一则说明Api拒绝了Bearer令牌

一则说明Api拒绝了Bearer令牌

本文介绍了一则说明Api拒绝了Bearer令牌,错误401的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

将承载令牌发送到One Note API时遇到问题.

I got a problem with sending bearer token to the One Note API.

String returnUri = "https://login.live.com/oauth20_token.srf";
HttpClient client = HttpClientBuilder.create().build();
HttpPost tokenRequest = new HttpPost(returnUri);
tokenRequest.setHeader(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded");
tokenRequest.setEntity(new UrlEncodedFormEntity(Connection.getParametersForURLBody(), Consts.UTF_8));
tokenRequest.addHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0");
HttpResponse tokenResponse = client.execute(tokenRequest);
HttpGet getTopFiveNotebooks = new HttpGet("https://www.onenote.com/api/v1.0/me/notes/notebooks?top=5");

getTopFiveNotebooks.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + Connection.getValueByKey("access_token", Connection.getTokenInJson(tokenResponse)));

我得到了Bearer Token,而HttpGet-Request的标头看起来像这样,如果我在调试模式下看的话:

I got the Bearer Token and the header of the HttpGet-Request looks like this, if I look at it in debug-mode:

但是当我尝试执行get时,API给了我一个401 Unauthorized错误.

But when I try to perform the get, the API gives me a 401 Unauthorized Error.

我的范围是scope=wl.basic+onedrive.readwrite,因此令牌应具有所需的所有权限.

My Scope is scope=wl.basic+onedrive.readwrite, so the token should have all permissions it needs.

更新:如果我登录 https://apigee .com/onenote/embed/console/onenote/和我的Microsoft帐户,然后将访问令牌从此处复制到这段代码中:

Update: If I login into https://apigee.com/onenote/embed/console/onenote/ with my microsoft-account and copy the access-token from there into this piece of code:

getTopFiveNotebooks.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + acces-key-from-the apigee-console)

它执行获取并给我Status 200而不是401.

it performs the get and give me Status 200 back instead of 401.

那么我的权限范围错了吗?

So is my permission scope wrong?

我的范围是错误的.

推荐答案

是的,您没有正确的范围.

Yes, you don't have the right scopes.

https://msdn.microsoft.com/en-us/library/office/dn807159.aspx

您至少需要"office.onenote"才能获取用户的笔记本.

You need at least "office.onenote" to be able to get the user's notebooks.

顺便说一句,如果您查看401响应的正文,则会看到缺少哪些作用域.

Btw, if you look at the body of the 401 response, you'll see which scopes are missing.

这篇关于一则说明Api拒绝了Bearer令牌,错误401的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-28 07:57