401未经授权-令牌未被接受 [英] 401 Unauthorized - token not being accepted
问题描述
我已经成功地将Graph API用于各种用途,但是我需要访问OneNote API才能在班级笔记本上执行学生和老师的添加/删除操作.当我以与 https://www.onenote.com 的Graph相同的方式请求令牌时,资源提供了一个,但是无论我发送什么(有效)请求,当我尝试使用它来访问OneNote API时,我都会收到401-该请求不包含有效的身份验证令牌."
我尝试使用v1.0终结点生成令牌,而不是具有相同结果.
我的令牌请求:
POST https://login.microsoftonline.com/ {我的租户}/oauth2/v2. 0/令牌HTTP/1.1 接受:application/json 内容类型:application/x-www-form-urlencoded 主机:login.microsoftonline.com 内容长度:213 期望:100-继续 连接:保持活动状态
grant_type = client_credentials& client_id = {我的appid}& client_secret = {我的秘密}& tenant = {我的租户}& scope = https%3A%2F%2Fwww.onenote.com%2F.default
OR
POST https://login.microsoftonline.com/ {我的租户}/oauth2/token HTTP /1.1 接受:application/json 内容类型:application/x-www-form-urlencoded 主机:login.microsoftonline.com 内容长度:161 期望:100-继续
grant_type = client_credentials& client_id = {我的appid}& client_secret = {我的秘密}& resource = https%3A%2F%2Fwww.onenote.com
两者都返回包含access_token的内容,例如: {"token_type":承载者","expires_in":"3600","ext_expires_in":"3600","expires_on":"1543513719","not_before":"1543509819",资源":" https://www.onenote.com ," access_token:" {a令牌}}
请求: GET https://www.onenote.com/api/v1.0/myorganization/groups/ {group id}/notes/HTTP/1.1 ContentType:application/json 授权:无记名{令牌/令牌请求返回的令牌} 缓存控制:无存储,无缓存 主持人:www.onenote.com
响应: 代码= 40001 message =该请求不包含有效的身份验证令牌.
作为参考,该问题基本上是对以下问题的后续:使用API和班级笔记本添加学生
您处在正确的轨道上. 资源是使用1.0身份验证端点的正确方法. 范围需要在应用程序门户上注册,因此您需要返回并在门户中添加OneNote范围.
我不确定100%,但是IIRC onenote的资源可能需要结尾的'/'.
I'm successfully using the Graph API for a variety of things but I need to access to the OneNote API to perform student and teacher add/remove operations on Class Notebooks. When I request a token the same way that I do for Graph with the https://www.onenote.com resource it provides one but when I try to use it to access the OneNote API no matter what (valid) request I send I get 401 - "The request does not contain a valid authentication token."
I've tried using the v1.0 endpoint to generate a token instead with the same results.
My token requests:
POST https://login.microsoftonline.com/{my tenant}/oauth2/v2.0/token HTTP/1.1 Accept: application/json Content-Type: application/x-www-form-urlencoded Host: login.microsoftonline.com Content-Length: 213 Expect: 100-continue Connection: Keep-Alive
grant_type=client_credentials&client_id={my appid}&client_secret={my secret}&tenant={my tenant}&scope=https%3A%2F%2Fwww.onenote.com%2F.default
OR
POST https://login.microsoftonline.com/{my tenant}/oauth2/token HTTP/1.1 Accept: application/json Content-Type: application/x-www-form-urlencoded Host: login.microsoftonline.com Content-Length: 161 Expect: 100-continue
grant_type=client_credentials&client_id={my appid}&client_secret={my secret}&resource=https%3A%2F%2Fwww.onenote.com
Both return something containing an access_token, like: {"token_type":"Bearer","expires_in":"3600","ext_expires_in":"3600","expires_on":"1543513719","not_before":"1543509819","resource":"https://www.onenote.com","access_token":"{a token}"}
Request: GET https://www.onenote.com/api/v1.0/myorganization/groups/{group id}/notes/ HTTP/1.1 ContentType: application/json Authorization: Bearer {token returned from /token request} Cache-Control: no-store, no-cache Host: www.onenote.com
Response: code=40001 message=The request does not contain a valid authentication token.
For reference, this question is basically a follow-up to: Adding Students with the API and Class Notebook
You're on the right track. Resource is the right way with the 1.0 auth endpoint. Scopes need to be registered on the app portal, so you'll need to go back in and add OneNote scopes in the portal.
I'm not 100% sure, but IIRC the resource for onenote might require a trailing '/'.
这篇关于401未经授权-令牌未被接受的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
