无法使用 GraphServiceClient 创建具有应用程序身份的在线会议
Fail to create online meeting with application identity with GraphServiceClient
我正在使用来自 Azure AD 的应用程序身份并授予读写权限,我还 运行 Grant-CsApplicationAccessPolicy 以便应用程序身份有权代表创建在线会议来自 Azure AD 的真实用户身份
我知道我的设置适用于从图中获取用户 api。但是,在 运行 执行以下操作后出现错误:
var confidentialClient = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithAuthority($"https://login.microsoftonline.com/{tenantId}/v2.0")
.WithClientSecret(clientSecret)
.Build();
GraphServiceClient graphServiceClient =
new GraphServiceClient("https://graph.microsoft.com/beta", new DelegateAuthenticationProvider(async (requestMessage) =>
{
var authResult = await confidentialClient
.AcquireTokenForClient(scopes)
.ExecuteAsync();
requestMessage.Headers.Authorization =
new AuthenticationHeaderValue("Bearer", authResult.AccessToken);
})
);
var onlineMeeting = new OnlineMeeting
{
StartDateTime = DateTimeOffset.Parse("2020-12-25T21:30:34.2444915+00:00"),
EndDateTime = DateTimeOffset.Parse("2020-12-25T22:00:34.2464912+00:00"),
Subject = "User Token Meeting 1"
};
var meetingInstance = await graphServiceClient.Me.OnlineMeetings
.Request()
.AddAsync(onlineMeeting);
报错信息如下,为什么会说AAD中按用户id查找用户失败?
状态:未找到 (404)
OperationId:8d06ff01-1dc3-49d1-9ced-9db6a919b162
ClientCorrelationId:53b4478e-ba86-48ca-bb5b-25e5ef50c187
服务器错误:在 AAD 中按用户 ID 查找用户失败。
客户端异常:处理 HTTP 请求导致异常。详情请查看此异常'Response'属性返回的HTTP响应。
内部错误:
额外数据:
日期:2020-12-16T21:08:31
request-id:d60858cf-5ef5-4a0d-8d67-181f80ed6c35
客户端-request-id:d60858cf-5ef5-4a0d-8d67-181f80ed6c35
ClientRequestId: d60858cf-5ef5-4a0d-8d67-181f80ed6c35
at Microsoft.Graph.HttpProvider.SendAsync(HttpRequestMessage 请求,HttpCompletionOption completionOption,CancellationToken cancellationToken)
在 Microsoft.Graph.BaseRequest.SendRequestAsync(Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)
在 Microsoft.Graph.BaseRequest.SendAsync[T](Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)
在 MSTeam.Program.Main(String[] args) 在 D:\VSTS\msteam\MSTeam\MSTeam\Program.cs:line 62
开发是正确的。
基于此document:
Request when using an application token: POST /users/{userId}/onlineMeetings.
所以你应该在这里使用graphServiceClient.Users["{userId}"].OnlineMeetings而不是graphServiceClient.Me.OnlineMeetings。
userId是用户的对象ID。当您Configure application access policy时,您需要将策略授予用户:
Grant-CsApplicationAccessPolicy -PolicyName Test-policy -Identity "ddb80e06-92f3-4978-bc22-a0eee85e6a9e"
ddb80e06-92f3-4978-bc22-a0eee85e6a9e 正是 userId.
