访问客户端凭据授予流的 Office 365 邮箱时获取错误代码 403
Getting Error code 403 while accessing Office 365 mail box for the client credential grant flow
我正在尝试连接到 Office 365 以使用客户端凭据 flow.I 已执行 http://blogs.msdn.com/b/exchangedev/archive/2015/01/21/building-demon-or-service-apps-with-office-365-mail-calendar-and-contacts-apis-oauth2-client-credential-flow.aspx
中提到的所有步骤
我正在尝试使用 ADAL java 库进行连接。
使用以下代码连接并获取邮件:
String authority = "https://login.windows.net/tenant-id/oauth2/authorize";
ExecutorService service = null;
service=Executors.newFixedThreadPool(1);
try {
AuthenticationContext authenticationContext = new AuthenticationContext(authority, false, service);
String certfile = "PfxFinal.pfx";
InputStream pkcs12Certificate=new FileInputStream(certfile);
String token = "";
AsymmetricKeyCredential credential = AsymmetricKeyCredential.create("clientid", pkcs12Certificate,"password");
System.out.println("X509 is fine!");
Future<AuthenticationResult> future=authenticationContext.acquireToken("https://outlook.office365.com", (AsymmetricKeyCredential)credential, null);// authenticationContext.acquireToken("https://outlook.office365.com", credential, null);
System.out.println("Token Received "+future.get().getAccessToken());
token=future.get().getAccessToken();
System.out.println(token);
URL url = new URL("https://outlook.office365.com/api/v1.0/me/folders/inbox/messages?$count=true&$filter=isread%20eq%20false");
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept","application/json");
//con.setRequestProperty("Authorization",token);
con.setRequestProperty("Authorization","Bearer "+token);
System.out.println("Bearer "+token);
if (con.getResponseCode() != 200) {
throw new RuntimeException("Failed : HTTP error code : "
+ con.getResponseCode());
}
BufferedReader br = new BufferedReader(new InputStreamReader(
(con.getInputStream())));
String output;
System.out.println("Output from Server .... \n");
while ((output = br.readLine()) != null) {
System.out.println(output);
}
con.disconnect();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
我已完全同意 tenant.Is 还有其他任何我必须做的事情才能解决此问题。
您在 Azure AD 中注册应用程序时配置了哪些 Exchange Online 权限?您应该有 Read mail in all mailboxes 或 Read and write mail in all mailboxes.
您正在寻址“/me”端点,对于 "app-only" 访问实际上没有任何意义,因为 "me" 表示邮箱并且访问令牌没有可用于确定的用户上下文"me" 试图访问什么邮箱。对于仅限应用程序的访问令牌,您必须使用用户 ('the mailbox e-mail address to access')。 "app-only" 表示没有邮箱或用户信息的应用程序标识。
如果您还有问题,请告诉我。
谢谢,
马蒂亚斯
此问题已解决,下面是完整的工作代码:
public class AccessToken {
public static void main(String[] args) {
String authority = "https://login.windows.net/xxxxxxxxxxxxx/oauth2/authorize";
ExecutorService service = null;
service=Executors.newFixedThreadPool(1);
try {
AuthenticationContext authenticationContext = new AuthenticationContext(authority, false, service);
String certfile = "pfx.pfx";
InputStream pkcs12Certificate=new FileInputStream(certfile);
String token = "";
AsymmetricKeyCredential credential = AsymmetricKeyCredential.create("id", pkcs12Certificate,"password");
System.out.println("X509 is fine!");
Future<AuthenticationResult> future=authenticationContext.acquireToken("https://outlook.office365.com", (AsymmetricKeyCredential)credential, null);
token=future.get().getAccessToken();
Long uuid = UUID.randomUUID().getMostSignificantBits();
URL url = new URL("https://outlook.office365.com/api/v1.0/users/email/folders/inbox/messages");
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept","application/json");
con.setRequestProperty("User-Agent","Testing/1.0 abc/1.1");
Date date = new Date();
SimpleDateFormat ft =
new SimpleDateFormat ("E, dd MM yyyy hh:mm:ss zzz");
System.out.println("Current Date: " + ft.format(date));
String dateString = ft.format(date);
con.setRequestProperty("Authorization","Bearer "+token);
if (con.getResponseCode() != 200) {
System.out.println(con.getHeaderFields());
throw new RuntimeException("Failed : HTTP error code : "
+ con.getResponseCode());
}
BufferedReader br = new BufferedReader(new InputStreamReader(
(con.getInputStream())));
String output;
System.out.println("Output from Server .... \n");
while ((output = br.readLine()) != null) {
System.out.println(output);
}
con.disconnect();
service.shutdown();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
