我正在请求带有刷新令牌的访问令牌,我想尝试处理过期的令牌。
我无法撤销我的测试帐户的刷新令牌来尝试解决这个问题。
我试过给一个无效的刷新令牌biut,它给出了错误
{"error":"invalid_grant","error_description":"AADSTS9002313: Invalid request. Request is malformed or invalid.rnTrace ID: ecf9fec9-b75c-4b4c-9c74-70273e6d1b00rnCorrelation ID: 44946f49-bb25-450d-86d3-121d3f279f21rnTimestamp: 2019-07-24 16:15:20Z","error_codes":[9002313],"timestamp":"2019-07-24 16:15:20Z","trace_id":"ecf9fec9-b75c-4b4c-9c74-70273e6d1b00","correlation_id":"44946f49-bb25-450d-86d3-121d3f279f21"}
显然,它正在将其检测为附加到过期令牌的有效刷新令牌
我们最近更新了文档,以帮助获取访问令牌。
为确保您拥有最新的,请查看以下步骤 https://learn.microsoft.com/en-us/graph/sdks/sdk-installation#install-the-microsoft-graph-java-sdk
启动客户端 https://learn.microsoft.com/en-us/graph/sdks/create-client?tabs=Java
喜欢这个
ClientCredentialProvider authProvider = new ClientCredentialProvider(CLIENT_ID, SCOPES, CLIENT_SECRET, TENANT_GUID, NATIONAL_CLOUD);
IGraphServiceClient graphClient = GraphServiceClient
.builder()
.authenticationProvider(authProvider)
.buildClient();
您需要在此处决定需要哪个提供商https://learn.microsoft.com/en-us/graph/sdks/choose-authentication-providers?tabs=Java#authorization-code-provider
可能是这个
AuthorizationCodeProvider authProvider = new AuthorizationCodeProvider(
clientId,
scopes,
authorizationCode,
redirectUri,
clientSecret);
通常最佳做法是处理错误类。例如,对过期刷新令牌的常见响应是要求用户交互,然后用户再次进行身份验证。我们的 MSAL 库将引发用户交互所需的异常,然后你的应用将调用以交互方式获取所需的令牌。
Microsoft 标识在此处提供了有关刷新令牌的文档https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#refresh-the-access-token
以及此处的错误代码列表https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#error-codes-for-token-endpoint-errors