我需要使用Microsoft Graph为用户创建订阅。
我在AUR Active Directory中拥有所有权利:
user.read.all。
我的订阅方法:
def create_subscription_to_users(self):
t = datetime.utcnow() + timedelta(minutes=settings.MAX_TIME_DELTA_IN_MINUTES)
payload = {
"changeType": "updated",
"notificationUrl": "{0}/webhooks/azure".format(settings.AZURE_WEBHOOKS_CALLBACK_BASE_URL),
"resource": "users",
"expirationDateTime": t.strftime("%Y-%m-%dT%H:%M:%S.%fZ")
}
response = self.graph_client.post(url='{0}/subscriptions'.format(settings.GRAPH_URL), json=payload).json()
self.add_log(url='{0}/subscriptions'.format(settings.GRAPH_URL),
method='POST', payload=payload, response=response)
return response
我的验证类:
class AzureHook(View):
def post(self, request):
url = request.get_full_path()
parsed_url = parse_qs(urlsplit(url).query)
validation = dict(parsed_url).get('validationToken')[0]
return HttpResponse(validation.encode('utf-8'), content_type='text/plain')
,但我仍然会收到创建订阅的响应:
{"error": {"innerError": {"date": "2019-07-03T11:29:39", "request-id": "5e7f1fc3-8ef4-4511-b661-35bf7d146cc3"}, "message": "Operation: Create; Exception: [Status Code: Unauthorized; Reason: ]", "code": "ExtensionError"}}
有人可以帮我吗?
,以便摆脱此错误,添加了应用程序中的以下范围。user.read.all& offline_access,user.readwrite.All,group.ReadWrite.All,group.Read.All,Directory.ReadWrite.All,directory.accessasuser.all,OpenID。
要获得授权代码,请在浏览器中尝试此URL。https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=& response_type = code = code = code = recretect_uri = http://localhost:4200/api/api/aperback/authback/authack/azuread&amp& amp; amp; que quere&quecor = queery = queery =scope =用户。
首先使用Postman尝试此请求,我正在附加卷曲请求以供您参考。
curl -x Post https://graph.microsoft.com/v1.0/subscriptions -h'授权:持有人' -h'content-type:application/json' -d' { "更改":"更新", " notificationurl":" https://5690e074.ngrok.io", "资源":"组", " ExpirationDateTime":" 2019-07-13T10:19:03.170Z", "客户端":" SecretClientValue"}'