解析 OData 选择和展开失败:术语“customAttribute1”、“customAttribute2”在 $select 或 $expand 表达式中无效

问题描述 投票:0回答:1

我们只想使用 Python 检索个性化(自定义)用户属性。

到目前为止,成功获取令牌,但未能向图表发出请求。

#code de chatgpt
import msal

# Replace with your Azure AD B2C configuration
tenant_id = 'your-tenant-id'
client_id = 'your-client-id'
client_secret = 'your-client-secret'
authority = f'https://login.microsoftonline.com/{tenant_id}'

# Replace with the custom attributes you want to retrieve
custom_attributes = ['customAttribute1', 'customAttribute2']

# Create a confidential client application
app = msal.ConfidentialClientApplication(
    client_id=client_id,
    client_credential=client_secret,
    authority=authority
)

# Acquire a token
result = app.acquire_token_for_client(scopes=['https://{your-tenant-name}.onmicrosoft.com/{policy-name}/read'])
access_token = result['access_token']

# Make a request to retrieve user attributes
import requests

user_id = 'user-object-id'  # Replace with the object ID of the user
graph_url = f'https://graph.microsoft.com/v1.0/users/{user_id}?$select={",".join(custom_attributes)}'

response = requests.get(graph_url, headers={'Authorization': f'Bearer {access_token}'})

if response.status_code == 200:
    user_data = response.json()
    print("User attributes:", user_data)
else:
    print("Error:", response.status_code, response.text)


Error: 400 {"error":{"code":"BadRequest","message":"Parsing OData Select and Expand failed: Term 'customAttribute1', 'customAttribute2' is not valid in a $select or $expand expression.","innerError":{"date":"2023-08-31T16:41:31","request-id":"c82856a0-e6f8-9939-d7e11e47ddea","client-request-id":"c82856a0-e6f8-9939-d7e11e47ddea"}}}
python azure-ad-msal aad-b2c azure-app-registration msal
1个回答
0
投票

请注意,当您使用错误图表时发生错误 用于获取自定义用户属性的端点。

我在我的 Azure AD B2C 租户中创建了一些 custom 用户属性,如下所示:

enter image description here

我在 Graph Explorer 中运行了以下查询,并成功获得了 custom 用户属性作为响应:

GET https://graph.microsoft.com/v1.0/identity/userFlowAttributes?$filter=userFlowAttributeType eq 'custom'

回复:

enter image description here

为了从 Python 获得相同的结果,我注册了一个应用程序并分配了 

IdentityUserFlow.Read.All
权限,如下所示:

enter image description here

当我通过更改图形请求运行下面的modified代码时,我得到了custom用户属性作为响应:

import msal

# Replace with your Azure AD B2C configuration
tenant_id = 'tenantID'
client_id = 'appID'
client_secret = 'secret'
authority = f'https://login.microsoftonline.com/{tenant_id}'

# Create a confidential client application
app = msal.ConfidentialClientApplication(
    client_id=client_id,
    client_credential=client_secret,
    authority=authority
)

# Acquire a token
result = app.acquire_token_for_client(scopes=['https://graph.microsoft.com/.default'])
access_token = result['access_token']

# Make a request to retrieve custom user attributes
import requests

graph_url = f"https://graph.microsoft.com/v1.0/identity/userFlowAttributes?$filter=userFlowAttributeType eq 'custom'"

response = requests.get(graph_url, headers={'Authorization': f'Bearer {access_token}'})

if response.status_code == 200:
    result = response.json()
    print(result)
else:
    print("Error:", response.status_code, response.text)

回复:

enter image description here

参考: 列出 IdentityUserFlowAttributes - Microsoft Graph

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.