如何使用 System.Net.Http 从 OAuth 请求访问令牌? 401错误
How to request an access token from OAuth using System.Net.Http? 401 Error
上下文
我正在开发一个简单的应用程序,需要从公司的 Online SharePoint 站点接收列表数据。为了发出 REST 请求,我必须首先从 Microsoft 的访问控制服务中检索访问令牌。尽管尝试了一些教程并阅读了文档,但我是新手 REST/HTTP 我没有这样做。
我尝试了什么?
- 使用 SharePoint appregnew.aspx 注册我的应用程序,并生成“客户端 ID”和“客户端密码”值。 https://[站点名称].sharepoint.com/_layouts/15/appregnew.aspx
- 使用 Sharepoint appinv.aspx 授权我的应用程序读取控制并生成“租户 ID”。
https://[站点名称].sharepoint.com/_layouts/15/appinv.aspx
<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Read"/>
</AppPermissionRequests>
- 使用 SharePoint AppPrincipals.aspx 验证租户 ID。 https://[站点名称].sharepoint.com/_layouts/15/AppPrincipals.aspx
- 尝试了几种格式化请求的方法,最新的如下:
已更新
// Variables removed for security
class Program
{
static void Main(string[] args)
{
WebRequest myWebRequest;
string stGetAccessTokenUrl = "https://accounts.accesscontrol.windows.net/{0}/tokens/OAuth/2";
string tenantID = "myTenantID";
string resourceID = "00000003-0000-0ff1-ce00-000000000000";
string stClientID = "myClientID";
string stClientSecret = "myClientSecret";
string stSiteDomain = "[myCompany].sharepoint.com";
// URL Format
stGetAccessTokenUrl = string.Format(stGetAccessTokenUrl, tenantID);
myWebRequest = WebRequest.Create(stGetAccessTokenUrl);
myWebRequest.ContentType = "application/x-www-form-urlencoded";
myWebRequest.Method = "POST";
// Add the below body attributes to the request
var postData = "grant_type=client_credentials";
postData += "&client_id=" + stClientID + "@" + tenantID;
postData += "&client_secret=" + stClientSecret;
postData += "&resource=" + resourceID + "/" + stSiteDomain + "@" + tenantID;
var data = Encoding.ASCII.GetBytes(postData);
using (var stream = myWebRequest.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}
var response = (HttpWebResponse)myWebRequest.GetResponse();
}
}
什么不起作用?
尽管已为该应用分配了权限,但我仍收到 401 未授权错误。
如有任何帮助,我们将不胜感激!
#region Get Access Token using TenantID and App secret ID & Password
// URL Format
//https://accounts.accesscontrol.windows.net/tenant_ID/tokens/OAuth/2 Jump
stGetAccessTokenUrl = string.Format(stGetAccessTokenUrl, tenantID);
myWebRequest = WebRequest.Create(stGetAccessTokenUrl);
myWebRequest.ContentType = "application/x-www-form-urlencoded";
myWebRequest.Method = "POST";
// Add the below body attributes to the request
/*
* grant_type client_credentials client_credentials
client_id ClientID@TenantID
client_secret ClientSecret
resource resource/SiteDomain@TenantID resourceid/abc.sharepoint.com@tenantID
*/
var postData = "grant_type=client_credentials";
postData += "&client_id=" + stClientID +"@" +tenantID;
postData += "&client_secret=" + stClientSecret;
postData += "&resource=" + resourceID + "/" + stSiteDomain + "@" + tenantID;
var data = Encoding.ASCII.GetBytes(postData);
using (var stream = myWebRequest.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}
var response = (HttpWebResponse)myWebRequest.GetResponse();
var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
string[] stArrResponse = responseString.Split(',');
//get the access token and expiry time ,etc
foreach(var stValues in stArrResponse)
{
if(stValues.StartsWith("\"access_token\":"))
{
//Console.WriteLine(" Result => " + stValues);
accessToken = stValues.Substring(16);
//Console.WriteLine(" Result => " + accessToken);
accessToken = accessToken.Substring(0,accessToken.Length-2);
// Console.WriteLine(" Result => " + accessToken);
}
}
抱歉,我在解决问题时忘了 return 这个问题。在他自己的回答的评论中归功于“Michael Han”。
回答
默认情况下,为租户禁用 SharePoint app-only 权限。租户管理员必须首先 运行 PowerShell 中的以下 cmdlet:
Set-SPOTenant -DisableCustomAppAuthentication $false
此参数取代所有其他权限设置,必须首先配置。
上下文
我正在开发一个简单的应用程序,需要从公司的 Online SharePoint 站点接收列表数据。为了发出 REST 请求,我必须首先从 Microsoft 的访问控制服务中检索访问令牌。尽管尝试了一些教程并阅读了文档,但我是新手 REST/HTTP 我没有这样做。
我尝试了什么?
