如果我转到https://developer.microsoft.com/en-us/graph/graph-explorer#并使用类似的URL
https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items我可以看到请求成功了。
现在,如果我使用github的angular应用程序https://github.com/AzureAD/microsoft-authentication-library-for-js
以及类似的代码
private sharePointHost: string = "https://4development106.sharepoint.com/sites/DBSchenker/_api/web/lists/getByTitle('OEC_Docs')/items"
getDocuments(token){
const httpOptions = {
headers: new HttpHeaders({
'Accept': 'application/json;odata=verbose'
,'Authorization' : "Bearer " + token
})
};
this.http.get(this.sharePointHost, httpOptions).subscribe(
(resp) => console.log("respon is::: " + JSON.stringify(resp)),
(err) => console.log("error:::" + JSON.stringify(err))
)
}
它抛出:
error:::`{"headers":{"normalizedNames":{},"lazyUpdate":null},"status":401,"statusText":"OK","url":"https://4development106.sharepoint.com/sites/DBSchenker/_api/web/lists/getByTitle('OEC_Docs')/items","ok":false,"name":"HttpErrorResponse","message":"Http failure response for https://4development106.sharepoint.com/sites/DBSchenker/_api/web/lists/getByTitle('OEC_Docs')/items: 401 OK","error":{"error_description":"Invalid JWT token. No certificate thumbprint specified in token header."}}`
将主机更改为(在图形api资源管理器中工作(
private sharePointHost: string = "https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items"
投掷
error:::{"headers":{"normalizedNames":{},"lazyUpdate":null},"status":401,"statusText":"Unauthorized","url":"https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items","ok":false,"name":"HttpErrorResponse","message":"Http failure response for https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items: 401 Unauthorized","error":{"error":{"code":"InvalidAuthenticationToken","message":"Access token validation failure.","innerError":{"request-id":"f5a77afc-0d92-49a0-92c4-e727e056d0a9","date":"2018-10-30T01:42:02"}}}}
不确定我做错了什么
我也遇到了同样的问题。我能找到的唯一解决方案是暂时使用ADAL而不是MSAL。我不太清楚为什么,但SharePoint Online似乎只能像您使用ADAL那样使用它。
起初,我认为这可能是因为MSAL中的"公共"端点,但切换到"仅此组织目录中的帐户(…("也没有解决问题。
你可能还想看看https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/521对于类似的问题(尽管这并没有解决我的问题(。