我使用 Perl LWP 来获取有关组的一些信息:所有者和成员。奇怪的是,列出所有者工作没有任何问题,获取用户给我返回代码 200 但内容为空......没有用户。虽然我知道该团体确实有成员。
我使用的网址是这样的:
https://graph.microsoft.com/v1.0/groups/
此刻有点不知所措。你能帮忙吗?
彼得
根据要求一些代码片段
我正在迭代我获取的组列表并创建一个组对象来调查该组:
my $group_object = MsGroup->new(
'app_id' => $config{'APP_ID'},
'app_secret' => $config{'APP_PASS'},
'tenant_id' => $config{'TENANT_ID'},
'login_endpoint'=> $config{'LOGIN_ENDPOINT'},
'graph_endpoint'=> $config{'GRAPH_ENDPOINT'},
'select' => '$select=id,displayName,userPrincipalName',
'id' => $group->{'id'},
);
该对象是使用我在循环中获得的组 ID 创建的。进一步调用需要访问令牌。 接下来我调用一个方法来获取成员
my $members = $group_object->fetch_members();
fetch_members 是对象的一个方法
sub fetch_members { # {{{1
my $self = shift; # get a reference to the object itself
my @members; # an array to hold the result
$self->_set_consistencylevel('eventual'); # setting consistencylevel (did this for debugging)
# compose an URL
my $url = $self->_get_graph_endpoint . "/v1.0/groups/".$self->_get_id."/members/?";
# add a filter if needed (not doing any filtering though)
if ($self->_get_filter){
$url .= $self->_get_filter."&";
}
# add a selectif needed, have in fact a select => see object creation
if ($self->_get_select){
$url .= $self->_get_select;
}
$url .= '&$count=true'; # adding $count just to be sure
#say "Fetching $url";
do_fetch($self,$url, \@members); # actual fetch is done in do_fetch()
print Dumper \@members; # dump the result for debugging
return \@members; # return a reference to the resul
}# }}}
do_fetch 是一个执行图形请求的递归函数。 它是为了处理结果列表而创建的,例如用户或组列表
sub do_fetch { # {{{1
my $self = shift; # get a reference to the object
my $url = shift; # get the URL from the function call
my $found = shift; # get the array reference which holds the result
my $result = $self->callAPI($url, 'GET'); # do_getch calls callAPI to do the HTTP request
# debug problemen met members
say "\n\n\nZoeken naar: $url";
print Dumper $result; # Dump the complete result
# end debug
# Process if rc = 200
if ($result->is_success){
my $reply = decode_json($result->decoded_content);
while (my ($i, $el) = each @{$$reply{'value'}}) {
push @{$found}, $el;
}
# do a recursive call if @odata.nextlink is there
if ($$reply{'@odata.nextLink'}){
do_fetch($self,$$reply{'@odata.nextLink'}, $found);
}
#print Dumper $$reply{'value'};
}else{
# Error handling
print Dumper $result;
die $result->status_line;
}
} # }}}
实际的HTTP请求是通过callAPI方法完成的
sub callAPI { # {{{1
my $self = shift; # Get a refence to the object itself
my $url = shift; # Get the URL from the function call
my $verb = shift; # Get the method form the function call
my $ua = LWP::UserAgent->new( # Create a LWP useragnent (beyond my scope, its a CPAN module)
'send_te' => '0', # not really sure what this does
);
# Create the header
my @header = [
'Accept' => '*/*',
'Authorization' => "Bearer ".$self->_get_access_token,
'User-Agent' => 'curl/7.55.1',
'Content-Type' => 'application/json',
'Consistencylevel' => $self->_get_consistencylevel
];
# Create the request
my $r = HTTP::Request->new(
$verb => $url,
@header,
);
# Let the useragent make the request
my $result = $ua->request($r);
# return a reference to the result
return $result;
} # }}}
这就是所有代码。可以共享请求 access_token 的对象构建/初始化,但这只是有效的。
希望你能从我的 Perl 中得到一些东西:D 试图让它尽可能清楚。
顺便说一句:MS Graph 模块的完整代码位于我的 github 上:https://github.com/peter-kaagman/msgraph-perl 我使用它的项目也是如此:https://github.com/peter-kaagman/EduTeams,这是非常多的工作正在进行中。但一切不都是这样吗:D
最小的可复制样本?好吧...这里什么也没有
#! /usr/bin/bash
token=`curl \
-d grant_type=client_credentials \
-d client_id=<some_id> \
-d client_secret=<some_secret> \
-d scope=https://graph.microsoft.com/.default \
-d resource=https://graph.microsoft.com \
https://login.microsoftonline.com/<some_tenant>/oauth2/token \
| jq -j .access_token`
curl -X GET \
-H "Authorization: Bearer $token" \
-H "Content-Type: application/json" \
https://graph.microsoft.com/v1.0/groups/<some_group_id>/members \
| jq .
我可以用这个curl示例提出各种请求,但是当我询问一个组的成员(我知道其中有成员)时,我得到一个空结果。
好吧...结果我需要的不仅仅是group.read.all和user.read.all。添加了一些额外的权限,一切都按预期进行。