【发布时间】:2021-09-25 02:26:47
【问题描述】:
我正在使用 Microsoft Graph 检索组的所有成员。但我收到以下授权错误消息。我无法弄清楚,因为我从今天开始学习它。我也浏览了一些关于此的博客,但找不到根本原因。
说明:在执行当前 Web 请求期间发生未处理的异常。请查看堆栈跟踪以获取有关错误及其源自代码的位置的更多信息。 异常详细信息:Microsoft.Graph.ServiceException:代码:Authorization_RequestDenied 消息:权限不足,无法完成操作。 内部错误: 附加数据: 日期:2021-09-24T11:25:11 请求 ID:ef3e82a6-f1df-4018-bccb-2eea075a934f 客户端请求 ID:ef3e82a6-f1df-4018-bccb-2eea075a934f ClientRequestId:ef3e82a6-f1df-4018-bccb-2eea075a934f
以下是我的代码:
private static string appId = ConfigurationManager.AppSettings["ida:AppId"];
private static string appSecret = ConfigurationManager.AppSettings["ida:AppSecret"];
private static string redirectUri = ConfigurationManager.AppSettings["ida:RedirectUri"];
private static List<string> graphScopes =
new List<string>(ConfigurationManager.AppSettings["ida:AppScopes"].Split(' '));
public static async Task<IEnumerable<Event>> GetEventsAsync()
{
var graphClient = GetAuthenticatedClient();
var members = await graphClient.Groups["00000000-0000-0000-0000-000000000000"].Members.Request().GetAsync();
}
private static GraphServiceClient GetAuthenticatedClient()
{
return new GraphServiceClient(
new DelegateAuthenticationProvider(
async (requestMessage) =>
{
var idClient = ConfidentialClientApplicationBuilder.Create(appId)
.WithRedirectUri(redirectUri)
.WithClientSecret(appSecret)
.Build();
var tokenStore = new SessionTokenStore(idClient.UserTokenCache,
HttpContext.Current, ClaimsPrincipal.Current);
var accounts = await idClient.GetAccountsAsync();
var result = await idClient.AcquireTokenSilent(graphScopes, accounts.FirstOrDefault())
.ExecuteAsync();
requestMessage.Headers.Authorization =
new AuthenticationHeaderValue("Bearer", result.AccessToken);
}));
}
应用设置:
<appSettings>
<add key="ida:AppID" value=[App Id] />
<add key="ida:AppSecret" value=[App Secret] />
<add key="ida:RedirectUri" value="https://localhost:44359/" />
<add key="ida:AppScopes" value="User.Read.All Calendars.Read" />
</appSettings>
我假设我可能需要调整 appSettings 中的 AppScopes 值,但不确定。谁能给我一些解决这个问题的方法?
提前致谢。
【问题讨论】: