我正在尝试通过 JavaScript 与 adal.js 和 jQuery(OAuth 隐式流)集成到 Office365 API,但在尝试为我的用户创建日历事件时遇到问题。我现有的代码在检索电子邮件和日历事件时工作正常,但是当我尝试创建日历事件时,我始终收到“403 - 禁止”响应。
该代码在http://oauth.idippedut.dk/oauth.html上运行并运行。我正在https://outlook.office.com/api/v2.0/me/events访问 Office 365 API 端点。
我在我们的 Office365/Azure 租户 Active Directory 中对应用程序的“委派权限”的配置是这样的:
我们的 Office365/Azure 租户 Active Directory 中应用程序的“应用程序权限”配置如下:
jQuery 请求是这样的:
var event = {
"Subject": "Discuss the Calendar REST API",
"Body": {
"ContentType": "HTML",
"Content": "I think it will meet our requirements!"
},
"Start": {
"DateTime": "2016-01-21T18:00:00",
"TimeZone": "Pacific Standard Time"
},
"End": {
"DateTime": "2016-01-21T19:00:00",
"TimeZone": "Pacific Standard Time"
},
"Attendees": [
{
"EmailAddress": {
"Address": "jesper@lundstocholm.dk",
"Name": "Janet Schorr"
},
"Type": "Required"
}
]
};
// Create calendar events
jQuery.ajax({
type: 'POST',
url: postCalenderEndpoint,
data: JSON.stringify(event),
contentType: "application/json",
headers: {
'Accept': 'application/json',
'Authorization': 'Bearer ' + token,
},
}).done(function (data) {
//alert(JSON.stringify(data));
}).fail(function (err) {
jQuery("#loginMessage").text('Error calling REST endpoint: ' + err.statusText + '\n' + err.responseText);
});
jQuery的配置是这样的:
var resource = 'https://outlook.office.com';
var postCalenderEndpoint = 'https://outlook.office.com/api/v2.0/me/events';
var clientID = '28a707a5-0f11-4d93-8b88-6a918544da14';
var tenantName = '365projectum.onmicrosoft.com';
var authContext = new AuthenticationContext({
instance: 'https://login.microsoftonline.com/',
tenant: tenantName,
clientId: clientID,
postLogoutRedirectUri: window.location.origin,
cacheLocation: 'localStorage'
});
生成的 HTTP 请求是这样的:
Host: outlook.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Authorization: Bearer <my token>
Referer: http://oauth.idippedut.dk/oauth.html
Content-Length: 386
Origin: http://oauth.idippedut.dk
Connection: keep-alive
{"Subject":"Discuss the Calendar REST API","Body":{"ContentType":"HTML","Content":"I think it will meet our requirements!"},"Start":{"DateTime":"2016-01-21T18:00:00","TimeZone":"Pacific Standard Time"},"End":{"DateTime":"2016-01-21T19:00:00","TimeZone":"Pacific Standard Time"},"Attendees":[{"EmailAddress":{"Address":"jesper@lundstocholm.dk","Name":"Janet Schorr"},"Type":"Required"}]}
我真的很困惑为什么我会得到 403,因为一切都应该正确设置。
任何帮助将不胜感激 :-)
/杰斯珀