一个 Note Api 拒绝承载令牌,错误 401 [英] One Note Api rejects Bearer Token, Error 401
问题描述
我在向 One Note API 发送不记名令牌时遇到问题.
I got a problem with sending bearer token to the One Note API.
String returnUri = "https://login.live.com/oauth20_token.srf";
HttpClient client = HttpClientBuilder.create().build();
HttpPost tokenRequest = new HttpPost(returnUri);
tokenRequest.setHeader(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded");
tokenRequest.setEntity(new UrlEncodedFormEntity(Connection.getParametersForURLBody(), Consts.UTF_8));
tokenRequest.addHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0");
HttpResponse tokenResponse = client.execute(tokenRequest);
HttpGet getTopFiveNotebooks = new HttpGet("https://www.onenote.com/api/v1.0/me/notes/notebooks?top=5");
getTopFiveNotebooks.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + Connection.getValueByKey("access_token", Connection.getTokenInJson(tokenResponse)));
我得到了 Bearer Token
和 HttpGet-Request
的标头,如果我在调试模式下查看它:
I got the Bearer Token
and the header of the HttpGet-Request
looks like this, if I look at it in debug-mode:
但是当我尝试执行 get 时,API 给了我一个 401 Unauthorized
错误.
But when I try to perform the get, the API gives me a 401 Unauthorized
Error.
我的范围是 scope=wl.basic+onedrive.readwrite
,所以令牌应该有它需要的所有权限.
My Scope is scope=wl.basic+onedrive.readwrite
, so the token should have all permissions it needs.
更新:如果我登录到 https://apigee.com/onenote/embed/console/onenote/ 使用我的 microsoft-account 并将访问令牌从那里复制到这段代码中:
Update: If I login into https://apigee.com/onenote/embed/console/onenote/ with my microsoft-account and copy the access-token from there into this piece of code:
getTopFiveNotebooks.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + acces-key-from-the apigee-console)
它执行 get 并返回 Status 200
而不是 401
.
it performs the get and give me Status 200
back instead of 401
.
那么我的权限范围有误吗?
So is my permission scope wrong?
我的范围是错误的.
推荐答案
是的,您没有正确的范围.
Yes, you don't have the right scopes.
https://msdn.microsoft.com/en-us/library/office/dn807159.aspx
您至少需要office.onenote"才能获取用户的笔记本.
You need at least "office.onenote" to be able to get the user's notebooks.
顺便说一句,如果您查看 401 响应的正文,您会看到缺少哪些范围.
Btw, if you look at the body of the 401 response, you'll see which scopes are missing.
这篇关于一个 Note Api 拒绝承载令牌,错误 401的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!