我使用以下代码调用Microsoft Graph API:
private static void GraphAPICallTest()
{
try
{
string authority = "https://login.microsoftonline.com/common/oauth2/token";
string resrouce = "https://graph.microsoft.com";
string clientId = "{clientid}";
string userName = "userid@test.com";
string password = "{userpassword}";
UserPasswordCredential userPasswordCredential = new UserPasswordCredential(userName, password);
AuthenticationContext authContext = new AuthenticationContext(authority);
var result = authContext.AcquireTokenAsync(resrouce, clientId, userPasswordCredential).Result;
var graphserviceClient = new GraphServiceClient(
new DelegateAuthenticationProvider(
(requestMessage) =>
{
var access_token = authContext.AcquireTokenSilentAsync(resrouce, clientId).Result.AccessToken;
requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", access_token);
return Task.FromResult(0);
}));
var a = graphserviceClient.Me.Request().GetAsync().Result;
Console.WriteLine("Success");
}
catch (Exception ex)
{
Console.WriteLine($"Error: {ex}");
}
Console.ReadLine();
}
当我使用Azure AD中的任何用户时,此代码可以正常工作。但如果我使用人事帐户,则会出现以下错误。
ADSTS65001:用户或管理员未同意使用ID为' c15fd791-7a49-424b-a938-2a9464476277'命名为OneDriveWebAppTest'。发送此用户和资源的交互式授权请求。 跟踪ID:5f31be27-dfdd-410b-af41-e769b2573d00 相关ID:9c8c9f60-c56d-4845-a223-37f5232c6210 时间戳:2017-12-11 13:58:39Z
是的,错误是询问与该人员用户的同意。但即使在与该用户同意之后,该错误仍然存在。
不确定我是否遗漏了任何东西。