【发布时间】:2017-07-07 00:39:57
【问题描述】:
我正在使用 Graph API 从 Azure AD 导入用户。在我的活动目录中,我正在按照 link 配置应用程序。
在我的代码中,我正在生成一个访问令牌并传递该访问令牌以获取用户列表。
//get token
String secretKey = EncryptionUtils.decryptAES(encodedSecretKey);
secretKey = URLEncoder.encode(secretKey);
String urltoConnect = loginUrlPrefix+tenantId+loginUrlSufix;
String payLoad = "resource=https%3A%2F%2Fmanagement.core.windows.net%2F&client_id="+clientId+"&grant_type=client_credentials&client_secret=" + secretKey;
System.out.println(payLoad);
URL url = new URL(urltoConnect);
URLConnection connection = null;
connection = url.openConnection();
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
connection.setDoOutput(true);
java.io.OutputStreamWriter wr = new java.io.OutputStreamWriter(connection.getOutputStream());
wr.write(payLoad);
wr.flush();
BufferedReader br = new BufferedReader(new InputStreamReader(connection.getInputStream(), "UTF-8"));
String content;
String html = "";
while ((content = br.readLine()) != null) {
if (!content.equals("") && content.length() != 0)
html += content.trim();
}
return html;
//get user list
URL url = new URL(String.format("https://graph.windows.net/%s/users?api-version=2013-04-05", tenant,
accessToken));
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
// Set the appropriate header fields in the request header.
conn.setRequestProperty("api-version", "2013-04-05");
conn.setRequestProperty("Authorization","Bearer "+ accessToken);
conn.setRequestProperty("Accept", "application/json;odata=minimalmetadata");
String goodRespStr = HttpClientHelper.getResponseStringFromConn(conn, true);
int responseCode = conn.getResponseCode();
org.json.JSONObject response = HttpClientHelper.processGoodRespStr(responseCode, goodRespStr);
org.json.JSONArray users;
users = JSONHelper.fetchDirectoryObjectJSONArray(response);
如果我添加多个应用程序,它只适用于少数人会在休息时出现此错误
{ "odata.error": { "code": "Authorization_RequestDenied", “信息”: { "lang": "en", "value": "权限不足,无法完成操作。" } } }
【问题讨论】:
标签: java azure azure-ad-graph-api