我们使用Microsoft.Graph dll(v。1.20.0)。在全局环境中使用时,一切正常。现在,我尝试在德语环境中进行相同的调用,但每个调用均以以下异常结束:[代码:InvalidAuthenticationToken,消息:访问令牌验证失败]。我已经尝试了以下端点:我,域,订阅。
在我这一边,只有设备的身份验证网址和graphApi网址已更改。我通过https://login.microsoftonline.de/上的设备身份验证进行授权。然后从https://graph.microsoft.de获取承载令牌。我授权的用户是subscriptionId的管理员(请参见下面的代码)
代码是这样的:
var http = new Microsoft.Graph.HttpProvider();
var credentials = new Microsoft.Azure.TokenCloudCredentials(subscriptionId, accessToken);
Microsoft.Graph.IAuthenticationProvider provider = new AuthenticationProvider(credentials);
var graphClient = new GraphServiceClient(provider, http);
var me = await graphClient.Me.Request().GetAsync(); // ERROR
在我看来,错误与无效令牌无关。我读到一些德语云尚不支持API端点。也许这就是原因...
有什么想法可以尝试吗?
谢谢。
已解码(盲目)的令牌:
{
"typ": "JWT",
"nonce": "4GrWG3nKdEoekxxxxxxxxxxxpyXQ5yky7_HTAg",
"alg": "RS256",
"x5t": "J1XZUkznV-JEe-xxxxxxxxxxxxx",
"kid": "J1XZUkznV-JEe-xxxxxxxxxxxxx"
}.{
"aud": "https://graph.microsoft.de",
"iss": "https://sts.microsoftonline.de/146e589e-f5c2-4dd2-95dd-a94c3ffa00f8/",
"iat": 1575010843,
"nbf": 1575010843,
"exp": 1575014743,
"acr": "1",
"aio": "ASQA2/8FAAAApfed4j4xxxxxxxxxxxxxxxxxxMd4v7aEsASSm8LxIElw=",
"amr": [
"pwd"
],
"app_displayname": "Microsoft Azure CLI",
"appid": "04b07795-xxxx-xxxx-xxxx-02f9e1bf7b46",
"appidacr": "0",
"ipaddr": "XX.XX.XX.XX",
"name": "Chuck Norris",
"oid": "bc7a9fcf-xxxx-xxxx-xxxx-557ce18e4fd6",
"platf": "14",
"puid": "10032XXXXXXXXXD1DB9",
"scp": "AuditLog.Read.All Directory.AccessAsUser.All Group.ReadWrite.All User.ReadWrite.All",
"signin_state": [
"kmsi"
],
"sub": "hq-v5yL38qnRxxxxxxxxxxxxufB-I-17BNqy-Rp0",
"tid": "146e589e-xxxx-xxxx-xxxx-a94c3ffa00f8",
"unique_name": "chuck@norris.onmicrosoft.de",
"upn": "chuck@norris.onmicrosoft.de",
"uti": "CgOXXXXXX2k-XXXXXXXXXXX",
"ver": "1.0",
"xms_tcdt": 1495192142
}.[Signature]
答案 0 :(得分:0)
答案很简单,我的错。令牌可以,应该来自德国云。问题在于GraphServiceClient使用默认的baseUrl(https://graph.microsoft。 COM /v1.0),并且未与德国云https://graph.microsoft。 DE /v1.0。