使用 outlook REST API - java 客户端获取照片时获取 401-Unauthorized
Getting 401-Unauthorized while getting photo using outlook REST API - java cliet
我正在尝试使用 outlook REST 检索用户照片 API(https://msdn.microsoft.com/en-us/office/office365/api/photo-rest-operations#UserphotooperationsGetphoto)
我在 (https://msdn.microsoft.com/en-us/library/azure/dn645543.aspx) 之后获得了访问令牌
但出现此错误:有帮助吗?
HTTP/1.1 401 Unauthorized [Content-Length: 0, Server: Microsoft-IIS/8.0, request-id: 6925fcab-9021-4059-af4b-4cbf130faea7, X-CalculatedBETarget: CY1PR0401MB1388.namprd04.prod.outlook.com, X-BackEndHttpStatus: 401, Set-Cookie: exchangecookie=87cb2447eae9401c80a96c497dff06a9; expires=Sat, 22-Apr-2017 07:56:53 GMT; path=/; HttpOnly, x-ms-diagnostics: 2000001;reason="The access token is acquired using an authentication method that is too weak to allow access for this application. Presented auth strength was 1, required is 2.";error_category="invalid_token",
代码看起来像这样:
HttpClient httpclient = HttpClients.createDefault();
final String bearerToken = getBearerToken();
HttpGet request = new HttpGet("https://outlook.office.com/api/v2.0/me/photo/$value");
request.setHeader(javax.ws.rs.core.HttpHeaders.AUTHORIZATION, "Bearer " + bearerToken);
request.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
HttpResponse response = httpclient.execute(request);
return IOUtils.toByteArray(response.getEntity().getContent());
根据错误信息。您需要 client_assertion.
而不是请求正文中的 client_secret
根据 API 你调用“https://outlook.office.com/api/v2.0/me/photo/$value". It seems that you only want to get the photo for the current login user; if so, you can use Authorization Code Grant Flow 来获取不需要客户端证书的令牌。
更新#1:
Can this be done programmatically/API way
据我所知,同意需要用户或管理员的互动。
https://login.windows.net/common/oauth2/authorize?response_type=code&client_id={0}&resource={1}&redirect_uri={2}&prompt={3}
如果您正在开发 ASP.NET 网络应用程序,您可以参考示例项目 O365-WebApp-MultiTenant。
顺便说一句,当用app-token调用API时,你需要指定用户名。
例如
https://outlook.office.com/api/v2.0/users('user1@customdomain.onmicrosoft.com')/messages
更新#2:
使用应用令牌更新照片时出现 403 代码是预期结果。
从上图我们可以看出,更新用户照片需要委派权限"User.Read.Write"。应用令牌没有更新用户照片的权限。
我正在尝试使用 outlook REST 检索用户照片 API(https://msdn.microsoft.com/en-us/office/office365/api/photo-rest-operations#UserphotooperationsGetphoto)
我在 (https://msdn.microsoft.com/en-us/library/azure/dn645543.aspx) 之后获得了访问令牌
但出现此错误:有帮助吗?
HTTP/1.1 401 Unauthorized [Content-Length: 0, Server: Microsoft-IIS/8.0, request-id: 6925fcab-9021-4059-af4b-4cbf130faea7, X-CalculatedBETarget: CY1PR0401MB1388.namprd04.prod.outlook.com, X-BackEndHttpStatus: 401, Set-Cookie: exchangecookie=87cb2447eae9401c80a96c497dff06a9; expires=Sat, 22-Apr-2017 07:56:53 GMT; path=/; HttpOnly, x-ms-diagnostics: 2000001;reason="The access token is acquired using an authentication method that is too weak to allow access for this application. Presented auth strength was 1, required is 2.";error_category="invalid_token",
代码看起来像这样:
HttpClient httpclient = HttpClients.createDefault();
final String bearerToken = getBearerToken();
HttpGet request = new HttpGet("https://outlook.office.com/api/v2.0/me/photo/$value");
request.setHeader(javax.ws.rs.core.HttpHeaders.AUTHORIZATION, "Bearer " + bearerToken);
request.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
HttpResponse response = httpclient.execute(request);
return IOUtils.toByteArray(response.getEntity().getContent());
根据错误信息。您需要 client_assertion.
而不是请求正文中的 client_secret根据 API 你调用“https://outlook.office.com/api/v2.0/me/photo/$value". It seems that you only want to get the photo for the current login user; if so, you can use Authorization Code Grant Flow 来获取不需要客户端证书的令牌。
更新#1:
Can this be done programmatically/API way
据我所知,同意需要用户或管理员的互动。
https://login.windows.net/common/oauth2/authorize?response_type=code&client_id={0}&resource={1}&redirect_uri={2}&prompt={3}
如果您正在开发 ASP.NET 网络应用程序,您可以参考示例项目 O365-WebApp-MultiTenant。
顺便说一句,当用app-token调用API时,你需要指定用户名。
例如
https://outlook.office.com/api/v2.0/users('user1@customdomain.onmicrosoft.com')/messages
更新#2:
使用应用令牌更新照片时出现 403 代码是预期结果。
从上图我们可以看出,更新用户照片需要委派权限"User.Read.Write"。应用令牌没有更新用户照片的权限。