如何创建/读取日历和事件Azure活动目录[Microsoft.Graph]

时间:2018-11-06 17:10:48

标签: c# azure active-directory office365 microsoft-graph

我们想与Office 365日历进行交互,此刻我们正在调用Microsoft Graph,但得到了401(未授权)。

我们正在使用Microsoft.Graph库,典型的get用户(graphServiceClient.Users.Request()。GetAsync())可以正常工作,但是创建Calendar或Event无效。 (也不是GraphServiceClient.Me。[...]。Request()。GetAsync()起作用)。

我们正在手动尝试此调用,但找不到通过该库进行操作的方法。

What is a "surrogate pair" in Java?

这就是我们获取令牌的方式(我们使用客户端身份验证而不是用户身份验证)。

call to Microsoft Graph Calendar

很遗憾,我们将所有权限授予了该应用,但仍然获得401

How we get the token

使用jwt.io分析的令牌:

{
      "aud": "https://graph.microsoft.com",
      "iss": "https://sts.windows.net/11111111-24c0-480b-8ae3-a3ac34592a1a/",
      "iat": 1541581025,
      "nbf": 1541581025,
      "exp": 1541584925,
      "aio": "11111111111/AAAAA+115sO7D/yAwA=",
      "app_displayname": "CalendarCrawler",
      "appid": "11111111-efc2-4b9d-ae48-a04977183bd1",
      "appidacr": "1",
      "e_exp": 262800,
      "idp": "https://sts.windows.net/11111111-24c0-480b-8ae3-a3ac34592a1a/",
      "oid": "11111111-15f2-479c-9485-7cb9b5cce691",
      "roles": [
        "Chat.UpdatePolicyViolation.All",
        "Calls.JoinGroupCall.All",
        "EduRoster.Read.All",
        "OnlineMeetings.Read.All",
        "Mail.ReadWrite",
        "OnlineMeetings.ReadWrite.All",
        "Device.ReadWrite.All",
        "User.ReadWrite.All",
        "Domain.ReadWrite.All",
        "Application.ReadWrite.OwnedBy",
        "SecurityEvents.Read.All",
        "Calendars.Read",
        "EduAssignments.ReadWrite.All",
        "People.Read.All",
        "Application.ReadWrite.All",
        "Calls.InitiateGroupCall.All",
        "Group.Read.All",
        "Directory.ReadWrite.All",
        "EduAssignments.ReadWriteBasic.All",
        "MailboxSettings.Read",
        "EduAdministration.Read.All",
        "Calls.JoinGroupCallAsGuest.All",
        "Sites.Read.All",
        "Sites.ReadWrite.All",
        "Contacts.ReadWrite",
        "Group.ReadWrite.All",
        "Sites.Manage.All",
        "SecurityEvents.ReadWrite.All",
        "Notes.Read.All",
        "User.Invite.All",
        "EduRoster.ReadWrite.All",
        "Files.ReadWrite.All",
        "Directory.Read.All",
        "User.Read.All",
        "EduAssignments.ReadBasic.All",
        "EduRoster.ReadBasic.All",
        "Files.Read.All",
        "Mail.Read",
        "Chat.Read.All",
        "ChannelMessage.Read.All",
        "EduAssignments.Read.All",
        "Calendars.ReadWrite",
        "identityriskyuser.read.all",
        "EduAdministration.ReadWrite.All",
        "Mail.Send",
        "ChannelMessage.UpdatePolicyViolation.All",
        "MailboxSettings.ReadWrite",
        "Contacts.Read",
        "IdentityRiskEvent.Read.All",
        "AuditLog.Read.All",
        "Member.Read.Hidden",
        "Calls.AccessMedia.All",
        "Sites.FullControl.All",
        "Reports.Read.All",
        "Calls.Initiate.All",
        "Notes.ReadWrite.All"
      ],
      "sub": "11111111-15f2-479c-9485-7cb9b5cce691",
      "tid": "11111111-24c0-480b-8ae3-a3ac34592a1a",
      "uti": "CFOL_8eguUS2aGh5-jgOAA",
      "ver": "1.0",
      "xms_tcdt": 1541410090
    }

有什么建议吗?

预先感谢

[编辑] 我们已经做了另一个更清楚的问题,请关注enter image description here

2 个答案:

答案 0 :(得分:0)

我会尝试从Graph Explorer in Developer portal进行呼叫,以检查问题是否为“ AD权限”。如果成功,则问题不是AD权限而是令牌创建。

Image

https://i.imgur.com/paXK3Hz.png

更多信息https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_post_events

答案 1 :(得分:0)

基于相关的API,例如Post events API,我们知道需要Calendars.ReadWrite权限。但是它还需要征得管理员的同意,所以请不要忘记“授予权限”。如果您使用的是管理员帐户,则可以这样做。

enter image description here

  

我们正在手动尝试此调用,但找不到通过该库进行操作的方法。

以下代码是演示如何通过库获取/创建日历和创建事件的示例。

  

注意:该用户必须是 office365帐户,否则将获得ResourceNotFound例外。

string graphResourceId = "https://graph.microsoft.com/";
string authority = "https://login.microsoftonline.com/{0}";
string tenantId = "tenantId";
var accessToken = authContext.AcquireTokenAsync(graphResourceId, new ClientCredential(clientId,secret)).Result.AccessToken;
AuthenticationContext authContext = new AuthenticationContext(authority);
var graphserviceClient = new GraphServiceClient(
                new DelegateAuthenticationProvider(
                    requestMessage =>
                    {
                        requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", accessToken);

                        return Task.FromResult(0);
                    }));

//get calendars
var calendars = graphserviceClient.Users["userObjectId"].Calendars.Request().GetAsync().Result
//new calendar
var calendar = graphserviceClient.Users["userObjectId"].Calendars.Request().AddAsync(
            new Calendar {
               Name = "name"
            }).Result

//new event
var cal = graphserviceClient.Users["userObjectId"].Events.Request().AddAsync(
            new Event {
                Subject = "test",
                Start = new DateTimeTimeZone {DateTime = "2018-11-07T00:56:52.584Z",TimeZone = "UTC" },
                End = new DateTimeTimeZone { DateTime = "2018-11-07T01:56:52.584Z", TimeZone = "UTC" }

            }).Result;
相关问题
最新问题