我正在尝试运行Microsoft graph API来生成令牌。这在邮递员中工作正常,但在SoapUI中失败。我认为客户机密包含导致问题的特殊字符。
客户密码:
osi5oX-:?0A3YiG4aCpZ.Y[+PW51pZVY
API URL(POST):
https://login.microsoftonline.com/{tenantID}/oauth2/v2.0/token
Body:
client_id=xxxxx&client_secret=osi5oX-:?0A3YiG4aCpZ.Y[+PW51pZVY&grant_type=client_credentials&scope=https://graph.microsoft.com/.default
错误:
{"error":"invalid_client","error_description":"AADSTS7000215: Invalid client secret is provided.\r\nTrace ID: 32b5bf83-f908-4b4e-9fe6-5b05fd949e00\r\nCorrelation ID: b9b7ce92-f5d1-41d1-8d92-eed8a6a5470b\r\nTimestamp: 2020-05-07 17:27:08Z","error_codes":[7000215],"timestamp":"2020-05-07 17:27:08Z","trace_id":"32b5bf83-f908-4b4e-9fe6-5b05fd949e00","correlation_id":"b9b7ce92-f5d1-41d1-8d92-eed8a6a5470b","error_uri":"https://login.microsoftonline.com/error?code=7000215"}
在编码后使用机密,它可以工作。
import java.net.URLEncoder;
String url = "osi5oX-:?0A3YiG4aCpZ.Y[+PW51pZVY"
String encodedUrl = URLEncoder.encode(url, "UTF-8" );
println(encodedUrl)
这里的错误明确表明客户端密码不正确。请在Azure AD App Registration门户中重新生成您的密钥,然后在代码中使用它来解决问题。