POST Ajax 调用 Outlook API - 访问被拒绝
POST Ajax call to Outlook API - Access is denied
我很难向 Outlook API 发送 POST 请求。
我在我的本地机器上工作并将 redirectUrl 定义到我的 localhost:port
我的 GET 请求有效:
var apiUrl = "https://outlook.office.com/api/v2.0/me/calendarview?startdatetime=" + startDateTime + "&enddatetime=" + endDateTime + "&$top=" + 10;
$.ajax({
type: 'GET',
url: apiUrl,
headers: {
"Authorization": "Bearer " + token
}
}).done(function (data) {
processResults(data);
}).fail(function (response) {
handleFailure();
});
但是当我尝试发送 POST 时,我收到了这条消息:
Access is denied. Check credentials and try again.
我的代码是:
var apiUrl = "https://outlook.office.com/api/v2.0/me/events";
var postData = {
"Subject": "Plan summer company picnic",
"Body": {
"ContentType": "HTML",
"Content": "Let's kick-start this event planning!"
},
"Start": {
"DateTime": "2019-01-15T11:00:00",
"TimeZone": "Pacific Standard Time"
},
"End": {
"DateTime": "2019-01-15T12:00:00",
"TimeZone": "Pacific Standard Time"
},
"Attendees": [
{
"EmailAddress": {
"Address": "myMail@gmail.com",
"Name": "Name Here"
},
"Type": "Required"
}
]
};
$.ajax({
type: 'POST',
url: apiUrl,
headers: {
"Authorization": "Bearer " + token
},
contentType: 'application/json',
data: JSON.stringify(postData)
}).done(function (data) {
processResults(data);
}).fail(function (response) {
handleFailure();
});
在这两种情况下,我都使用相同的令牌,所以这可能不是登录问题。我还在应用程序中允许 Calendars.ReadWrite。
更新
我清除了缓存,登录,进行了 GET 调用,然后进行了 POST 调用,然后再次进行了 GET 调用。 GET 调用都有效,所以问题不是令牌或缓存问题。
问题出在身份验证过程中,显然在每个请求中我都必须指定 scope 并且它应该包含多个权限。
在 headers 我发现了这个:
x-ms-diagnostics: 2000008;reason="Access to this API requires the following permissions: 'Calendars.Read.All,Calendars.Read.Shared,Calendars.ReadWrite.All,Calendars.ReadWrite.Shared'. However, the application only has the following permissions granted: 'Calendars.Read,Calendars.ReadWrite'.";error_category="invalid_grant"
即使这样也是错误的,因为Calendars.Read.All和Calendars.ReadWrite.All不存在,所以应该是Calendars.Read和Calendars.ReadWrite。
身份验证请求应如下所示:
var authUrl = authServer +
"response_type=" + encodeURI(token) +
"&client_id=" + encodeURI(clientId) +
"&scope=" + encodeURI("https://outlook.office.com/Calendars.Read https://outlook.office.com/Calendars.Read.Shared https://outlook.office.com/Calendars.ReadWrite https://outlook.office.com/Calendars.ReadWrite.Shared") +
"&redirect_uri=" + redirectUrl +
"&state=" + stateParam;
我很难向 Outlook API 发送 POST 请求。
我在我的本地机器上工作并将 redirectUrl 定义到我的 localhost:port
我的 GET 请求有效:
var apiUrl = "https://outlook.office.com/api/v2.0/me/calendarview?startdatetime=" + startDateTime + "&enddatetime=" + endDateTime + "&$top=" + 10;
$.ajax({
type: 'GET',
url: apiUrl,
headers: {
"Authorization": "Bearer " + token
}
}).done(function (data) {
processResults(data);
}).fail(function (response) {
handleFailure();
});
但是当我尝试发送 POST 时,我收到了这条消息:
Access is denied. Check credentials and try again.
我的代码是:
var apiUrl = "https://outlook.office.com/api/v2.0/me/events";
var postData = {
"Subject": "Plan summer company picnic",
"Body": {
"ContentType": "HTML",
"Content": "Let's kick-start this event planning!"
},
"Start": {
"DateTime": "2019-01-15T11:00:00",
"TimeZone": "Pacific Standard Time"
},
"End": {
"DateTime": "2019-01-15T12:00:00",
"TimeZone": "Pacific Standard Time"
},
"Attendees": [
{
"EmailAddress": {
"Address": "myMail@gmail.com",
"Name": "Name Here"
},
"Type": "Required"
}
]
};
$.ajax({
type: 'POST',
url: apiUrl,
headers: {
"Authorization": "Bearer " + token
},
contentType: 'application/json',
data: JSON.stringify(postData)
}).done(function (data) {
processResults(data);
}).fail(function (response) {
handleFailure();
});
在这两种情况下,我都使用相同的令牌,所以这可能不是登录问题。我还在应用程序中允许 Calendars.ReadWrite。
更新
我清除了缓存,登录,进行了 GET 调用,然后进行了 POST 调用,然后再次进行了 GET 调用。 GET 调用都有效,所以问题不是令牌或缓存问题。
问题出在身份验证过程中,显然在每个请求中我都必须指定 scope 并且它应该包含多个权限。
在 headers 我发现了这个:
x-ms-diagnostics: 2000008;reason="Access to this API requires the following permissions: 'Calendars.Read.All,Calendars.Read.Shared,Calendars.ReadWrite.All,Calendars.ReadWrite.Shared'. However, the application only has the following permissions granted: 'Calendars.Read,Calendars.ReadWrite'.";error_category="invalid_grant"
即使这样也是错误的,因为Calendars.Read.All和Calendars.ReadWrite.All不存在,所以应该是Calendars.Read和Calendars.ReadWrite。
身份验证请求应如下所示:
var authUrl = authServer +
"response_type=" + encodeURI(token) +
"&client_id=" + encodeURI(clientId) +
"&scope=" + encodeURI("https://outlook.office.com/Calendars.Read https://outlook.office.com/Calendars.Read.Shared https://outlook.office.com/Calendars.ReadWrite https://outlook.office.com/Calendars.ReadWrite.Shared") +
"&redirect_uri=" + redirectUrl +
"&state=" + stateParam;