#java #authentication #oauth #microsoft-graph-api
#java #аутентификация #oauth #microsoft-graph-api
Вопрос:
Я пытаюсь использовать аутентификацию по имени пользователя / паролю для запроса файлов Microsoft Graph (в сочетании с учетной записью AD, созданной для этой цели, поскольку мы хотим ограничить доступ только к определенным каталогам в SharePoint). Я написал некоторый код, используя Graph SDK .Net Core (работает нормально), который я переношу на Java для другого приложения, и я не могу заставить его аутентифицироваться. Я вставил код Java, который я пытаюсь запустить, его эквивалент .Net Core и, наконец, весь вывод журнала на уровне отладки из запуска кода Java.
Я получил код Java как можно ближе, но я не видел эквивалента .WithUsernamePassword(email, password) метода (вероятно, поскольку Java SDK передает имя пользователя и пароль непосредственно конструктору UsernamePasswordProvider ).
Я использую версии 0.2.0 библиотеки аутентификации и v2.2.0 основного SDK. Я поднял это как проблему с библиотекой msgraph-sdk-java-auth, поскольку кажется вероятным, что это может быть ошибка в SDK, но мне также интересно, чтобы кто-нибудь еще посмотрел на мой Java-код и дал мне знать, если я делаю что-то не так, что более вероятно.
Java-код, создающий исключение
@Test
public void authError() {
final String userAccountEmail = //
final String userAccountPassword = //
final String siteID = //
final String driveID = //
final String clientID = //
final String filePath = //
final IAuthenticationProvider authProvider = new UsernamePasswordProvider(clientID, Arrays.asList(), userAccountEmail, userAccountPassword);
final IGraphServiceClient graphClient = GraphServiceClient.builder()
.authenticationProvider(authProvider)
.buildClient();
graphClient.getLogger().setLoggingLevel(LoggerLevel.DEBUG);
graphClient
.sites(siteID)
.drives(driveID).root()
.itemWithPath(filePath)
.buildRequest()
.get();
}
Рабочий код на C # (.Net Core, без исключений, результат соответствует ожидаемому)
[Fact]
public void authError()
{
var userAccountEmail = //
var userAccountPassword = //
var siteID = //
var driveID = //
var tenant = //
var clientID = //
var filePath = //
var securePassword = new NetworkCredential("", userAccountPassword).SecurePassword;
var publicClientApplication = PublicClientApplicationBuilder
.Create(clientID)
.WithTenantId(tenant)
.Build();
var graphClient = new GraphServiceClient(new UsernamePasswordProvider(publicClientApplication));
graphClient
.Sites[siteID]
.Drives[driveID].Root
.ItemWithPath(filePath)
.Request()
.WithUsernamePassword(userAccountEmail, securePassword)
.GetAsync().GetAwaiter().GetResult();
}
Полный вывод журнала на уровне отладки Java
Sep 23, 2020 6:13:53 PM com.microsoft.graph.logger.DefaultLogger setLoggingLevel
INFO: Setting logging level to DEBUG
OAuthProblemException{error='unsupported_response_type', description='Invalid response! Response body is not application/json encoded', uri='null', state='null', scope='null', redirectUri='null', responseStatus=0, parameters={}}
at org.apache.oltu.oauth2.common.exception.OAuthProblemException.error(OAuthProblemException.java:63)
at org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse.setBody(OAuthJSONAccessTokenResponse.java:76)
at org.apache.oltu.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:92)
at org.apache.oltu.oauth2.client.response.OAuthAccessTokenResponse.init(OAuthAccessTokenResponse.java:65)
at org.apache.oltu.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:101)
at org.apache.oltu.oauth2.client.response.OAuthAccessTokenResponse.init(OAuthAccessTokenResponse.java:60)
at org.apache.oltu.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:120)
at org.apache.oltu.oauth2.client.response.OAuthClientResponseFactory.createCustomResponse(OAuthClientResponseFactory.java:82)
at org.apache.oltu.oauth2.client.URLConnectionClient.execute(URLConnectionClient.java:111)
at org.apache.oltu.oauth2.client.OAuthClient.accessToken(OAuthClient.java:65)
at org.apache.oltu.oauth2.client.OAuthClient.accessToken(OAuthClient.java:55)
