Microsoft Graph api无效范围

我的Java项目中使用的是微软Graph的Java库。我的代码如下。

    String clientId = "my client id";
    List<String> scopes = Arrays.asList("https://graph.microsoft.com/calendars.read");
    String clientSecret = "my client secret";
    String tenant = "my tenant id";
    NationalCloud nationalCloud = NationalCloud.Global;

    ClientCredentialProvider authProvider = new ClientCredentialProvider(
            clientId,
            scopes,
            clientSecret,
            tenant,
            nationalCloud);

    IGraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

    Calendar calendar = graphClient.me().calendar()
        .buildRequest()
        .get();

来自portal.azure.com的权限快照 Permissions snapshot from portal.azure.com:

当我运行代码时，得到以下错误信息：

OAuthProblemException{error='invalid_scope', description='AADSTS70011: The provided request must include a 'scope' input parameter. The provided value for the input parameter 'scope' is not valid. The scope https://graph.microsoft.com/calendars.read is not valid.
Trace ID: f5962e73-9665-4967-9aa5-4993a6698f00
Correlation ID: 3fc539c4-f62f-4858-b2f6-cb4e1d6c6a3a
Timestamp: 2020-05-07 11:44:29Z', uri='null', state='null', scope='null', redirectUri='null', responseStatus=0, parameters={}}
    at org.apache.oltu.oauth2.common.exception.OAuthProblemException.error(OAuthProblemException.java:59)
    at org.apache.oltu.oauth2.client.validator.OAuthClientValidator.validateErrorResponse(OAuthClientValidator.java:63)
    at org.apache.oltu.oauth2.client.validator.OAuthClientValidator.validate(OAuthClientValidator.java:48)
    at org.apache.oltu.oauth2.client.response.OAuthClientResponse.validate(OAuthClientResponse.java:64)
    at org.apache.oltu.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:59)
    at org.apache.oltu.oauth2.client.response.OAuthAccessTokenResponse.init(OAuthAccessTokenResponse.java:52)
    at org.apache.oltu.oauth2.client.response.OAuthClientResponseFactory.createCustomResponse(OAuthClientResponseFactory.java:60)
    at org.apache.oltu.oauth2.client.URLConnectionClient.execute(URLConnectionClient.java:111)
    at org.apache.oltu.oauth2.client.OAuthClient.accessToken(OAuthClient.java:65)
    at org.apache.oltu.oauth2.client.OAuthClient.accessToken(OAuthClient.java:55)
    at org.apache.oltu.oauth2.client.OAuthClient.accessToken(OAuthClient.java:71)
    at com.microsoft.graph.auth.confidentialClient.ClientCredentialProvider.getAccessTokenNewRequest(ClientCredentialProvider.java:102)
    at com.microsoft.graph.auth.confidentialClient.ClientCredentialProvider.getAcccessToken(ClientCredentialProvider.java:67)
    at com.microsoft.graph.auth.confidentialClient.ClientCredentialProvider.authenticateRequest(ClientCredentialProvider.java:49)
    at com.microsoft.graph.http.CoreHttpProvider.sendRequestInternal(CoreHttpProvider.java:232)
    at com.microsoft.graph.http.CoreHttpProvider.send(CoreHttpProvider.java:204)
    at com.microsoft.graph.http.CoreHttpProvider.send(CoreHttpProvider.java:184)
    at com.microsoft.graph.http.BaseRequest.send(BaseRequest.java:306)
    at com.microsoft.graph.requests.extensions.CalendarRequest.get(CalendarRequest.java:52)
    at cmm_tests.MSGraph.main(MSGraph.java:55)

我已经安装了以下maven依赖项。

    <dependency>
        <groupId>org.apache.oltu.oauth2</groupId>
        <artifactId>org.apache.oltu.oauth2.client</artifactId>
        <version>1.0.1</version>
    </dependency>
    <dependency>
        <groupId>com.microsoft.graph</groupId>
        <artifactId>microsoft-graph-core</artifactId>
        <version>1.0.0</version>
    </dependency>
    <dependency>
        <groupId>microsoft-graph-auth-jar</groupId>
        <artifactId>microsoft-graph-auth-jar</artifactId>
        <version>0.1.0-SNAPSHOT</version>
    </dependency>
    <dependency>
        <groupId>com.microsoft.graph</groupId>
        <artifactId>microsoft-graph</artifactId>
        <version>1.5.0</version>
    </dependency>

我不得不手动下载microsoft-graph-auth的jar，然后用mvn install:install-file进行安装。

为什么会出现 "无效范围 "的错误？

是不是因为 "委托 "的权限？