问题描述
将承载令牌发送到One Note API时遇到问题.
I got a problem with sending bearer token to the One Note API.
String returnUri = "https://login.live.com/oauth20_token.srf";
HttpClient client = HttpClientBuilder.create().build();
HttpPost tokenRequest = new HttpPost(returnUri);
tokenRequest.setHeader(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded");
tokenRequest.setEntity(new UrlEncodedFormEntity(Connection.getParametersForURLBody(), Consts.UTF_8));
tokenRequest.addHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0");
HttpResponse tokenResponse = client.execute(tokenRequest);
HttpGet getTopFiveNotebooks = new HttpGet("https://www.onenote.com/api/v1.0/me/notes/notebooks?top=5");
getTopFiveNotebooks.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + Connection.getValueByKey("access_token", Connection.getTokenInJson(tokenResponse)));
我得到了Bearer Token
,而HttpGet-Request
的标头看起来像这样,如果我在调试模式下看的话:
I got the Bearer Token
and the header of the HttpGet-Request
looks like this, if I look at it in debug-mode:
但是当我尝试执行get时,API给了我一个401 Unauthorized
错误.
But when I try to perform the get, the API gives me a 401 Unauthorized
Error.
我的范围是scope=wl.basic+onedrive.readwrite
,因此令牌应具有所需的所有权限.
My Scope is scope=wl.basic+onedrive.readwrite
, so the token should have all permissions it needs.
更新:如果我登录 https://apigee .com/onenote/embed/console/onenote/和我的Microsoft帐户,然后将访问令牌从此处复制到这段代码中:
Update: If I login into https://apigee.com/onenote/embed/console/onenote/ with my microsoft-account and copy the access-token from there into this piece of code:
getTopFiveNotebooks.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + acces-key-from-the apigee-console)
它执行获取并给我Status 200
而不是401
.
it performs the get and give me Status 200
back instead of 401
.
那么我的权限范围错了吗?
So is my permission scope wrong?
我的范围是错误的.
推荐答案
是的,您没有正确的范围.
Yes, you don't have the right scopes.
https://msdn.microsoft.com/en-us/library/office/dn807159.aspx
您至少需要"office.onenote"才能获取用户的笔记本.
You need at least "office.onenote" to be able to get the user's notebooks.
顺便说一句,如果您查看401响应的正文,则会看到缺少哪些作用域.
Btw, if you look at the body of the 401 response, you'll see which scopes are missing.
这篇关于一则说明Api拒绝了Bearer令牌,错误401的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!