1
我在我的SharePoint站點上有一個列表以及一個用於從中獲取列表的API網址。使用Azure Active Directory對bot進行身份驗證,以訪問共享點API
我創建了一個基於我創建的bot的azure目錄應用程序,爲它提供了sharepoint權限和授權。
在我的機器人中,我使用adal-node來獲取使用clientId/clientSecret的令牌。響應返回看起來像
{
tokenType: 'Bearer',
expiresIn: 3599,
expiresOn: Tue Sep 06 2016 17:26:19 GMT+0000 (Coordinated Universal Time),
resource: 'spn:00000002-0000-0000-c000-000000000000',
accessToken: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJS....d0fWNHCxdWjyRnrUBV-jks47XRzmeO...9IP-6DXknubwj6ui2v...e9LCgs_ZUZiMXmg',
isMRRT: true,
_clientId: '<clientID>',
_authority: 'https://login.microsoftonline.com/<AppID>/oauth2/authorize/<tenantName>'
}
我傳送令牌到頭部像這樣
var options =
{
method: 'GET',
url: "https://uccentric-my.sharepoint.com/personal/mysite/test/_api/lists/GetByTitle('SharepointLearningPlan')/items",
headers:
{
'cache-control': 'no-cache',
Authorization: token.tokenType + ' ' + token.accessToken,
Cookie: 'odbn=1; WSS_FullScreenMode=false; rtFa=Fo9oO7...A==; FedAuth=77u...',
'accept-language': 'en-US,en;q=0.8',
'accept-encoding': 'gzip, deflate, sdch, br',
referer: '<botsite>/api/messages',
dnt: '1',
'content-type': 'application/json;odata=verbose',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36',
'x-requestdigest': '0x095398543A736B2AA0E6E5A8102640AF2944EB8352B192F6FFB3948047013C0E0B60767014D4775C358FED7B14075BDBAADC5A96F59875D8FC56E455BF1FAE67,01 Sep 2016 21:19:32 -0000',
accept: 'application/json;odata=nometadata'
}
};
然後我主動要求從我的SharePoint站點獲取列表,並得到一個錯誤:
ID4183: The Security Token failed Audience restriction validation.