使用msgraph-sdk-javascript与office-js-helpers身份验证器的令牌错误

Question

我有一个使用React + TypeScript的Outlook加载项，使用Node.js进行本地调试。我使用office-js-helpers库进行身份验证和msgraph-sdk-javascript Graph客户端库。作为POC，我只是通过其ID来检查当前电子邮件的详细信息，只是尝试验证我是否可以成功调用Graph。我可以成功使用office-js-helpers Authenticator来授权应用程序，并成功检索令牌。

但是，当我使用Graph客户端拨打v1/me/messages/{ID}时，我得到：

  

＆＃34; 401 InvalidAuthenticationToken：访问令牌验证失败＆＃34;

我不确定这是我使用身份验证器的方式有问题，还是我的插件或应用程序清单出现问题。我的加载项将这些用于AppDomains：

<AppDomains>
  <AppDomain>https://localhost:3000</AppDomain>
  <AppDomain>https://login.microsoftonline.com</AppDomain>
</AppDomains>

我使用https://localhost:3000作为我应用的重定向URI，启用了隐式身份验证。

如果我使用force选项和authenticate方法，我也会收到此错误：

  

无法执行＆＃39; postMessage＆＃39;在＆＃39; DOMWindow＆＃39;：提供的目标来源（＆＃39; https://login.microsoftonline.com＆＃39;）与收件人窗口的来源不匹配（＆＃39; https://localhost:3000 ＆＃39）。

但是，我能够检索一个令牌。

我做错了什么？在何时使用authenticator.tokens.get和authenticator.authenticate方面，我不确定身份验证器的流程。对于第一次运行，我假设总是进行身份验证而不需要使用tokens.get，对于第二次运行，我假设只使用tokens.ge t，但是如果我尝试其中任何一种或者总是两者都没有使用import * as React from "react"; import { Button, ButtonType, TextField } from "office-ui-fabric-react"; import { Authenticator, Utilities, DefaultEndpoints } from "@microsoft/office-js-helpers"; import * as Graph from "@microsoft/microsoft-graph-client"; export default class GetItemOJSHelpers extends React.Component<any, any> { constructor(props) { super(props); this.getEmail = this.getEmail.bind(this); this.callGraph = this.callGraph.bind(this); this.getItemRestId = this.getItemRestId.bind(this); this.state = { graphResponse: "", accessToken: "" }; console.log("====GetItemOJSHelpers loaded"); } getEmail() { console.log("====getEmail(): Entered "); //debugger; // Get the access token and create a Microsoft Graph client let authenticator = new Authenticator(); // register Microsoft (Azure AD 2.0 Converged auth) endpoint authenticator.endpoints.registerMicrosoftAuth("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", { redirectUrl: "https://localhost:3000/index.html", scope: "Mail.ReadWrite User.Read User.ReadBasic.All" }); console.log("====getEmail(): Getting token"); let authObject = authenticator.tokens.get("Microsoft"); let accessToken = authObject.access_token; if (accessToken !== null) { console.log(`====getEmail(): Current cached token: ${accessToken}`); this.callGraph(accessToken); return; } else { // for the default Microsoft endpoint //If the user, rejects the grant to the application then you will receive an error in the catch function. authenticator .authenticate(DefaultEndpoints.Microsoft) .then(function(token) { /* Microsoft Token */ console.log(`====getEmail(): Authenticated; auth token: ${token.access_token}`); accessToken = token.access_token; }) .catch(function(error) { //debugger; console.log("====getEmail(): authenticate error"); Utilities.log(error); throw new Error("Failed to login using your Office 365 Account"); }); } console.log(`====getEmail(): Current token: ${accessToken}`); this.callGraph(accessToken); } callGraph(token) { // Get the item's REST ID let itemId = this.getItemRestId(); console.log(`====callGraph(): itemId ${itemId}`); const client = Graph.Client.init({ authProvider: done => { done(null, token); //first parameter takes an error if you can't get an access token }, debugLogging: true }); client .api("me/messages/" + itemId) .version("v1.0") .get() .then(function(item) { //debugger; console.log("Email " + item.Subject + " retrieved!!!"); }) .then(function() { console.log("====callGraph(): complete"); //debugger; }) .catch(err => { //debugger; //403 Forbidden! code: "ErrorAccessDenied", message: "Access is denied. Check credentials and try again." //Also 401 InvalidAuthenticationToken: Access token validation failure. console.log(`====callGraph(): error! ${err.statusCode}:'${err.code}': ${err.message}`); }); } getItemRestId() { if (Office.context.mailbox.diagnostics.hostName === "OutlookIOS") { // itemId is already REST-formatted return Office.context.mailbox.item.itemId; } else { // Convert to an item ID for API v2.0 return Office.context.mailbox.convertToRestId( Office.context.mailbox.item.itemId, Office.MailboxEnums.RestVersion.v2_0 ); } } render() { return ( <div> <Button id="getEmailButton" className="ms-welcome__action ms-bgColor-red" buttonType={ButtonType.primary} onClick={this.getEmail} > Call Graph </Button> <div> <h3> Access Token </h3> <TextField id="accessToken" /> </div> <div> <h3>Graph API Call Response</h3> <TextField id="graphResponse" /> </div> </div> ); } } t似乎改变了无效令牌的结果。

const result = Object.entries(b).reduce((a, b) => a[1] > b[1] ? a : b)[0]