- 使用 SharePoint appregnew.aspx 注册我的应用程序,并生成“客户端 ID”和“客户端密码”值。 https://[站点名称].sharepoint.com/_layouts/15/appregnew.aspx
- 使用 Sharepoint appinv.aspx 授权我的应用程序读取控制并生成“租户 ID”。 https://[站点名称].sharepoint.com/_layouts/15/appinv.aspx
<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Read"/>
</AppPermissionRequests>
- 使用 SharePoint AppPrincipals.aspx 验证租户 ID。 https://[站点名称].sharepoint.com/_layouts/15/AppPrincipals.aspx
- 尝试了几种格式化请求的方法,最新的如下:
已更新
// Variables removed for security
class Program
{
static void Main(string[] args)
{
WebRequest myWebRequest;
string stGetAccessTokenUrl = "https://accounts.accesscontrol.windows.net/{0}/tokens/OAuth/2";
string tenantID = "myTenantID";
string resourceID = "00000003-0000-0ff1-ce00-000000000000";
string stClientID = "myClientID";
string stClientSecret = "myClientSecret";
string stSiteDomain = "[myCompany].sharepoint.com";
// URL Format
stGetAccessTokenUrl = string.Format(stGetAccessTokenUrl, tenantID);
myWebRequest = WebRequest.Create(stGetAccessTokenUrl);
myWebRequest.ContentType = "application/x-www-form-urlencoded";
myWebRequest.Method = "POST";
// Add the below body attributes to the request
var postData = "grant_type=client_credentials";
postData += "&client_id=" + stClientID + "@" + tenantID;
postData += "&client_secret=" + stClientSecret;
postData += "&resource=" + resourceID + "/" + stSiteDomain + "@" + tenantID;
var data = Encoding.ASCII.GetBytes(postData);
using (var stream = myWebRequest.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}
var response = (HttpWebResponse)myWebRequest.GetResponse();
}
}
什么不起作用?
尽管已为该应用分配了权限,但我仍收到 401 未授权错误。
如有任何帮助,我们将不胜感激!
#region Get Access Token using TenantID and App secret ID & Password
// URL Format
//https://accounts.accesscontrol.windows.net/tenant_ID/tokens/OAuth/2 Jump
stGetAccessTokenUrl = string.Format(stGetAccessTokenUrl, tenantID);
myWebRequest = WebRequest.Create(stGetAccessTokenUrl);
myWebRequest.ContentType = "application/x-www-form-urlencoded";
myWebRequest.Method = "POST";
// Add the below body attributes to the request
/*
* grant_type client_credentials client_credentials
client_id ClientID@TenantID
client_secret ClientSecret
resource resource/SiteDomain@TenantID resourceid/abc.sharepoint.com@tenantID
*/
var postData = "grant_type=client_credentials";
postData += "&client_id=" + stClientID +"@" +tenantID;
postData += "&client_secret=" + stClientSecret;
postData += "&resource=" + resourceID + "/" + stSiteDomain + "@" + tenantID;
var data = Encoding.ASCII.GetBytes(postData);
using (var stream = myWebRequest.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}
var response = (HttpWebResponse)myWebRequest.GetResponse();
var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
string[] stArrResponse = responseString.Split(',');
//get the access token and expiry time ,etc
foreach(var stValues in stArrResponse)
{
if(stValues.StartsWith("\"access_token\":"))
{
//Console.WriteLine(" Result => " + stValues);
accessToken = stValues.Substring(16);
//Console.WriteLine(" Result => " + accessToken);
accessToken = accessToken.Substring(0,accessToken.Length-2);
// Console.WriteLine(" Result => " + accessToken);
}
}
抱歉,我在解决问题时忘了 return 这个问题。在他自己的回答的评论中归功于“Michael Han”。
回答
默认情况下,为租户禁用 SharePoint app-only 权限。租户管理员必须首先 运行 PowerShell 中的以下 cmdlet:
Set-SPOTenant -DisableCustomAppAuthentication $false
此参数取代所有其他权限设置,必须首先配置。