获取用户驱动器的msgraph-sdk-go示例代码失败。

huangapple go评论100阅读模式
英文:

msgraph-sdk-go example code for getting user's drive fails

问题

msgraph-sdk-go的示例代码用于获取用户的驱动器,但会出现以下401错误。它期望请求体中包含client_secret,尽管示例代码中没有任何地方创建请求体。

示例代码成功通过Web浏览器对我的注册应用程序进行了身份验证。

要使用msgraph-sdk-go,需要什么条件?

以下是失败的代码:

result, err := client.Me().Drive().Get(context.Background(), nil)
if err != nil {
    fmt.Printf("Error getting the drive: %v\n", err)
    printOdataError(err)
}
fmt.Printf("Found Drive : %v\n", *result.GetId())

以下是错误信息:

Error getting the drive: DeviceCodeCredential authentication failed
POST https://login.microsoftonline.com/efa4b4f3-5e38-4866-9206-79c604d86e7c/oauth2/v2.0/token
--------------------------------------------------------------------------------
RESPONSE 401 Unauthorized
--------------------------------------------------------------------------------
{
  "error": "invalid_client",
  "error_description": "AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.\r\nTrace ID: b6f28bb4-6bed-4dfe-a275-c0343fb91e01\r\nCorrelation ID: c06d2257-b3ab-4df3-ba58-ab271cf97508\r\nTimestamp: 2023-02-14 14:18:22Z",
  "error_codes": [
    7000218
  ],
  "timestamp": "2023-02-14 14:18:22Z",
  "trace_id": "b6f28bb4-6bed-4dfe-a275-c0343fb91e01",
  "correlation_id": "c06d2257-b3ab-4df3-ba58-ab271cf97508",
  "error_uri": "https://login.microsoftonline.com/error?code=7000218"
}

编辑:为baywet的答案添加更多细节

我已经按照baywet所示创建了客户端和设备代码凭据,但我添加了TennantID字段。

在第5点中,我选择了移动/桌面应用程序,但重定向URI为http://localhost。我的重定向URI选项与他的不同。

获取用户驱动器的msgraph-sdk-go示例代码失败。

第6点是使其正常工作的关键。一旦我为Enable the following mobile and desktop flows选择了Yes,我的应用程序就可以工作了。

获取用户驱动器的msgraph-sdk-go示例代码失败。

我还拥有这些API权限。

获取用户驱动器的msgraph-sdk-go示例代码失败。

英文:

The example code for the msgraph-sdk-go to get a user's drive fails with a 401 error below. It expects the request body to contain a client_secret, although there is no place in the example code to create a request body.

The example code does successfully authenticate to my registered application via a web browser.

What is required to use the msgraph-sdk-go?

Here's the code that fails:

result, err := client.Me().Drive().Get(context.Background(), nil)
if err != nil {
    fmt.Printf("Error getting the drive: %v\n", err)
    printOdataError(err)
}
fmt.Printf("Found Drive : %v\n", *result.GetId())

Here's the error:

Error getting the drive: DeviceCodeCredential authentication failed
POST https://login.microsoftonline.com/efa4b4f3-5e38-4866-9206-79c604d86e7c/oauth2/v2.0/token
--------------------------------------------------------------------------------
RESPONSE 401 Unauthorized
--------------------------------------------------------------------------------
{
  "error": "invalid_client",
  "error_description": "AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.\r\nTrace ID: b6f28bb4-6bed-4dfe-a275-c0343fb91e01\r\nCorrelation ID: c06d2257-b3ab-4df3-ba58-ab271cf97508\r\nTimestamp: 2023-02-14 14:18:22Z",
  "error_codes": [
    7000218
  ],
  "timestamp": "2023-02-14 14:18:22Z",
  "trace_id": "b6f28bb4-6bed-4dfe-a275-c0343fb91e01",
  "correlation_id": "c06d2257-b3ab-4df3-ba58-ab271cf97508",
  "error_uri": "https://login.microsoftonline.com/error?code=7000218"
}

Edit: Adding more detail for the answer from baywet

I have the client and device code credentials created as baywet shows but I added the TennantID field.

In point 5 I selected mobile/desktop application but with redirect URI of http://localhost. I have different options for Redirect URIs than he has.

获取用户驱动器的msgraph-sdk-go示例代码失败。

Point 6 was the key to getting it to work. Once I selected Yes for Enable the following mobile and desktop flows my application worked.

获取用户驱动器的msgraph-sdk-go示例代码失败。

I also had these API permissions.

获取用户驱动器的msgraph-sdk-go示例代码失败。

答案1

得分: 1

假设您使用设备代码凭据设置了客户端,并且出现了类似以下代码的错误消息:

cred, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
    ClientID: "CLIENT_ID",
    UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
        fmt.Println(message.Message)
        return nil
    },
})

client := msgraphsdk.NewGraphServiceClientWithCredentials(cred, []string{"User.Read"})

注册的应用程序需要正确配置以允许设备关闭流程。请按照以下步骤进行配置:

  1. 打开 Azure 门户
  2. 导航到应用程序注册(Azure Active Directory,然后选择应用程序注册)。
  3. 在列表中找到您的应用程序注册。
  4. 点击“身份验证”选项卡。
  5. 确保选择了移动和桌面应用程序平台,并选中了 https://login.microsoftonline.com/common/oauth2/nativeclient URL。
  6. 确保“启用以下移动和桌面流”设置为“是”。
  7. 点击“保存”。

以下是一些截图以指导您操作:

获取用户驱动器的msgraph-sdk-go示例代码失败。
获取用户驱动器的msgraph-sdk-go示例代码失败。

英文:

Assuming you setup your client using the device code credentials given the error message you're getting with code similar to this

cred, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
    ClientID: "CLIENT_ID",
    UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
        fmt.Println(message.Message)
        return nil
    },
})

client := msgraphsdk.NewGraphServiceClientWithCredentials(cred, []string{"User.Read"})

The registered application needs to be configured properly to allow for the device close flow.
For that:

  1. Go to the azure portal
  2. Navigate to the application registrations (Azure Active Directory, then Application registrations).
  3. Find your application registration in the list.
  4. Click on the authentication tab
  5. Make sure the mobile and desktop applications platform is select with the https://login.microsoftonline.com/common/oauth2/nativeclient URL checked.
  6. Make sur "Enable the following mobile and desktop flows" is set to "yes".
  7. Click "save".

A couple of screenshots to guide you through.

获取用户驱动器的msgraph-sdk-go示例代码失败。
获取用户驱动器的msgraph-sdk-go示例代码失败。

huangapple
  • 本文由 发表于 2023年2月14日 22:37:41
  • 转载请务必保留本文链接:https://go.coder-hub.com/75449376.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定