msgraph-sdk-go sample code for getting user drive fails

php editor Xigua introduced: When using the msgraph-sdk-go sample code to obtain the user drive, you may encounter failures. This may be due to network connection issues, insufficient API permissions, or coding errors. To solve this problem, we can try to check the network connection, ensure that the API permissions are set correctly, and check whether the code logic is correct. If the problem persists, we can check the official documentation or ask the community for help to find more solutions.

Question content

msgraph-sdk-go The sample code to get the user drive fails with the following 401 error. It expects the request body to contain client_secret, although there is no place in the sample code to create the request body.

The sample code does successfully authenticate the identity of my registered application through the web browser.

What is needed to use msgraph-sdk-go?

This is the failure code:

result, err := client.me().drive().get(context.background(), nil)
if err != nil {
    fmt.printf("error getting the drive: %v\n", err)
    printodataerror(err)
}
fmt.printf("found drive : %v\n", *result.getid())

The error is as follows:

Error getting the drive: DeviceCodeCredential authentication failed
POST https://login.microsoftonline.com/efa4b4f3-5e38-4866-9206-79c604d86e7c/oauth2/v2.0/token
--------------------------------------------------------------------------------
RESPONSE 401 Unauthorized
--------------------------------------------------------------------------------
{
  "error": "invalid_client",
  "error_description": "AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.\r\nTrace ID: b6f28bb4-6bed-4dfe-a275-c0343fb91e01\r\nCorrelation ID: c06d2257-b3ab-4df3-ba58-ab271cf97508\r\nTimestamp: 2023-02-14 14:18:22Z",
  "error_codes": [
    7000218
  ],
  "timestamp": "2023-02-14 14:18:22Z",
  "trace_id": "b6f28bb4-6bed-4dfe-a275-c0343fb91e01",
  "correlation_id": "c06d2257-b3ab-4df3-ba58-ab271cf97508",
  "error_uri": "https://login.microsoftonline.com/error?code=7000218"
}

Edit: Adding more details to baywet's answer

I have created the client and device code credentials as baywet shows but I have added the tennantid field.

In point 5, I selected mobile/desktop app, but the redirect uri is http://localhost. My options for redirect uri are different than his.

Point 6 is the key to making it work. Once I enabled the following mobile and desktop flows selecting <code>yes for my app started working.

I also have these api permissions.

Workaround

Suppose you set up a client with device code credentials and receive an error message with code similar to this

cred, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
    ClientID: "CLIENT_ID",
    UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
        fmt.Println(message.Message)
        return nil
    },
})

client := msgraphsdk.NewGraphServiceClientWithCredentials(cred, []string{"User.Read"})

Registered applications need to be properly configured to allow the device shutdown process. to this end:

1. Go to azure portal
2. Navigate to the application registration (azure active directory, then application registration).
3. Find your application registration in the list.
4. Click on the Authentication tab
5. Make sure to select mobile and desktop app platforms and check the https://login.microsoftonline.com/common/oauth2/nativeclient url.
6. Set "Enable the following mobile and desktop processes" to "Yes".
7. Click "Save".

A few screenshots to guide you through.

The above is the detailed content of msgraph-sdk-go sample code for getting user drive fails. For more information, please follow other related articles on the PHP Chinese website!