Office 365 v2 API授权代码格式错误或无效 [英] Office 365 v2 API Authorization code is malformed or invalid
问题描述
我已从浏览器复制了以下身份验证代码,以供授予我们应用程序使用其Office 365电子邮件的用户使用.
I've the following auth code copied from the browser for a user who granted our app to use their Office 365 email.
code=OAQABAAIAAADRNYRQ3dhRSrm-4K-adpCJ3J3UJ8GyC2qJDvNhlrUAObjph6sQ3A9waeQ5Tr-DA6WzxCdFbvadCRJw2S4a_lwA7MyelZWAPQZOlaB_X_1165CbmTXJMGioU6Cr0DhVTUzIlUv_-Svjp8DBrLVCxcDp5rJMM5mDNR0iGysuDIozWnOaPqCOl35NxPzyktrYK6D1MBptmXOPbhS-stTZXbHJr9gGE3FHzMU0XANXmTm30q4SPaoWPch-S1uFFL4xwS2oUv-lELBdcfIGh5UJBSraabGihVWUnbwBhh8eURSMRwryi7kubUcq0D27S-vIVZhtKopemQ1njAcExO58S7EgAyqbIzMxvmBXBe0X1ieVrcyHYRpt4ZAq1Z4v5HLTrYhx5fGp6AkqhV09yri3bqXaZvw5R1hKuhAbRDt_isZn_L8ZEhfwnqICGUwpDU27c6Qd1txuiOVY90a4BiAUh1M1u5gjDx8nIE88R7S915w7mUjJtCzZuTKQavve8q8UOtm9udUvBOX1f-bYslpgiIRbdSYBYlP9UrbreLS1W6OFk2NX-uqp9mabyImvvj1RUm166qV6uc9hsuhzrfErDURC17JotuQBSWYauAvb38p5B-cDbsCZafpyORlbrWsYyQcdWwUPL0aOZEQXFW-v3gDw7Xri_9hvsiHrj10NTaaozqm1QpZmMf-SHJ0yF9wBWKYgAA
如果我们使用的是Microsoft Graph REST API v1,则应用程序可以正常运行,但是在使用版本2时会出现以下问题.它已注册了委托权限,该授予我们读取,写入/发送权限,该权限与该应用程序的V1可以正常使用
Application works without a problem if we are using Microsoft Graph REST API v1 but the following problem happens when using version 2. It is registered with delegate permissions that grants us Read, Write/Send permission which work fine with V1 of the application.
对于V2:authority =https://login.microsoftonline.com/common/oauth2/v2.0/token和
检索身份验证代码,我使用以下网址
For V2: authority =https://login.microsoftonline.com/common/oauth2/v2.0/token and
to retrive auth code I use the following url
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=30..7&response_type=code&scope=mail.read&redirect_uri=https://myurl:8443/controller/saveToken
导致此问题的代码块:
@Override
public AuthenticationResult getToken(String authCode) {
ExecutorService service = Executors.newFixedThreadPool(1);
OfficeCredentials credentials = getCredentials();
try {
AuthenticationContext context = new AuthenticationContext(credentials.getAuthority(), true, service);
final Future<AuthenticationResult> resultFuture = context.acquireTokenByAuthorizationCode(
authCode, new URI(credentials.getRedirectUri()), new ClientCredential(credentials.getClientId(),
credentials.getClientSecret()), credentials.getResourceUrl(), null);
return resultFuture.get();//throws exception
} catch (URISyntaxException e) {
logger.error(e.getMessage());
} catch (MalformedURLException e) {
logger.error(e.getMessage());
} catch (Exception e) {
logger.error(e.getMessage());
}
return null;
}
调用 resultFuture.get()时发生异常
java.util.concurrent.ExecutionException: com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS70000: Transmission data parser failure: Authorization Code is malformed or invalid.\r\nTrace ID: c37b4aba-c5fb-44f3-815c-dd798072095d\r\nCorrelation ID: e190ccd2-f98a-440c-8e79-69cfcead3c04\r\nTimestamp: 2017-02-06 17:53:30Z","error":"invalid_grant"}
在尝试迁移到v2时,我不知道自己在做什么错. redirect_uri与azure中定义的相同,它是HTTPS.通过遵循此,我已经使我的本地环境不接受HTTPS.仅供参考:我正在使用adal4 Java库.
I don't know what I am doing wrong as I am trying to migrate to v2. redirect_uri is same as defined in azure and it is HTTPS. I already made my local env't accept HTTPS by following this. FYI: I am using adal4 java library.
推荐答案
当前,adal4j库不支持Azure AD v2.0终结点(请参阅
At present, the adal4j library doesn't support the Azure AD v2.0 endpoint(refer here). Event we set the authority for the v2.0 endpoint, it still use the old one.
作为一种解决方法,您可以直接编写HTTP请求.这是示例请求供您参考(请参考
As a workaround, you may compose the HTTP request directly. Here is the sample request for your reference( refer here):
POST: https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token
client_id={clientId}&client_secret={clientSecret}&scope={scope}&code={authorizationCode}&grant_type=authorization_code&redirect_uri={redirectUri}
如果您希望adal4j库支持Azure AD v2.0终结点,则可以从此处.
And if you want the adal4j library to support Azure AD v2.0 endpoint, you can submit the feedback from here.
这篇关于Office 365 v2 API授权代码格式错误或无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
