分享程序员开发的那些事...
更新时间:2022-11-25 14:33:09
We can see the document shows the graph api(bookingBusinesses) which you want to request requires delegated type permissions and not support application type permission.
因此,我们不能使用"client_credentials"授予流程,您的代码显示您使用"client_credentials"作为授予类型.您可以使用用户名/密码"授予流来获取访问令牌.因此,您请求访问令牌的参数应如下所示:
So we can not use "client_credentials" grant flow, your code shows you use "client_credentials" as the grant type. You can use "username/password" grant flow to get the access token instead. So the param you request for the access token should be like below:
const requestParams = {
client_id: APP_ID,
client_secret: APP_SECRET,
grant_type: "password",
scope: "https://graph.microsoft.com/.default",
username: "your user name/email(like xxxxx@xxx.onmicrosoft.com)",
password: "your password"
};
顺便说一句,我注意到您代码中的"TOKEN_ENDPOINT"是https://login.microsoftonline.com/${process.env.BOOKINGS_TENANT_NAME}.onmicrosoft.com/oauth2/token,并且您在requestParams中同时使用了参数resource和scope.如果我们使用v1端点作为您的代码,则只需使用参数resource.如果使用v2端点(https://login.microsoftonline.com/${process.env.BOOKINGS_TENANT_NAME}.onmicrosoft.com/oauth2/v2.0/token),则需要使用参数scope代替参数resource.我上面提供的代码使用v2,因此我使用了scope参数,您还需要将"TOKEN_ENDPOINT"更改为v2(只需在oauth2/和/token之间添加一个v2.0).
By the way, I noticed the "TOKEN_ENDPOINT" in your code is https://login.microsoftonline.com/${process.env.BOOKINGS_TENANT_NAME}.onmicrosoft.com/oauth2/token and you use both params resource and scope in requestParams. If we use v1 endpoint as your code, we just need to use the param resource. If we use v2 endpoint(https://login.microsoftonline.com/${process.env.BOOKINGS_TENANT_NAME}.onmicrosoft.com/oauth2/v2.0/token), we need to use use the param scope instead of the param resource. The code I provided above use v2, so I use scope param and you also need to change the "TOKEN_ENDPOINT" to v2(just add a v2.0 between the oauth2/ and /token).
如果您不想将"TOKEN_ENDPOINT"更改为v2,只需使用以下参数即可:
If you don't want to change the "TOKEN_ENDPOINT" to v2, just use the params like below:
const requestParams = {
client_id: APP_ID,
client_secret: APP_SECRET,
grant_type: "password",
resource: "https://graph.microsoft.com",
username: "your user name/email(like xxxxx@xxx.onmicrosoft.com)",
password: "your password"
};
希望有帮助〜