问题
I am using organization Outlook account. My aim is to get List of Calendar Events in the Laravel controller. Steps I followed:
Created simple application in https://aad.portal.azure.com/. I got Application (client) ID, Directory ID, clientSecrets, Object ID/Tenant ID which usable for login and to get further data from Microsoft.
Created controller in the Laravel web.php
Route::get('/graph', 'microsoftapi@getCalendarData');
- Added Microsoft Graph SDK for laravel. https://github.com/microsoftgraph/msgraph-sdk-php
composer require microsoft/microsoft-graph
- My Laravel Controller code is:
<?php
namespace App\Http\Controllers;
use App\User;
use Illuminate\Http\Request;
use Jumbojett\OpenIDConnectClient;
use GuzzleHttp\Client;
use Microsoft\Graph\Graph;
use Microsoft\Graph\Model;
class microsoftapi extends Controller
{
public $accesstoken;
public function __construct()
{
$guzzle = new Client();
$tenantId = 'common';
$url = 'https://login.microsoftonline.com/' . $tenantId . '/oauth2/token?api-version=1.0';
$token = json_decode($guzzle->post($url, [
'form_params' => [
'client_id' => '*******************',///$clientId,
'client_secret' => '*****************', // $clientSecret,
'resource' => 'https://graph.microsoft.com/',
'grant_type' => 'client_credentials',
],
])->getBody()->getContents());
$this->accessToken = $token->access_token;
}
public function getCalendarData(){
$graph = new Graph();
$graph->setBaseUrl("https://graph.microsoft.com/")
->setApiVersion("v1.0")
->setAccessToken($this->accessToken);
dd($graph);
$user = $graph->createRequest("GET","/users/abc@***********.com/calendar/events")
->addHeaders(array("Content-Type" => "application/json"))
->setReturnType(\Microsoft\Graph\Model\User::class)
->setTimeout("1000")
->execute();
echo "Hello, I am $user->getGivenName() ";
}
By dd($graph); current output I am getting as:
Microsoft\Graph\Graph {#221 ▼
-_accessToken: "eyJ0eXAiOiJKV1QiLCJub25jZSI6IjNueHRoZzZrMllaTVZsRTMzUmNHOVhMbG9TekJRcUhVTzRVY2xLanpGV1EiLCJhbGciOiJSUzI1NiIsIng1dCI6IllNRUxIVDBndmIwbXhvU0RvWWZvbWpxZmpZVSIsImtp ▶"
-_apiVersion: "v1.0"
-_baseUrl: "https://graph.microsoft.com/"
-_proxyPort: null
}
So I am getting Access token properly. But but, If I commented dd as // dd($graph); then the getCalendarData not working. My output is:
GuzzleHttp\Exception\ClientException
Client error: `GET https://graph.microsoft.com/v1.0/users/abc@********.com/calendar/events` resulted in a `401 Unauthorized` response: {"error":{"code":"NoPermissionsInAccessToken","message":"The token contains no permissions, or permissions can not be un (truncated...)
Anyone Know what is the problem ?
Kindly let me know details.. Please don't send Microsoft links which I am feeling difficult to understand!!!!!
Please reply me details..
Permission Screen Shot:
回答1:
In your screenshot, it says that admin consent has not been given for the permissions you've set on the app registration (the "Not granted for..." status in the permission list). Because you're using client credentials, the application permissions (not the delegated permissions) are applied. Since admin consent has not been granted, your token has no actual permissions in it.
You need a tenant admin to go to your app registration and grant admin consent.
回答2:
I feel it is about the Admin Permissions which needs to provided the app to access the API data Please refer this link - https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent
回答3:
You have to give permissions Calendars.Read and Calendars.ReadWrite in both your application in azure dashboard and your api call code.
Reference link: https://docs.microsoft.com/en-us/graph/permissions-reference and https://docs.microsoft.com/en-us/graph/api/calendar-list-events?view=graph-rest-1.0&tabs=http
来源:https://stackoverflow.com/questions/60880089/microsoft-graph-api-in-laravel-controller