我们一直在尝试使用带令牌的CSOM/REST身份验证承载头请求向Sharepoint发出请求。它与下面这个问题:JWT CSOM/REST Azure Active Directory
C# CSOM Sharepoint Bearer request from azure active directory
只有一个链接/例如,工程所有其他包括Android ADAL方法不起作用。
https://samlman.wordpress.com/2015/02/27/using-adal-access-tokens-with-o365-rest-apis-and-csom/
他们似乎并不长返回一个道理,当我们看看JWT解析器的道理,我们可以看到,SCP值是不同的,失败的人有user_impersonate,但工作人员有AllSites.Manage AllSites.Read AllSites.Write MyFiles.Read MyFiles.Write。 aud url也是不同的,是这些问题中的一个还是两个,以及如何使它工作?
这是失败的:
{
"aud": "https://srmukdev.onmicrosoft.com/3Squared-Api-Test",
"iss": "...",
"iat": ...,
"nbf": ...,
"exp": ..,
"acr": "...",
"aio": "...",
"amr": [
"pwd",
"mfa"
],
"appid": "...",
"appidacr": "0",
"e_exp": ...,
"family_name": "...",
"given_name": "...",
"ipaddr": "...",
"name": "...",
"oid": "...",
"onprem_sid": "...",
"platf": "3",
"scp": "user_impersonation",
"sub": "...",
"tid": "...",
"unique_name": "...",
"upn": "...",
"ver": "1.0"
}
这是工作的那些:
{
"aud": "https://srmukdev.sharepoint.com/",
"iss": "...",
"iat": ...,
"nbf": ...,
"exp": ...,
"acr": "...",
"aio": "...",
"amr": [
"pwd",
"mfa"
],
"app_displayname": "...",
"appid": "...",
"appidacr": "0",
"e_exp": ...,
"family_name": "...",
"given_name": "...",
"ipaddr": "...",
"name": "...",
"oid": "...",
"onprem_sid": "...",
"platf": "3",
"puid": "...",
"scp": "AllSites.Manage AllSites.Read AllSites.Write MyFiles.Read MyFiles.Write",
"sub": "...",
"tid": "...",
"unique_name": "...",
"upn": "...",
"ver": "1.0"
}
嗨薛飞,是的,这是问题,资源名称是什么需要改变。我现在可以使用不记名令牌获得访问权限,似乎无法使用GetUserProfilePropertiesFor方法获取用户用户配置文件属性,但会引发另一个问题。非常感谢 – Andrew