1.我可以获得授权码 . 2.我能够兑换令牌的授权码 . 3.我可以通过打开来发现OneDrive for Business资源URI
浏览器中的服务 endpoints 链接,并在另一个选项卡中签名 . 4.向OneDrive API发出请求(即使我已成功完成上述步骤,也会遇到未经授权的异常 .
为访问令牌兑换刷新令牌以调用OneDrive API
edt_OneDrive_AuthCode := '';
edt_OneDrive_AccessToken := '';
edt_OneDrive_RefreshToken := '';
edt_OneDrive_ClientID:='*************************************';
edt_AzureTenant_ID:='****************************' ;
//edt_OneDrive_RedirectURI:= 'https://login.live.com/oauth20_desktop.srf'; // ??
edt_OneDrive_RedirectURI:= 'https://login.microsoftonline.com/';
edt_OneDrive_Resource:='https://api.office.com/discovery/';
LURL := 'https://login.microsoftonline.com/common/oauth2/authorize';
LURL := LURL + '?response_type=' + URIEncode('code');
LURL := LURL + '&client_id=' + URIEncode(edt_OneDrive_ClientID);
LURL := LURL + '&redirect_uri=' + URIEncode(edt_OneDrive_RedirectURI);
//LURL := LURL + '&resource=' + URIEncode(edt_OneDrive_Resource);
//https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id={client_id}&redirect_uri={redirect_uri}
///1.Log in and get an authorization code
wv := Tfrm_OAuthWebForm.Create(self);
try
wv.OnTitleChanged := self.OAuth2_OneDrive_BrowserTitleChanged;
wv.ShowModalWithURL(LURL);
finally
wv.Release;
end;
//Step 2: Redeem the authorization code for tokens
RESTClient:=TRESTClient.Create(nil);
RESTClient.BaseURL := 'https://login.microsoftonline.com/********-****-****-****-************/oauth2/token';
RESTRequest := TRESTRequest.Create(nil);
RESTRequest.Method := TRESTRequestMethod.rmPOST;
RESTRequest.Client:= RESTClient;
RESTRequest.Params.AddItem('client_id', edt_OneDrive_ClientID, TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Params.AddItem('redirect_uri',edt_OneDrive_RedirectURI , TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Params.AddItem('grant_type', 'authorization_code', TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Params.AddItem('resource', 'https://api.office.com/discovery/', TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Params.AddItem('code', edt_OneDrive_AuthCode, TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Params.AddItem('prompt', 'admin_consent', TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Execute;
OAuth2_OneDrive:=TOAuth2Authenticator.Create(nil);
if RESTRequest.Response.GetSimpleValue('access_token', LToken) then
OAuth2_OneDrive.AccessToken := LToken;
if RESTRequest.Response.GetSimpleValue('refresh_token', LToken) then
OAuth2_OneDrive.RefreshToken := LToken;
//STEP 3:Discover the OneDrive for Business resource URI
//GET https://api.office.com/discovery/v2.0/me/services
//Authorization: Bearer {access_token}
{ RESTRequest.ClearBody;
RESTRequest.Params.Clear;
RESTClient:=TRESTClient.Create(nil);
RESTClient.BaseURL := 'https://api.office.com/discovery/v2.0/me/services';
RESTRequest := TRESTRequest.Create(nil);
RESTRequest.Method := TRESTRequestMethod.rmGET;
RESTRequest.Client:= RESTClient;
RESTRequest.AddAuthParameter('Authorization', 'Bearer ' + OAuth2_OneDrive.AccessToken, TRESTRequestParameterKind.pkHTTPHEADER,[TRESTRequestParameterOption.poDoNotEncode]);
RESTRequest.Execute; }
//Step 4. Redeem refresh token for an access token to call OneDrive API
RESTRequest.ClearBody;
RESTRequest.Params.Clear;
RESTClient:=TRESTClient.Create(nil);
RESTClient.BaseURL := 'https://login.microsoftonline.com/********-****-****-****-************/oauth2/token';
RESTRequest := TRESTRequest.Create(nil);
RESTRequest.Method := TRESTRequestMethod.rmPOST;
RESTRequest.Client:= RESTClient;
RESTRequest.Params.AddItem('client_id', edt_OneDrive_ClientID, TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Params.AddItem('grant_type', 'refresh_token', TRESTRequestParameterKind.pkGETorPOST);
//RESTRequest.Params.AddItem('resource', 'https://api.office.com/discovery/', TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Params.AddItem('resource', 'https://comp14602-my.sharepoint.com/', TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Params.AddItem('refresh_token',OAuth2_OneDrive.RefreshToken , TRESTRequestParameterKind.pkGETorPOST);
RESTRequest.Execute;
OAuth2_OneDrive:=TOAuth2Authenticator.Create(nil);
if RESTRequest.Response.GetSimpleValue('access_token', LToken) then
OAuth2_OneDrive.AccessToken := LToken;
if RESTRequest.Response.GetSimpleValue('refresh_token', LToken) then
OAuth2_OneDrive.RefreshToken := LToken;
//Step 5. Make a request to the OneDrive API
RESTRequest.ClearBody;
RESTRequest.Params.Clear;
RESTClient:=TRESTClient.Create(nil);
RESTClient.BaseURL :='https://{tenant name here}-my.sharepoint.com/_api/v2.0/me/drive';
RESTRequest := TRESTRequest.Create(nil);
RESTRequest.Method := TRESTRequestMethod.rmGET;
RESTRequest.Client := RESTClient;
RESTRequest.AddAuthParameter('Authorization', 'Bearer ' + OAuth2_OneDrive.AccessToken, TRESTRequestParameterKind.pkHTTPHEADER,[TRESTRequestParameterOption.poDoNotEncode]);
RESTRequest.Execute;//Here am getting unauthorized exception