at org.apache.oltu.oauth2.client.OAuthClient.accessToken(OAuthClient.java:71)
at com.microsoft.graph.auth.publicClient.UsernamePasswordProvider.getAccessTokenNewRequest(UsernamePasswordProvider.java:98)
at com.microsoft.graph.auth.publicClient.UsernamePasswordProvider.getAccessToken(UsernamePasswordProvider.java:71)
at com.microsoft.graph.auth.publicClient.UsernamePasswordProvider.authenticateRequest(UsernamePasswordProvider.java:62)
at com.microsoft.graph.http.CoreHttpProvider.sendRequestInternal(CoreHttpProvider.java:382)
at com.microsoft.graph.http.CoreHttpProvider.send(CoreHttpProvider.java:207)
at com.microsoft.graph.http.CoreHttpProvider.send(CoreHttpProvider.java:187)
at com.microsoft.graph.http.BaseRequest.send(BaseRequest.java:345)
at com.microsoft.graph.requests.extensions.DriveItemRequest.get(DriveItemRequest.java:84)
at com.orion.FileAccess.graph.GraphConnectionTest.authError(GraphConnectionTest.java:73)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:69)
at com.intellij.rt.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:33)
at com.intellij.rt.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:220)
at com.intellij.rt.junit.JUnitStarter.main(JUnitStarter.java:53)
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logDebug
INFO: Starting to send request, URL https://graph.microsoft.com/v1.0/sites/<site ID>/drives/<drive ID>/root:/OneDriveConnector.Tests:
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logDebug
INFO: Request Method GET
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logDebug
INFO: Response code 401, Unauthorized
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logDebug
INFO: Handling error response
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logDebug
INFO: Deserializing type GraphErrorResponse
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207Graph service exception Error code: InvalidAuthenticationToken
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207Error message: CompactToken parsing failed with error code: 80049217
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207GET https://graph.microsoft.com/v1.0/sites/<site ID>/drives/<drive ID>/root:/OneDriveConnector.Tests:
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207SdkVersion : graph-java/v2.2.0
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207Authorization : [PII_REDACTED]
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207401 : Unauthorized
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207Cache-Control : private
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207client-request-id : d73219c9-d26e-4972-9598-2a0ca6b6b8df
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207Content-Length : 333
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207Content-Type : application/json
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207Date : Wed, 23 Sep 2020 22:13:54 GMT
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207request-id : 61be66ec-05e4-408f-9aa5-dec61829cea6
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207Strict-Transport-Security : max-age=31536000
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207WWW-Authenticate : Bearer realm="", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize", client_id="00000003-0000-0000-c000-000000000000"
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"North Central US","Slice":"SliceC","Ring":"2","ScaleUnit":"000","RoleInstance":"AGSFE_IN_10"}}
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207{
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207 "error": {
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207 "code": "InvalidAuthenticationToken",
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207 "message": "CompactToken parsing failed with error code: 80049217",
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207 "innerError": {
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207 "date": "2020-09-23T22:13:54",
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207 "request-id": "61be66ec-05e4-408f-9aa5-dec61829cea6",
