azure active directory - Resource <Random Guid> does not exist or one of its queried reference-property objects are not present -


i'm trying basic call microsft graph.

https://graph.microsoft.com/v1.0/me/

i've done through c# sdk , directly using rest , on both calls, i'm getting following error

message = "resource 'f9d58168-4b3e-4948-9133-6c978d1ab18a' not exist or 1 of queried reference-property objects not present."

full error message returned in error response content stream

{   "error": {     "code": "request_resourcenotfound",     "message": "resource 'f9d58168-4b3e-4948-9133-6c978d1ab18a' not exist or 1 of queried reference-property objects not present.",     "innererror": {       "request-id": "80af6aec-5052-49ab-890c-273fea5c65ba",       "date": "2017-07-31t06:08:37"     }   } }

the guid can different.

when through graph explorer works ok.

this code i'm using credentials app

private clientcredential getcredentials() {   return new clientcredential(_azureadoptions.clientid, _azureadoptions.clientsecret); }  private authenticationcontext getcontext(string userobjectid) {   return new authenticationcontext($"{_azureadoptions.aadinstance}{_azureadoptions.tenant}", gettokencache(userobjectid)); }  private distributedtokencache gettokencache(string userobjectid) {   return new distributedtokencache(userobjectid, _azureadoptions.clientid, _distributedcache, _loggerfactory); }  public async task<authenticationresult> gettoken(string userobjectid, string resourceid)         {             authenticationresult result;              var authcontext = getcontext(userobjectid);             var credential = getcredentials();              try             {                 result = await authcontext.acquiretokensilentasync(resourceid, credential, new useridentifier(userobjectid, useridentifiertype.uniqueid));             }             catch (adalsilenttokenacquisitionexception astae)             {                 result = await authcontext.acquiretokenasync(resourceid, credential);             }              return result;         }

i've debugged through code , it's authenticating , acquiring token ok.

have copied , pasted request url app graph explorer , works.

have setup permissions through azure , same ones setup graph explorer.

this configuration i'm using in startup setup openid 

var openidconnectoptions = new openidconnectoptions             {                 clientid = azureadoptions.clientid,                 scope =                 {                     "openid",                     "email",                     "profile",                     "offline_access",                     "user.read",                     "user_impersonation"                 },                 authority = $"{azureadoptions.aadinstance}{azureadoptions.tenant}",                 signinscheme = cookieauthenticationdefaults.authenticationscheme,                 authenticationscheme = openidconnectdefaults.authenticationscheme,                 postlogoutredirecturi = azureadoptions.postlogoutredirecturi,                 responsetype = openidconnectresponsetype.codeidtoken,                 usetokenlifetime = true,                 getclaimsfromuserinfoendpoint = false,                 events = new openidconnectevents                 {                     onredirecttoidentityprovider = onredirecttoidentityprovider,                     onremotefailure = onauthenticationfailed,                     onauthorizationcodereceived = onauthorizationcodereceived,                     onuserinformationreceived = onuserinformationreceived                 }             };

i'm using code in differnt application calls microsoft graph , have not had problems that.

update

i able user id claims principal (http://schemas.microsoft.com/identity/claims/objectidentifier) , used id call "https://graph.microsoft.com/v1.0/users('') same error. guid in error message guid of user claims principal.

so why user id in claims principal not being set correctly?

further update

it looks object identifier set in claims principal different 1 in azure active directory.

hard coding object identifier users endpoint works.

further further update

this seems access token being returned. after decrypting token can see object id of registered application , being used when calling "me" in office graph. shouldn't oid of token being returned of user. app has user.read in active directory.

