Graph API get token

Welcome Forums General PowerShell Q&A Graph API get token

Viewing 0 reply threads
  • Author
    Posts
    • #255263
      Participant
      Topics: 4
      Replies: 7
      Points: 27
      Rank: Member

      I am trying to get a Graph API token on behalf of the user. I am following this document https://docs.microsoft.com/en-us/graph/auth-v2-user and everything works well until step 3 Get a Token. Here is the code I am using:

      Add-Type -AssemblyName System.Web 

      $clientIDEncoded = [System.Web.HttpUtility]::UrlEncode($clientid) 

      $redirectUriEncoded = [System.Web.HttpUtility]::UrlEncode(“https://login.live.com/oauth20_desktop.srf”) 

      $scopeEncoded = [System.Web.HttpUtility]::UrlEncode(“https://graph.microsoft.com/.default”) 

      Function Get-AuthCode { 

          Add-Type -AssemblyName System.Windows.Forms 

          $form = New-Object -TypeName System.Windows.Forms.Form -Property @{Width = 440; Height = 640 } 

          $web = New-Object -TypeName System.Windows.Forms.WebBrowser -Property @{Width = 420; Height = 600; Url = ($url -f ($Scope)) } 

          $DocComp = { 

              $Global:uri = $web.Url.AbsoluteUri 

              if ($Global:uri -match “error=[^&]*|code=[^&]*”) { $form.Close() } 

          } 

          $web.ScriptErrorsSuppressed = $true 

          $web.Add_DocumentCompleted($DocComp) 

          $form.Controls.Add($web) 

          $form.Add_Shown( { $form.Activate() }) 

          $form.ShowDialog() | Out-Null $queryOutput = [System.Web.HttpUtility]::ParseQueryString($web.Url.Query) 

          $output = @{} 

          

          foreach ($key in $queryOutput.Keys) { 

              $output[“$key”] = $queryOutput[$key] 

          } 

              

          $output 

      # Get AuthCode 

      $url = “https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&redirect_uri=$redirectUriEncoded&client_id=$clientID&scope=$scopeEncoded” 

      $authcode = (Get-AuthCode).values 

      Write-output “Received an authCode, $authCode” 

      $body = “grant_type=authorization_code&redirect_uri=$redirectUri&client_id=$clientId&code=$authCode&scope=$scopeEncoded” 

      $tokenResponse = Invoke-RestMethod https://login.microsoftonline.com/common/oauth2/token   -Method Post -ContentType "application/x-www-form-urlencoded"  -Body $body 

      </span></code>I get the authcode something like that </pre> 

      <pre class=”lang-bsh prettyprint prettyprinted”><code><span class=”typ”>Name</span> <span class=”typ”>Value</span> 

      <span class=”pun”>—-</span> 

      <span class=”pun”>—–</span><span class=”pln”> code M</span><span class=”pun”>.</span><span class=”pln”>R3_BAY</span><span class=”pun”>.</span><span class=”pln”>f659093f</span>

      <span class=”pun”>-</span><span class=”lit”>3327</span><span class=”pun”>-</span><span class=”pln”>c99b</span><span class=”pun”>-</span>

      <span class=”pln”>e219</span><span class=”pun”>-</span><span class=”lit”>9b3c7f82fd95</span><span class=”pln”> lc </span>

      <span class=”lit”>1051</span> </code></pre> <pre class=”lang-bsh prettyprint prettyprinted”> and then when I try to get a token I get this error message 

      </pre> 

      <pre class=”lang-bsh prettyprint prettyprinted”><code><span class=”pln”>$body </span><span class=”pun”>=</span> 

      <span class=”str”>”grant_type=authorization_code&redirect_uri=$redirectUri&client_id=$clientId&code=$authCode&scope=$scopeEncoded”</span><span class=”pln”> $tokenResponse </span>

      <span class=”pun”>=</span> <span class=”typ”>Invoke</span><span class=”pun”>-</span>

      <span class=”typ”>RestMethod</span><span class=”pln”> https</span><span class=”pun”>://</span><span class=”pln”>login</span><span class=”pun”>.</span>

      <span class=”pln”>microsoftonline</span><span class=”pun”>.</span><span class=”pln”>com</span><span class=”pun”>/</span>

      <span class=”pln”>common</span><span class=”pun”>/</span><span class=”pln”>oauth2</span><span class=”pun”>/</span><span class=”pln”>token </span>

      <span class=”str”>  -Method Post -ContentType "application/x-www-form-urlencoded" </span> 

      <span class=”pun”>-</span><span class=”typ”>Body</span><span class=”pln”> $body </span>

      <span class=”str”>` Received an authCode, M.R3_BAY.c622845d-f126-9017-134f-e79f3a24c4d4 1051 * 

      Invoke-RestMethod : { “error”:”invalid_grant”, “error_description”:”AADSTS9002313: Invalid request. Request is malformed or invalid.\r\nTrace ID: 194d7f79-af2e-46e1-b287-c14c364b0200\r\nCorrelation ID: 1348166c-c93c-4cc6-8e57-0c2d32ab2b78\r\nTime stamp: 2020-09-05 23:53:19Z”, “error_codes”:[9002313], “timestamp”:”2020-09-05 23:53:19Z”, “trace_id”:”194d7f79-af2e-46e1-b287-c14c364b0200″, “correlation_id”:”1348166c-c93c-4cc6-8e57-0c2d32ab2b78″, “error_uri”:”https://login.microsoftonline.com/err or?code=9002313″ } At line:47 char:18 + … nResponse = Invoke-RestMethod https://login.microsoftonline.com/commo … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException, Microsoft.PowerShell.Commands.InvokeRestMethodCommand

      • This topic was modified 2 weeks, 4 days ago by grokkit.
      • This topic was modified 2 weeks, 4 days ago by James Petty.
      • This topic was modified 2 weeks, 4 days ago by James Petty.
      • This topic was modified 2 weeks, 4 days ago by James Petty.
      • This topic was modified 2 weeks, 4 days ago by James Petty.
Viewing 0 reply threads
  • You must be logged in to reply to this topic.