Microsoft Graph API访问令牌验证失败(java)

时间:2017-07-26 17:16:17

标签: java azure adal adal4j

我正在尝试设置一个本机java应用程序,它将利用MS Graph的API在使用ADAL4j进行身份验证后访问用户OneDrive。我正在使用this库来获取我的访问令牌。到目前为止,我有这段代码:

import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;

import javax.naming.ServiceUnavailableException;

import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.AuthenticationResult;

public class Get {

    private final static String AUTHORITY = "https://login.windows.net/common/oauth2/v2.0/authorize";
    private final static String CLIENT_ID = "29275...011a";
    private final static String RESOURCE = "https://graph.windows.net";


    public static void main(String[] args) throws Exception {

        try (BufferedReader br = new BufferedReader(new InputStreamReader(
            System.in))) {
            System.out.print("Enter username: ");
            String username = br.readLine();
            System.out.print("Enter password: ");
            String password = br.readLine();

            AuthenticationResult result = getAccessTokenFromUserCredentials(
                username, password);
            System.out.println("Access Token - " + result.getAccessToken());
            System.out.println("Refresh Token - " + result.getRefreshToken());
            System.out.println("ID Token - " + result.getIdToken());
            System.out.println("Expires in - " + result.getExpiresAfter());
        }
    }

    private static AuthenticationResult getAccessTokenFromUserCredentials(
        String username, String password) throws Exception {
        AuthenticationContext context = null;
        AuthenticationResult result = null;
        ExecutorService service = null;
        try {
            service = Executors.newFixedThreadPool(1);
            context = new AuthenticationContext(AUTHORITY, false, service);
            Future<AuthenticationResult> future = context.acquireToken(RESOURCE, CLIENT_ID, username, password, null);
            result = future.get();
        } finally {
            service.shutdown();
        }

        if (result == null) {
            throw new ServiceUnavailableException(
                "authentication result was null");
        }
        return result;
    }

}

当我运行它时,我输入帐户凭据,然后打印访问令牌,刷新令牌,ID令牌和及时到期。然后我使用chromes&#34; Advanced Rest Client&#34;附加组件以测试身份验证令牌(下面的屏幕截图)。

screenshot

然后我得到屏幕截图底部显示的访问令牌验证错误。我不明白令牌不起作用的原因。我在Azure AD中注册的应用程序上设置了权限,并且用户已经授予该应用程序的权限。我唯一能想到的是可能没有指定范围,但我不确定这是什么问题。如果是我如何指定它们?

1 个答案:

答案 0 :(得分:2)

我发现了这个问题。

错误的资源URI。 Azure AD Graph API为https://graph.windows.net

Microsoft Graph API资源URI为https://graph.microsoft.com/

相关问题
最新问题