我想将Outlook联系人添加到我的离子/角度Web应用程序中。我正在尝试使用隐式流获取Microsoft API的访问令牌,以便访问用户的联系人。到目前为止,我已经尝试了以下方法:
"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?"
+"client_id={CLIENT_ID_HERE}"
+"&response_type=token"
+"&redirect_uri=http%3A%2F%2Flocalhost%3A8100%2F"
+"&scope=offline_access openid contacts.read contacts.read.shared user.read"
+"&nonce=89289"//tried both with and without this
+"&response_mode=fragment";
我在重定向URL中获得一个访问令牌,但是它实际上是无效的,例如:
EwBoA8l6BAAUO9chh8cJscQLmU%2bLSWpbnr0vmwwAASwN7zn/GFDP4wdOkrbA8xsurg0RceNlSsJiBj8uqZkK2E%2bmWTXjrj89FuiSlBcKqAe6dyuEbTOn8YBu3xApWaBKZjuP5lJZnAnWZX80Il7VtWMh2UuK/s4qxOZRYcgJEhwe8iTrPOGofm5Z3oU2o1MzGpSa6qaR1AleeKF9q0hZoV99BKLfRUOueK7LRwpnF4mGjLjTevNCUDGIo1N38FPH5bFPhSfAOVDSV%2bw7ZZO6NAS5Vo6HdgbPWC3Eml9Ix4twyzpgf7e4Q0l3oi%2b23iPtTvyNV16cEtt9jehdZ1TjSLdMj92Yc7e18Y%2bwV1SGav1qZ2Lyd/e3xNDmZz1P%2bSkDZgAACIkGgjdNZrtHOALgj5s3vZkDiURxDQzucVxbzf/p1XCG9qfCStUazMWbp9KlGkpIgHyigTVJfUVjYwht8X77wC3Oa%2btShphq2myn4C7LZp7nfpwGz4bSW0lx42SG2ADn33qu2hh4Mc%2bdJskI4pxGOUnurKnxFH0sxKpCisIIiWylPOgiOqCzH9AGyEaat91glrwzaHfKXXgzMeO88PeEjZ5Rfj0q4dxd4OTv67E8cp%2bXeYhhHerElKMi2LJmt65heTfwLOd7ErVawl9dS77nyMNp1OCow%2bvSysLuvHNCzN9gsUtMgH7a0C78t6cm1NiNsa8Yzk2yZ%2bjPiiNGgilvyv1zSMvAwYrcGjSW/yHY%2bQfn0ijEeo3Qq2tczoq/8/mx3kV50qNla5BWHltaMvwqxxQqk/ZXIJrph9qQsnPcRJcjtvXaSatMPwFoiBYLqTyezcYq6rbvLxbsiEhtE9pQMvMpmu2lzbEdnGYKtMQVjIbBJB7brzFDJ%2bmG2YdLPA9vmsqrmOJM8ZiftWRrDW9alMrml%2bcscmO1vqJuftn3uylvhnAQZP3q40CicqyEcrwSBA29%2bFQGbG/BDIHH0rtUXPsMkwKneJYluVXfMbxUlUxUJhCS79Dd4Jjrk3RX7QWj1WwEz9WlYAwyP0s/PnqPQOVodnwMaHNo%2bV2Xk1/5xi5dcU/Tt2TPJvCvHfS7p4i3%2bKlwTgn2llRMFkVFbf32BM2oaQPlSL7CPDU27IPGoW1xYSYa7ZdNjqvBGak1UNNee%2bStggI%3d
"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?";
"client_id={CLIENT_ID_HERE}"
+"&response_type=token"
+"&redirect_uri=http%3A%2F%2Flocalhost%3A8100"
+"&scope=offline_access openid contacts.read contacts.read.shared user.read"
+"&response_mode=fragment"
+"&prompt=none";
这样我得到一个CORB错误(我在控制台中看到),但是在网络选项卡中,它显示的状态码为200。不知何故,请求方法显示为OPTIONS(即使我发出了GET请求)。我不确定为什么会这样。
我不确定自己在做什么错,但是有人知道我如何获得有效的访问令牌吗?
Access to XMLHttpRequest at 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=XXXXX
&response_type=token&redirect_uri=http%3A%2F%2Flocalhost%3A8100&scope=offline_access%20openid%20contacts.read
%20contacts.read.shared%20user.read&response_mode=fragment&prompt=none' from origin 'http://localhost:8100' has been
blocked by CORS policy: Response to preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested resource.
Cross-Origin Read Blocking (CORB) blocked cross-origin response
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=XXXX&response_type=token&redirect_uri=
http%3A%2F%2Flocalhost%3A8100&scope=offline_access%20openid%20contacts.read%20contacts.read.shared%20user.read
&response_mode=fragment&prompt=none with MIME type text/html. See
https://www.chromestatus.com/feature/5629709824032768 for more details.
答案 0 :(得分:0)
您没有指定用于获取Outlook联系人的API,所以我假设它是这样的Graph API:
https://docs.microsoft.com/en-us/graph/api/user-list-contacts?view=graph-rest-1.0&tabs=http
如果是这样,那么为了获得有效的令牌,您需要将tenantID替换为“ common”
以下是对我有用的示例:
"https://login.microsoftonline.com/{TENANT_ID_HERE}/oauth2/v2.0/authorize?"
+"client_id={CLIENT_ID_HERE}"
+"&response_type=code"
+"&redirect_uri=http%3A%2F%2Flocalhost%3A8100%2F"
+"&scope=offline_access openid contacts.read contacts.read.shared user.read"
+"&state={STATE_HERE}
+"&response_mode=query";
https://docs.microsoft.com/en-us/graph/auth-v2-user?context=graph%2Fapi%2F1.0&view=graph-rest-1.0
您从哪里获得“ response_mode =片段”和“ response_type = token”?那甚至看起来都不合法?