我的代码供您参考:
// Configure the MSAL client as a confidential client
var confidentialClient = ConfidentialClientApplicationBuilder
.Create("{client_id}")
.WithTenantId("{tenant_id}")
.WithClientSecret("{client_secret}")
.Build();
ClientCredentialProvider authProvider = new ClientCredentialProvider(confidentialClient);
GraphServiceClient graphServiceClient = new GraphServiceClient(authProvider);
var onlineMeeting = new OnlineMeeting
{
StartDateTime = DateTimeOffset.Parse("2021-01-12T21:30:34.2444915+00:00"),
EndDateTime = DateTimeOffset.Parse("2021-01-12T22:00:34.2464912+00:00"),
Subject = "User Token Meeting123"
};
var meeting = await graphServiceClient.Users["{userId}"].OnlineMeetings
.Request()
.AddAsync(onlineMeeting);
我正在使用来自 Azure AD 的应用程序身份并授予读写权限,我还 运行 Grant-CsApplicationAccessPolicy 以便应用程序身份有权代表创建在线会议来自 Azure AD 的真实用户身份
我知道我的设置适用于从图中获取用户 api。但是,在 运行 执行以下操作后出现错误:
var confidentialClient = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithAuthority($"https://login.microsoftonline.com/{tenantId}/v2.0")
.WithClientSecret(clientSecret)
.Build();
GraphServiceClient graphServiceClient =
new GraphServiceClient("https://graph.microsoft.com/beta", new DelegateAuthenticationProvider(async (requestMessage) =>
{
var authResult = await confidentialClient
.AcquireTokenForClient(scopes)
.ExecuteAsync();
requestMessage.Headers.Authorization =
new AuthenticationHeaderValue("Bearer", authResult.AccessToken);
})
);
var onlineMeeting = new OnlineMeeting
{
StartDateTime = DateTimeOffset.Parse("2020-12-25T21:30:34.2444915+00:00"),
EndDateTime = DateTimeOffset.Parse("2020-12-25T22:00:34.2464912+00:00"),
Subject = "User Token Meeting 1"
};
var meetingInstance = await graphServiceClient.Me.OnlineMeetings
.Request()
.AddAsync(onlineMeeting);
报错信息如下,为什么会说AAD中按用户id查找用户失败?
状态:未找到 (404) OperationId:8d06ff01-1dc3-49d1-9ced-9db6a919b162
ClientCorrelationId:53b4478e-ba86-48ca-bb5b-25e5ef50c187
服务器错误:在 AAD 中按用户 ID 查找用户失败。
客户端异常:处理 HTTP 请求导致异常。详情请查看此异常'Response'属性返回的HTTP响应。
内部错误:
额外数据:
日期:2020-12-16T21:08:31
request-id:d60858cf-5ef5-4a0d-8d67-181f80ed6c35
客户端-request-id:d60858cf-5ef5-4a0d-8d67-181f80ed6c35
ClientRequestId: d60858cf-5ef5-4a0d-8d67-181f80ed6c35
at Microsoft.Graph.HttpProvider.SendAsync(HttpRequestMessage 请求,HttpCompletionOption completionOption,CancellationToken cancellationToken) 在 Microsoft.Graph.BaseRequest.SendRequestAsync(Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption) 在 Microsoft.Graph.BaseRequest.SendAsync[T](Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption) 在 MSTeam.Program.Main(String[] args) 在 D:\VSTS\msteam\MSTeam\MSTeam\Program.cs:line 62
开发是正确的。
基于此document:
Request when using an application token:
POST /users/{userId}/onlineMeetings.
所以你应该在这里使用graphServiceClient.Users["{userId}"].OnlineMeetings而不是graphServiceClient.Me.OnlineMeetings。
userId是用户的对象ID。当您Configure application access policy时,您需要将策略授予用户:
Grant-CsApplicationAccessPolicy -PolicyName Test-policy -Identity "ddb80e06-92f3-4978-bc22-a0eee85e6a9e"
ddb80e06-92f3-4978-bc22-a0eee85e6a9e 正是 userId.
我的代码供您参考:
// Configure the MSAL client as a confidential client
var confidentialClient = ConfidentialClientApplicationBuilder
.Create("{client_id}")
.WithTenantId("{tenant_id}")
.WithClientSecret("{client_secret}")
.Build();
ClientCredentialProvider authProvider = new ClientCredentialProvider(confidentialClient);
GraphServiceClient graphServiceClient = new GraphServiceClient(authProvider);
var onlineMeeting = new OnlineMeeting
{
StartDateTime = DateTimeOffset.Parse("2021-01-12T21:30:34.2444915+00:00"),
EndDateTime = DateTimeOffset.Parse("2021-01-12T22:00:34.2464912+00:00"),
Subject = "User Token Meeting123"
};
var meeting = await graphServiceClient.Users["{userId}"].OnlineMeetings
.Request()
.AddAsync(onlineMeeting);