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207 "client-request-id": "d73219c9-d26e-4972-9598-2a0ca6b6b8df"
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207 }
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207 }
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: CoreHttpProvider[send] - 207}
Sep 23, 2020 6:13:54 PM com.microsoft.graph.logger.DefaultLogger logError
SEVERE: Throwable detail: com.microsoft.graph.http.GraphServiceException: Error code: InvalidAuthenticationToken
Error message: CompactToken parsing failed with error code: 80049217
GET https://graph.microsoft.com/v1.0/sites/<site ID>/drives/<drive ID>/root:/OneDriveConnector.Tests:
SdkVersion : graph-java/v2.2.0
Authorization : [PII_REDACTED]
401 : Unauthorized
Cache-Control : private
client-request-id : d73219c9-d26e-4972-9598-2a0ca6b6b8df
Content-Length : 333
Content-Type : application/json
Date : Wed, 23 Sep 2020 22:13:54 GMT
request-id : 61be66ec-05e4-408f-9aa5-dec61829cea6
Strict-Transport-Security : max-age=31536000
WWW-Authenticate : Bearer realm="", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize", client_id="00000003-0000-0000-c000-000000000000"
x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"North Central US","Slice":"SliceC","Ring":"2","ScaleUnit":"000","RoleInstance":"AGSFE_IN_10"}}
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "CompactToken parsing failed with error code: 80049217",
"innerError": {
"date": "2020-09-23T22:13:54",
"request-id": "61be66ec-05e4-408f-9aa5-dec61829cea6",
"client-request-id": "d73219c9-d26e-4972-9598-2a0ca6b6b8df"
}
}
}
com.microsoft.graph.http.GraphServiceException: Error code: InvalidAuthenticationToken
Error message: CompactToken parsing failed with error code: 80049217
GET https://graph.microsoft.com/v1.0/sites/<site ID>/drives/<drive ID>/root:/OneDriveConnector.Tests:
SdkVersion : graph-java/v2.2.0
Authorization : [PII_REDACTED]
401 : Unauthorized
Cache-Control : private
client-request-id : d73219c9-d26e-4972-9598-2a0ca6b6b8df
Content-Length : 333
Content-Type : application/json
Date : Wed, 23 Sep 2020 22:13:54 GMT
request-id : 61be66ec-05e4-408f-9aa5-dec61829cea6
Strict-Transport-Security : max-age=31536000
WWW-Authenticate : Bearer realm="", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize", client_id="00000003-0000-0000-c000-000000000000"
x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"North Central US","Slice":"SliceC","Ring":"2","ScaleUnit":"000","RoleInstance":"AGSFE_IN_10"}}
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "CompactToken parsing failed with error code: 80049217",
"innerError": {
"date": "2020-09-23T22:13:54",
"request-id": "61be66ec-05e4-408f-9aa5-dec61829cea6",
"client-request-id": "d73219c9-d26e-4972-9598-2a0ca6b6b8df"
}
}
}
at com.microsoft.graph.http.GraphServiceException.createFromConnection(GraphServiceException.java:501)
at com.microsoft.graph.http.CoreHttpProvider.handleErrorResponse(CoreHttpProvider.java:490)
at com.microsoft.graph.http.CoreHttpProvider.sendRequestInternal(CoreHttpProvider.java:410)
at com.microsoft.graph.http.CoreHttpProvider.send(CoreHttpProvider.java:207)
at com.microsoft.graph.http.CoreHttpProvider.send(CoreHttpProvider.java:187)
at com.microsoft.graph.http.BaseRequest.send(BaseRequest.java:345)
at com.microsoft.graph.requests.extensions.DriveItemRequest.get(DriveItemRequest.java:84)
at com.orion.FileAccess.graph.GraphConnectionTest.authError(GraphConnectionTest.java:73)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:69)
at com.intellij.rt.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:33)
at com.intellij.rt.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:220)
at com.intellij.rt.junit.JUnitStarter.main(JUnitStarter.java:53)
Process finished with exit code 255
Ответ №1:
Оказалось, что это отсутствующая зависимость, отвечающая за декодирование ответов JSON. NoClassDefFound Ошибка не распространялась. Основная ошибка заключалась в том, что не были указаны области видимости, которые возникли, как только я добавил org.json JAR в свой путь к классу. Я использовал область видимости https://graph.microsoft.com/.default .