我能够从 office 365 获得 json 响应。我测试的另一种方法是使用 Firefox 的 RestClient 插件,以及生成的访问令牌。
我正在尝试连接到 Office 365 以使用客户端凭据 flow.I 已执行 http://blogs.msdn.com/b/exchangedev/archive/2015/01/21/building-demon-or-service-apps-with-office-365-mail-calendar-and-contacts-apis-oauth2-client-credential-flow.aspx
中提到的所有步骤我正在尝试使用 ADAL java 库进行连接。
使用以下代码连接并获取邮件:
String authority = "https://login.windows.net/tenant-id/oauth2/authorize";
ExecutorService service = null;
service=Executors.newFixedThreadPool(1);
try {
AuthenticationContext authenticationContext = new AuthenticationContext(authority, false, service);
String certfile = "PfxFinal.pfx";
InputStream pkcs12Certificate=new FileInputStream(certfile);
String token = "";
AsymmetricKeyCredential credential = AsymmetricKeyCredential.create("clientid", pkcs12Certificate,"password");
System.out.println("X509 is fine!");
Future<AuthenticationResult> future=authenticationContext.acquireToken("https://outlook.office365.com", (AsymmetricKeyCredential)credential, null);// authenticationContext.acquireToken("https://outlook.office365.com", credential, null);
System.out.println("Token Received "+future.get().getAccessToken());
token=future.get().getAccessToken();
System.out.println(token);
URL url = new URL("https://outlook.office365.com/api/v1.0/me/folders/inbox/messages?$count=true&$filter=isread%20eq%20false");
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept","application/json");
//con.setRequestProperty("Authorization",token);
con.setRequestProperty("Authorization","Bearer "+token);
System.out.println("Bearer "+token);
if (con.getResponseCode() != 200) {
throw new RuntimeException("Failed : HTTP error code : "
+ con.getResponseCode());
}
BufferedReader br = new BufferedReader(new InputStreamReader(
(con.getInputStream())));
String output;
System.out.println("Output from Server .... \n");
while ((output = br.readLine()) != null) {
System.out.println(output);
}
con.disconnect();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
我已完全同意 tenant.Is 还有其他任何我必须做的事情才能解决此问题。
您在 Azure AD 中注册应用程序时配置了哪些 Exchange Online 权限?您应该有 Read mail in all mailboxes 或 Read and write mail in all mailboxes.
您正在寻址“/me”端点,对于 "app-only" 访问实际上没有任何意义,因为 "me" 表示邮箱并且访问令牌没有可用于确定的用户上下文"me" 试图访问什么邮箱。对于仅限应用程序的访问令牌,您必须使用用户 ('the mailbox e-mail address to access')。 "app-only" 表示没有邮箱或用户信息的应用程序标识。
如果您还有问题,请告诉我。
谢谢, 马蒂亚斯
此问题已解决,下面是完整的工作代码:
public class AccessToken { public static void main(String[] args) {
String authority = "https://login.windows.net/xxxxxxxxxxxxx/oauth2/authorize";
ExecutorService service = null;
service=Executors.newFixedThreadPool(1);
try {
AuthenticationContext authenticationContext = new AuthenticationContext(authority, false, service);
String certfile = "pfx.pfx";
InputStream pkcs12Certificate=new FileInputStream(certfile);
String token = "";
AsymmetricKeyCredential credential = AsymmetricKeyCredential.create("id", pkcs12Certificate,"password");
System.out.println("X509 is fine!");
Future<AuthenticationResult> future=authenticationContext.acquireToken("https://outlook.office365.com", (AsymmetricKeyCredential)credential, null);
token=future.get().getAccessToken();
Long uuid = UUID.randomUUID().getMostSignificantBits();
URL url = new URL("https://outlook.office365.com/api/v1.0/users/email/folders/inbox/messages");
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Accept","application/json");
con.setRequestProperty("User-Agent","Testing/1.0 abc/1.1");
Date date = new Date();
SimpleDateFormat ft =
new SimpleDateFormat ("E, dd MM yyyy hh:mm:ss zzz");
System.out.println("Current Date: " + ft.format(date));
String dateString = ft.format(date);
con.setRequestProperty("Authorization","Bearer "+token);
if (con.getResponseCode() != 200) {
System.out.println(con.getHeaderFields());
throw new RuntimeException("Failed : HTTP error code : "
+ con.getResponseCode());
}
BufferedReader br = new BufferedReader(new InputStreamReader(
(con.getInputStream())));
String output;
System.out.println("Output from Server .... \n");
while ((output = br.readLine()) != null) {
System.out.println(output);
}
con.disconnect();
service.shutdown();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} }
我能够从 office 365 获得 json 响应。我测试的另一种方法是使用 Firefox 的 RestClient 插件,以及生成的访问令牌。