Azure AD 密码重置错误 - 调用“https://graph.microsoft.com/v1.0/users/' 返回状态 400 错误请求

tag-icon tag-icon active-directory password
Azure AD 密码重置错误 - 调用“https://graph.microsoft.com/v1.0/users/' 返回状态 400 错误请求

我们的 AD 管理代码在 2018 年中至 2019 年中运行了 12 个多月。突然间,由于我们这边没有更改代码,它就停止工作了,无法重置密码。

最后一行代码返回错误。我想知道 Azure AD 中是否有任何重大更改 - 这些更改仍未记录。有人遇到过类似的问题吗?

Visual Studio 中使用的 URL:https://graph.microsoft.com/v1.0/users/

回复:

StatusCode: 400, ReasonPhrase: 'Bad Request', Version: 1.1, Content: System.Net.Http.HttpConnection+HttpConnectionResponseContent, Headers:
{
  Cache-Control: private
  Transfer-Encoding: chunked
  request-id: 0e480608-1ec5-4286-abb2-ecf7406f6788
  client-request-id: 0e480608-1ec5-4286-abb2-ecf7406f6788
  x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"Australia Southeast","Slice":"SliceC","Ring":"5","ScaleUnit":"001","RoleInstance":"AGSFE_IN_0","ADSiteName":"ASE"}}
  Duration: 159.8111
  Strict-Transport-Security: max-age=31536000
  Date: Tue, 09 Jul 2019 03:45:57 GMT
  Content-Type: application/json
}}

Code:
var authHeader = await getAuthenticationHeader();
if (string.IsNullOrEmpty(authHeader))
{
  logger.LogInformation("Auth header is null, reset password failed");
  return false;
}

_logger.LogInformation("Getting user by user principal");
var exists = await GetUserByUserPrincipal(user.Email);
if (exists == null)
{
  _logger.LogInformation("User returned as null");
  return false;
}

var graphUrl = Uri.EscapeUriString(string.Format("https://graph.microsoft.com/{0}/users/{1}", _configuration.ApiVersion, exists.userPrincipalName)).Replace("#", "%23");

// make sure that this isn't here
exists.passwordProfile = new MSGraphAPIPasswordProfile
            {
                forceChangePasswordNextSignIn = false,
                password = user.Password
            };

var body = new StringContent(JsonConvert.SerializeObject(exists, new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore }), Encoding.UTF8, "application/json");

var client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization", authHeader);

// because this is a patch call we need to build the request object differently
HttpRequestMessage request = new HttpRequestMessage
            {
                Method = new HttpMethod("PATCH"),
                RequestUri = new Uri(graphUrl),
                Content = body,
            };

_logger.LogInformation("Resetting user password");

// the response returns Status 400 error.

var response = await client.SendAsync(request);

答案1

要获取当前登录用户的 URL,URL 为https://graph.microsoft.com/v1.0/me,可能已经不再需要传递用户 ID。

答案2

今天 Azure AD 修复了这个问题。有人告诉我,在 URL 中使用“users?filter={username}”查询字符串是一种替代方法。

相关内容