我想将Outlook联系人放入我的ionic/angular Web应用程序中。我正在尝试使用隐式流获取 Microsoft API 的访问令牌,以便访问用户的联系人。到目前为止,我已经尝试了以下方法:
- 使用此 URL 从重定向获取 URL 参数中的访问令牌(用户登录后(
"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?"
+"client_id={CLIENT_ID_HERE}"
+"&response_type=token"
+"&redirect_uri=http%3A%2F%2Flocalhost%3A8100%2F"
+"&scope=offline_access openid contacts.read contacts.read.shared user.read"
+"&nonce=89289"//tried both with and without this
+"&response_mode=fragment";
我在重定向 url 中获得了一个访问令牌,但它实际上无效,例如:
EwBoA8l6BAAUO9chh8cJscQLmU%2bLSWpbnr0vmwwAASwN7zn/GFDP4wdOkrbA8xsurg0RceNlSsJiBj8uqZkK2E%2bmWTXjrj89FuiSlBcKqAe6dyuEbTOn8YBu3xApWaBKZjuP5lJZnAnWZX80Il7VtWMh2UuK/s4qxOZRYcgJEhwe8iTrPOGofm5Z3oU2o1MzGpSa6qaR1AleeKF9q0hZoV99BKLfRUOueK7LRwpnF4mGjLjTevNCUDGIo1N38FPH5bFPhSfAOVDSV%2bw7ZZO6NAS5Vo6HdgbPWC3Eml9Ix4twyzpgf7e4Q0l3oi%2b23iPtTvyNV16cEtt9jehdZ1TjSLdMj92Yc7e18Y%2bwV1SGav1qZ2Lyd/e3xNDmZz1P%2bSkDZgAACIkGgjdNZrtHOALgj5s3vZkDiURxDQzucVxbzf/p1XCG9qfCStUazMWbp9KlGkpIgHyigTVJfUVjYwht8X77wC3Oa%2btShphq2myn4C7LZp7nfpwGz4bSW0lx42SG2ADn33qu2hh4Mc%2bdJskI4pxGOUnurKnxFH0sxKpCisIIiWylPOgiOqCzH9AGyEaat91glrwzaHfKXXgzMeO88PeEjZ5Rfj0q4dxd4OTv67E8cp%2bXeYhhHerElKMi2LJmt65heTfwLOd7ErVawl9dS77nyMNp1OCow%2bvSysLuvHNCzN9gsUtMgH7a0C78t6cm1NiNsa8Yzk2yZ%2bjPiiNGgilvyv1zSMvAwYrcGjSW/yHY%2bQfn0ijEeo3Qq2tczoq/8/mx3kV50qNla5BWHltaMvwqxxQqk/ZXIJrph9qQsnPcRJcjtvXaSatMPwFoiBYLqTyezcYq6rbvLxbsiEhtE9pQMvMpmu2lzbEdnGYKtMQVjIbBJB7brzFDJ%2bmG2YdLPA9vmsqrmOJM8ZiftWRrDW9alMrml%2bcscmO1vqJuftn3uylvhnAQZP3q40CicqyEcrwSBA29%2bFQGbG/BDIHH0rtUXPsMkwKneJYluVXfMbxUlUxUJhCS79Dd4Jjrk3RX7QWj1WwEz9WlYAwyP0s/PnqPQOVodnwMaHNo%2bV2Xk1/5xi5dcU/Tt2TPJvCvHfS7p4i3%2bKlwTgn2llRMFkVFbf32BM2oaQPlSL7CPDU27IPGoW1xYSYa7ZdNjqvBGak1UNNee%2bStggI%3d
- 与上面类似,但我从中得到了id_token(所以response_type=id_token(。然后我使用此 url 的 GET 请求静默请求访问令牌:
"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?";
"client_id={CLIENT_ID_HERE}"
+"&response_type=token"
+"&redirect_uri=http%3A%2F%2Flocalhost%3A8100"
+"&scope=offline_access openid contacts.read contacts.read.shared user.read"
+"&response_mode=fragment"
+"&prompt=none";
有了它,我收到一个 CORB 错误(我在控制台中看到(,但在网络选项卡中,它显示状态代码为 200。不知何故,请求方法显示为选项(即使我发出了 GET 请求(。我不确定这是为什么。
我不确定我做错了什么,但有谁知道如何获得有效的访问令牌?
Access to XMLHttpRequest at 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=XXXXX
&response_type=token&redirect_uri=http%3A%2F%2Flocalhost%3A8100&scope=offline_access%20openid%20contacts.read
%20contacts.read.shared%20user.read&response_mode=fragment&prompt=none' from origin 'http://localhost:8100' has been
blocked by CORS policy: Response to preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested resource.
Cross-Origin Read Blocking (CORB) blocked cross-origin response
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=XXXX&response_type=token&redirect_uri=
http%3A%2F%2Flocalhost%3A8100&scope=offline_access%20openid%20contacts.read%20contacts.read.shared%20user.read
&response_mode=fragment&prompt=none with MIME type text/html. See
https://www.chromestatus.com/feature/5629709824032768 for more details.
您没有指定用于获取 Outlook 联系人的 API,所以我假设它是像这样的图形 API:
https://learn.microsoft.com/en-us/graph/api/user-list-contacts?view=graph-rest-1.0&tabs=http
如果是这样,那么要获得有效的令牌,您需要将"common"替换为您的租户 ID
以下是对我有用的示例:
"https://login.microsoftonline.com/{TENANT_ID_HERE}/oauth2/v2.0/authorize?"
+"client_id={CLIENT_ID_HERE}"
+"&response_type=code"
+"&redirect_uri=http%3A%2F%2Flocalhost%3A8100%2F"
+"&scope=offline_access openid contacts.read contacts.read.shared user.read"
+"&state={STATE_HERE}
+"&response_mode=query";
https://learn.microsoft.com/en-us/graph/auth-v2-user?context=graph%2Fapi%2F1.0&view=graph-rest-1.0
你从哪里得到"response_mode=片段"和"response_type=令牌"? 这看起来甚至无效?