Question

我目前正在使用python开发一个应用程序，该应用程序将显示azure活动目录用户及其组，因此，我当然需要弄清楚如何通过执行一个http请求来获取此数据，我在其他答案中发现这样应该可以工作：

https://graph.microsoft.com/v1.0/groups/?$expand=members

因此，我尝试了上述方法之一，但对我却不起作用（我也尝试通过将API版本更改为beta，但问题仍然存在），我做了这样的事情：

app.py文件

import adal
import flask #web framework
import uuid
import requests

import config

app = flask.Flask(__name__)
app.debug = True
app.secret_key = 'development'

PORT = 5000  # A flask app by default runs on PORT 5000
AUTHORITY_URL = config.AUTHORITY_HOST_URL + '/' + config.TENANT
REDIRECT_URI = 'http://localhost:{}/getAToken'.format(PORT)
TEMPLATE_AUTHZ_URL = ('https://login.microsoftonline.com/{}/oauth2/authorize?' +
                      'response_type=code&client_id={}&redirect_uri={}&' +
                      'state={}&resource={}')


@app.route("/")
def main():
    login_url = 'http://localhost:{}/login'.format(PORT)
    resp = flask.Response(status=307)
    resp.headers['location'] = login_url
    return resp


@app.route("/login")
def login():
    auth_state = str(uuid.uuid4())
    flask.session['state'] = auth_state
    authorization_url = TEMPLATE_AUTHZ_URL.format(
        config.TENANT,
        config.CLIENT_ID,
        REDIRECT_URI,
        auth_state,
        config.RESOURCE)
    resp = flask.Response(status=307)
    resp.headers['location'] = authorization_url
    return resp


@app.route("/getAToken")
def main_logic():
    code = flask.request.args['code']
    state = flask.request.args['state']
    if state != flask.session['state']:
        raise ValueError("State does not match")
    auth_context = adal.AuthenticationContext(AUTHORITY_URL)
    token_response = auth_context.acquire_token_with_authorization_code(code, REDIRECT_URI, config.RESOURCE,
                                                                        config.CLIENT_ID, config.CLIENT_SECRET)
    # It is recommended to save this to a database when using a production app.
    flask.session['access_token'] = token_response['accessToken']

    return flask.redirect('/graphcall')


@app.route('/graphcall')
def graphcall():
    if 'access_token' not in flask.session:
        return flask.redirect(flask.url_for('login'))
    endpoint = config.RESOURCE + '/' + config.API_VERSION + 'groups/?$expand=members/' #https://graph.microsoft.com/v1.0/groups/
    http_headers = {'Authorization': flask.session.get('access_token'),
                    'User-Agent': 'adal-python-sample',
                    'Accept': 'application/json',
                    'Content-Type': 'application/json',
                    'client-request-id': str(uuid.uuid4())}
    graph_data = requests.get(endpoint, headers=http_headers, stream=False).json()
    return flask.render_template('homePage.html', graph_data=graph_data)


if __name__ == "__main__":
    app.run()

config.py文件：

RESOURCE = "https://graph.microsoft.com"  # Add the resource you want the access token for
TENANT = "joanperez5hotmail.onmicrosoft.com";
AUTHORITY_HOST_URL = "https://login.microsoftonline.com"
CLIENT_ID = "my-client-id";
CLIENT_SECRET = "my-client-secret";

# These settings are for the Microsoft Graph API Call
API_VERSION = 'v1.0'

重新获得以下错误：

error   {'code': 'BadRequest', 'message': 'Invalid request.', 'innerError': {'request-id': 'c47512f1-10c2-4a1b-aee9-6e28e5585122', 'date': '2018-07-27T20:28:08'}}

提前谢谢！

Answer 1

我认为您在使用API版本后只缺少斜线。

 endpoint = config.RESOURCE + '/' + config.API_VERSION + '/groups/?$expand=members/'

使用Microsoft graph在一个请求中列出所有用户及其组

1 个答案: