OneDrive代码流公共客户端无法发送客户端密钥

本文介绍了OneDrive代码流公共客户端无法发送客户端密钥-Node.js的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

嘿，我想创建对我的onedrive帐户的访问权限，以便从家用PC窗口通过node.js上传文件.

hey guys I want to create access to my onedrive account to upload file via node.js from my home pc windows.

我在 apps.dev.microsoft 上创建了一个应用 另外，我还在此处创建了一个客户端密码，并添加了一个Web平台，并将重定向URL从本地主机更改为 login.live/oauth20_desktop.srf

I created a app at apps.dev.microsoft Also I created a client secret there and added a web platform and changed the redirect url from localhost to login.live/oauth20_desktop.srf

然后我在浏览器中使用了此链接 登录. live/oauth20_authorize.srf?client_id=ab82982b-4dxxxxxxxxxxxxxxxxx&scope=files.readwrite.all&response_type=code

Then I used this link in my browser login.live/oauth20_authorize.srf?client_id=ab82982b-4dxxxxxxxxxxxxxxxxx&scope=files.readwrite.all&response_type=code

我的浏览器中的网址更改为 login. live/oauth20_desktop.srf?code=M494a5b9fxxxxxxxxxxxxxxxxxxxxxxx&lc=1031

The Url from my browser changed to login.live/oauth20_desktop.srf?code=M494a5b9fxxxxxxxxxxxxxxxxxxxxxxx&lc=1031

然后我像他们在 dev.onedrive /auth/graph_oauth.htm

与

request({ uri: "login.microsoftonline/common/oauth2/v2.0/token?" + "&client_id=ab82982b-4dbe-4c6b-a1fe-2d60d01709fd&" + "client_secret=TkYZhYyuEiSoqhCxbh4Dqh3" + "&code=M494a5b9f-5577-3454-a78c-cef649a512c0" + "&grant_type=authorization_code", method: "POST", headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }, function(error, response, body) { console.log('body: ', body); });

但是输出是

body: {"error":"invalid_request","error_description":"AADSTS90014: The request body must contain the following parameter: 'grant_type'.\r\nTrace ID: de2c2dxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\r\nCorrelation ID: de2f8b83xxxxxxxxxxxxxxxxxxxxxxxxx\r\nTimestamp: 2017-07-31 13:40:52Z","error_codes":[90014] ,"timestamp":"2017-07-31 13:40:52Z","trace_id":"de2c2da2xxxxxxxxxxxxxxxxxxx","correlation_id":"de2f8b8xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"}

请帮助我努力解决这个API令牌问题.

Please help I struggle so hard with this API token stuff ..

我也更改了下面评论中的编辑

EDIT from the comment below I changed too

request.post({url:'login.microsoftonline/common/oauth2/v2.0/token', form: { redirect_uri: 'login.live/oauth20_desktop.srf', client_id: 'abf3247c-d56a-xxxxxxxxxxxxxxxxxxxxx', client_secret: '3o6xxxxxxxxxxxxxxxxxxxxxxxxxxxx', code: 'M8aad1bcf-xxxxxxxxxxxxxxxxxxxxxxxxxx', grant_type: 'authorization_code' } }, function(err,httpResponse,body){ /* ... */ console.log('err: ' + err) console.log('body: ' + body) })

但是现在我收到了"error":"invalid_request"，"error_description":"AADSTS90023:公共客户端无法发送客户端密码.

But now I get "error":"invalid_request","error_description":"AADSTS90023: Public clients can't send a client secret.

我在Google上搜索了此内容，并阅读到我无法通过桌面应用程序提出客户秘密请求.但是我在 apps.dev.microsoft

I google this and read that I cant make client secret request with desktop apllications. But I created a web application at apps.dev.microsoft

我也从请求中删除了客户端机密，但我收到了重定向URL错误的错误消息.请给我发送工作代码示例，我已经为此困扰了好几天..

Also I delete the client secret from the request I get error that the redirect url is wrong. Please send me working code examples I struggle with this now for several days ..

这太难了aaaaaaaaaaaaaaaaaaaaaaaaaahhhhhhhhhhhhh:D请帮助

This is so difficult aaaaaaaaaaaaaaaaaaaaaaahhhhhhhhhhhhh :D Please help

推荐答案

您的问题是否已经打开?看来您想检索访问令牌并刷新令牌.如果我误解了您的问题，很抱歉.

Have your this question been opened yet? It seems that you want to retrieve access token and refresh token. If I misunderstand your question, I'm sorry.

我认为您修改后的用于检索访问令牌的脚本没有错.请再次确认授权流程.

I think that your modified script for retrieving access token is not wrong. Please confirm the authorization flow again.

在apps.dev.microsoft/

添加应用

输入应用程序名称.在这种情况下，请勿使用引导设置

创建应用程序密码.

平台是网络.在这种情况下，重定向URL为localhost

从login.microsoftonline/common/oauth2/v2.0/authorize?client_id=### Application ID ###&scope=offline_access%20files.readwrite.all&response_type=code&redirect_uri=localhost检索代码

• 请将上述URL导入您的浏览器，然后从重定向的URL中检索代码.
• 在这里，为了上传文件，它在作用域中包括files.readwrite.all.
可以通过将offline_access包括到范围中来获取
• 刷新令牌.
• Add application at apps.dev.microsoft/
• Input Application Name. In this case, don't use Guided Setup
• Create Application secret.
• Platform is web. In this case, redirect URL is localhost
• Retrieve code from login.microsoftonline/common/oauth2/v2.0/authorize?client_id=### Application ID ###&scope=offline_access%20files.readwrite.all&response_type=code&redirect_uri=localhost
  • Please inport above URL to your browser, and retrive the code from redirected URL.
  • Here, in order to upload files, it includes files.readwrite.all in the scope.
  • Refresh token can be retrieved by including offline_access to the scope.

  脚本:

  request.post({ url:'login.microsoftonline/common/oauth2/v2.0/token', form: { redirect_uri: 'localhost', client_id: 'abf3247c-d56a-xxxxxxxxxxxxxxxxxxxxx', client_secret: '3o6xxxxxxxxxxxxxxxxxxxxxxxxxxxx', code: 'M8aad1bcf-xxxxxxxxxxxxxxxxxxxxxxxxxx', grant_type: 'authorization_code' } }, function(err,httpResponse,body){ console.log('body: ' + body) });

  响应:

  您可以检索以下回复.

  Response :

  You can retrieve following response.

  { "token_type": "Bearer", "scope": "Files.ReadWrite.All", "expires_in": 3600, "ext_expi res_in": 0, "access_token": "#####", "refresh_token": "#####" }

  如果这不是您的解决方案，对不起.

  If this is not a solution for you, I'm sorry.

  request.post({ url:'login.microsoftonline/common/oauth2/v2.0/token', form: { redirect_uri: 'localhost', client_id: 'abf3247c-d56a-xxxxxxxxxxxxxxxxxxxxx', client_secret: '3o6xxxxxxxxxxxxxxxxxxxxxxxxxxxx', refresh_token: 'xxxxxxxxxxxxxxxxxxxxxxxxxx', grant_type: 'refresh_token' } }, function(err,httpResponse,body){ console.log('body: ' + body) });