牌问题.
Please help I struggle so hard with this API token stuff ..
我也更改了下面评论中的编辑
EDIT from the comment below I changed too
request.post({url:'https://login.microsoftonline.com/common/oauth2/v2.0/token', form: {
redirect_uri: 'https://login.live.com/oauth20_desktop.srf',
client_id: 'abf3247c-d56a-xxxxxxxxxxxxxxxxxxxxx',
client_secret: '3o6xxxxxxxxxxxxxxxxxxxxxxxxxxxx',
code: 'M8aad1bcf-xxxxxxxxxxxxxxxxxxxxxxxxxx',
grant_type: 'authorization_code'
}
}, function(err,httpResponse,body){ /* ... */
console.log('err: ' + err)
console.log('body: ' + body)
})
但是现在我收到了"error":"invalid_request","error_description":"AADSTS90023:公共客户端无法发送客户端密码.
But now I get "error":"invalid_request","error_description":"AADSTS90023: Public clients can't send a client secret.
我在Google上搜索了此内容,并阅读到我无法通过桌面应用程序提出客户秘密请求.但是我在 https://apps.dev.microsoft.com
I google this and read that I cant make client secret request with desktop apllications. But I created a web application at https://apps.dev.microsoft.com
我也从请求中删除了客户端机密,但我收到了重定向URL错误的错误消息.请给我发送工作代码示例,我已经为此困扰了好几天..
Also I delete the client secret from the request I get error that the redirect url is wrong. Please send me working code examples I struggle with this now for several days ..
这太难了aaaaaaaaaaaaaaaaaaaaaaaaaahhhhhhhhhhhhh:D请帮助
This is so difficult aaaaaaaaaaaaaaaaaaaaaaahhhhhhhhhhhhh :D Please help
推荐答案
您的问题是否已经打开?看来您想检索访问令牌并刷新令牌.如果我误解了您的问题,很抱歉.
Have your this question been opened yet? It seems that you want to retrieve access token and refresh token. If I misunderstand your question, I'm sorry.
我认为您修改后的用于检索访问令牌的脚本没有错.请再次确认授权流程.
I think that your modified script for retrieving access token is not wrong. Please confirm the authorization flow again.
- 在
https://apps.dev.microsoft.com/
添加应用
- 输入应用程序名称.在这种情况下,请勿使用引导设置
- 创建应用程序密码.
- 平台是网络.在这种情况下,重定向URL为
http://localhost
- 从
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=### Application ID ###&scope=offline_access%20files.readwrite.all&response_type=code&redirect_uri=http://localhost
检索代码- 请将上述URL导入您的浏览器,然后从重定向的URL中检索代码.
- 在这里,为了上传文件,它在作用域中包括
files.readwrite.all
.
可以通过将 - 刷新令牌.
offline_access
包括到范围中来获取
- Add application at
https://apps.dev.microsoft.com/
- Input Application Name. In this case, don't use Guided Setup
- Create Application secret.
- Platform is web. In this case, redirect URL is
http://localhost
- Retrieve code from
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=### Application ID ###&scope=offline_access%20files.readwrite.all&response_type=code&redirect_uri=http://localhost
- Please inport above URL to your browser, and retrive the code from redirected URL.
- Here, in order to upload files, it includes
files.readwrite.all
in the scope. - Refresh token can be retrieved by including
offline_access
to the scope.
脚本:
request.post({
url:'https://login.microsoftonline.com/common/oauth2/v2.0/token',
form: {
redirect_uri: 'http://localhost',
client_id: 'abf3247c-d56a-xxxxxxxxxxxxxxxxxxxxx',
client_secret: '3o6xxxxxxxxxxxxxxxxxxxxxxxxxxxx',
code: 'M8aad1bcf-xxxxxxxxxxxxxxxxxxxxxxxxxx',
grant_type: 'authorization_code'
}
}, function(err,httpResponse,body){
console.log('body: ' + body)
});
响应:
您可以检索以下回复.
Response :
You can retrieve following response.
{
"token_type": "Bearer",
"scope": "Files.ReadWrite.All",
"expires_in": 3600,
"ext_expi
res_in": 0,
"access_token": "#####",
"refresh_token": "#####"
}
如果这不是您的解决方案,对不起.
If this is not a solution for you, I'm sorry.
request.post({
url:'https://login.microsoftonline.com/common/oauth2/v2.0/token',
form: {
redirect_uri: 'http://localhost',
client_id: 'abf3247c-d56a-xxxxxxxxxxxxxxxxxxxxx',
client_secret: '3o6xxxxxxxxxxxxxxxxxxxxxxxxxxxx',
refresh_token: 'xxxxxxxxxxxxxxxxxxxxxxxxxx',
grant_type: 'refresh_token'
}
}, function(err,httpResponse,body){
console.log('body: ' + body)
});
这篇关于OneDrive代码流公共客户端无法发送客户端密钥-Node.js的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!