我能够访问用户的accessToken,并且正在使用Authorization:Bearer< token>来调用GET https://graph.microsoft.com/v1.0/me.头.
但是,在响应正文中,我得到的是这样的:
{
"@odata.context": "https://graph.microsoft.com/v1.0/$Metadata#users","value": [
{
"givenName": "Foo","surname": "Bar","displayName": "Foo Bar","id": "b41efha115adcca29","userPrincipalName": "email.address@outlook.com","businessPhones": [],"jobTitle": null,"mail": null,"mobilePhone": null,"officeLocation": null,"preferredLanguage": null
}
]
}
mail属性为null,此响应正文中的userPrincipalName恰好是用户的电子邮件地址.但是,这是来自微软的docs:
Although the UPN and email share the same format,the value of the UPN for a user might or might not be the same as the email address of the user.
在启动用户的登录请求时,我们正在请求“user.read”和“email”范围.我们使用MSAL.js库来获取访问令牌,我们的代码读取如下内容:
login (): ng.IPromise<IMicrosoftOAuthResponse> {
const prom = this.userAgentApplication.loginPopup(["user.read","email"])
.then((idToken) => {
return this.userAgentApplication.acquireTokenSilent(["user.read","email"]);
})
.then((accessToken) => {
// at this point,we have the accessToken and make a call to the graph api
});
return this.$q.when(prom);
}