error being returned acquiretokensilentasync

microsoft.identitymodel.clients.activedirectory.adalsilenttokenacquisitionexception:    @ microsoft.identitymodel.clients.activedirectory.acquiretokensilenthandler.sendtokenrequestasync (microsoft.identitymodel.clients.activedirectory, version=3.14.1.10, culture=neutral, publickeytoken=31bf3856ad364e35: c:\workspace\azure-activedirectory-library-for-dotnet-v3-master-vs2017\src\adal.pcl\flows\acquiretokensilenthandler.cs: 61)    @ microsoft.identitymodel.clients.activedirectory.acquiretokenhandlerbase+<runasync>d__55.movenext (microsoft.identitymodel.clients.activedirectory, version=3.14.1.10, culture=neutral, publickeytoken=31bf3856ad364e35: c:\workspace\azure-activedirectory-library-for-dotnet-v3-master-vs2017\src\adal.pcl\flows\acquiretokenhandlerbase.cs: 198)    @ system.runtime.exceptionservices.exceptiondispatchinfo.throw (system.private.corelib, version=4.0.0.0, culture=neutral, publickeytoken=7cec85d7bea7798e)    @ system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification (system.private.corelib, version=4.0.0.0, culture=neutral, publickeytoken=7cec85d7bea7798e)    @ microsoft.identitymodel.clients.activedirectory.authenticationcontext+<acquiretokensilentcommonasync>d__55.movenext (microsoft.identitymodel.clients.activedirectory, version=3.14.1.10, culture=neutral, publickeytoken=31bf3856ad364e35: c:\workspace\azure-activedirectory-library-for-dotnet-v3-master-vs2017\src\adal.pcl\authenticationcontext.cs: 618)    @ system.runtime.exceptionservices.exceptiondispatchinfo.throw (system.private.corelib, version=4.0.0.0, culture=neutral, publickeytoken=7cec85d7bea7798e)    @ system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification (system.private.corelib, version=4.0.0.0, culture=neutral, publickeytoken=7cec85d7bea7798e)    @ microsoft.identitymodel.clients.activedirectory.authenticationcontext+<acquiretokensilentasync>d__41.movenext (microsoft.identitymodel.clients.activedirectory, version=3.14.1.10, culture=neutral, publickeytoken=31bf3856ad364e35: c:\workspace\azure-activedirectory-library-for-dotnet-v3-master-vs2017\src\adal.pcl\authenticationcontext.cs: 415)    @ system.runtime.exceptionservices.exceptiondispatchinfo.throw (system.private.corelib, version=4.0.0.0, culture=neutral, publickeytoken=7cec85d7bea7798e)    @ system.runtime.compilerservices.taskawaiter.handlenonsuccessanddebuggernotification (system.private.corelib, version=4.0.0.0, culture=neutral, publickeytoken=7cec85d7bea7798e)    @ system.runtime.compilerservices.taskawaiter`1.getresult (system.private.corelib, version=4.0.0.0, culture=neutral, publickeytoken=7cec85d7bea7798e)    @ insite.security.authenticationservice+<gettoken>d__5.movenext (insite.security, version=1.0.0.0, culture=neutral, publickeytoken=null: c:\users\tobystatham\documents\visual studio 2017\projects\insite\insite.security\authenticationservice.cs: 47)

in graph, /me/ endpoint alias signed in user (based on token). check this, decode jwt , see if there user information associated token. application without user present not able query /me/, , should instead specify user id of user of interest (/users/user id).


Comments

Post a Comment

Popular posts from this blog

Add new key value to json node in java -

i have json file : { "id":1, "name":"abc", "addressdetails": { "city":"newyork" } } i wanted add 1 more key-value ("pincode" : "414141") node 'addressdetails'. i tried using : objectmapper mapper = new objectmapper(); jsonnode root = mapper.readtree(new file("d://test.json")); objectnode node = mapper.createobjectnode(); node.with("addressdetails").put("pincode", "414141"); but it's not getting added, there way can ? you can try you should modify file path objectmapper mapper = new objectmapper(); objectnode nodes = mapper.readvalue(new file("d:\\test.txt"), objectnode.class); nodes.with("addressdetails").put("pincode", "414141"); mapper.writer().writevalue(new file("d:\\test.txt"), nodes);
Read more

php - Vagrant up error - Uncaught Reflection Exception: Class DOMDocument does not exist -

i've set bento/ubuntu-16.04 vagrant box using php 5.6, , getting following error quite few times when try , run shell script: "uncaught reflection exception: class domdocument not exist". i've tried adding following top of script (not together), each no success: "sudo apt-get install php5.6-xml", "sudo apt-get install php5-xml", "sudo apt-get install php-dom" i've tried resetting server "sudo service apache2 restart". does have suggestions?
Read more

javascript - Highcharts Synchronized charts with missing data points -

Image
i have 2 charts display time series data trying synchronize crosshair , tool tips. however, charts not have same number of data points. causes crosshair , tooltip become out of sync between 2 graphs. i have enabled connectnulls: true on both , while smoothes lines, not add data points time periods don't exist. is there way configure connectnulls inserts filler points? updated here simple jsfiddle example, value missing day causes crosshairs become out of sync between 2 graphs. to set actual x distance between points, can set xaxis.ordinal false. other solution put null values in empty places. set pointstart , pointinterval properties. api reference: http://api.highcharts.com/highstock/xaxis.ordinal http://api.highcharts.com/highstock/plotoptions.series.pointstart http://api.highcharts.com/highstock/plotoptions.series.pointinterval examples: http://jsfiddle.net/csgbxdaj/ - setting ordinal false http://jsfiddle.net/gjxhbf7w/ - putting nulls i
Read more